Risk Elimination. Risk Management. Risk Mitigation. This is the language of upper management, that we as auditors from any industry must learn, if we truly want to effect positive change throughout our environment.
During this presentation, the various phases of the audit process will be viewed through the lens of ISO 31000 and ISO 14971. Attendees will learn how to define, recognize, and manage risk through their audit program. Case studies will be reviewed, as we discuss how to incorporate risk management thought, language and techniques into our internal audit process. In short, this presentation will show attendees how to transform an audit program from one that is compliance based and backward facing, to one that is risk managing, continuous improvement driving and forward seeking.
We will take definitions, rationale and process structure from ISO 31000 and ISO 14971, then segue way into case studies and practical applications of incorporating risk management into the auditing process. This session IS NOT meant to be a line-by-line analysis of either ISO 31000 or ISO 14971, but rather, the standards are used to provide a logical framework to guide the discussion. The overarching goal of this session is to expand how we think about the audit process – in this case through the incorporation of risk management techniques.
Areas to be Covered:
Defining, identifying and managing risk
Risk assessment and the internal audit program
Integration of risk management into the audit program
Audit program reporting
Who will Benefit:
Audit Program Managers