Course description
- How many projects do you know which have been delivered on time, to budget and fully met the needs of all the parties involved?
- Not many I am sure will be your answer.
- Experience has shown that risks are rarely fully identified prior to a project being approved.
- Not only does this result in unexpected risks arising after the project has commenced, but also the true impact of key risks will often be misunderstood.
- Having an Internal Audit involvement throughout the project life cycle, from the proposal stage to the post implementation review, is a proven way to maximise the opportunity to deliver the project to time, to budget and fully meet the needs of all interested parties.
Do you work at this organisation and want to update this page?
Is there out-of-date information about your organisation or courses published here? Fill out this form to get in touch with us.
Suitability - Who should attend?
- Heads of Audit, Audit managers and senior auditors
- Auditors responsible for undertaking project audits assignments
- Other professionals who need to understand the risks impacting complex projects
- Managers and Directors of business functions – to aid their knowledge of a risk based audit approach to projects.
Training Course Content
Day 1 Understanding Project Risk
Why projects fail
- Is risk an uncertainty or a surprise?
- Something that can go wrong or failure to get things right?
- Risk cultures and the impact on project delivery
- Why projects often fail.
- OGC paper – common causes of project failure
- The need for a formal approach to risk management
- Risk appetite and the implications for projects
- Selling the benefits to top management
- High profile project failures and the lessons to learn
- Exercise 1 Why projects fail
The major project risks
- Business benefit poorly defined
- Scope of the project poorly defined
- Project sponsor not committed to the project
- Difficult to engage business functions or partners
- Lack of project management experience
- Unclear or inconsistent PM processes
- Business requirements unclear or changing all the time
- Technical requirements complex or new
- Complex system interfaces
- Unrealistic timescales
- Man hours required very extensive over short time windows
- Long estimated project duration
- Type of project new to the business
- High dependency on outside parties (consultants, subcontractors)
- Businesses processes require major change
- Unfamiliar project technology
- Heavy customisation of packaged solutions
- The 10m golden rules of project management
- Exercise 2 The key project risks check-list
Project Risk Identification and Evaluation
- Approaches and techniques
- How to establish a risk workshop process
- The need for effective facilitation
- Facilitation skills
- Establishing workshops
- The use of diagnostic questions and thought-provokers
- The pros and cons of using data capture technology
- Other methods of risk identification
- Monte Carlo Simulations
- Bayesian networks
- Scenario planning
- RAMP methodology
- How to identify, sift and group the risks
- Measuring the consequences and the likelihood of occurrence of each risk
- The use of risk matrices to prioritise the risks.
- Exercise 3: Risk and reward
The business perspective
- Different types of project and their implications
- Selection of Professional Services providers
- Financial planning consultants
- Engineering firms
- Design/Construct providers
- Construction managers
- Facilities management
- The growing popularity of turnkey approaches
- Choice of contractor
- Principal contract terms
- Other legal and regulatory requirements
- Financing the project
- Choice of methodology
- Selecting the project manager
- Procurement process
- Exercise 4 The business benefits
Auditing major projects
- IIA new paper – Introduction to project auditing
- Assessing the project life cycle
- The need to assess the risk maturity of the project
- Commitment to risk management
- Reviewing project risk registers
- The questions to ask
- Assessing the project risk appetite
- Reviewing the effectiveness of the risk management process adopted
- Determining which risks should be concentrated on in the audit
- Management evaluation of mitigation controls
- Identification of risk exposures
- Dealing with the exposures (the 4 Ts – terminate, tolerate, treat or transfer)
- Reviewing risk ownership and identifying gaps
- Exercise 5: The audit involvement in the project lifecycle
Day 2 Auditing major projects
Strategic Project Audit Planning
- Determining which projects to audit, to which frequency and to what depth
- Determining the level of assurance required
- Determining the level of assurance that can be provided
- Exercise 6: Determining project audit priorities
Project auditing in practice
- Determining the scope of a RBA assignment
- Whether objectives are being delivered efficiently and effectively
- Whether risks have been identified, evaluated and are being managed
- Whether controls mitigate the risks effectively
- Where risk exposures exist action is being taken to improve controls
- Whether appropriate management oversight is in place
- Exercise 7: Scoping a RBA assignment of a major project
Selecting a Contractor
- The tendering process
- Success criteria
- Use of approved organisations
- Categories of Risk in procurement
- Partnering and Risk
- Contract negotiation
- Contract award
- Exercise 8: Risks in Contractor selection
The project in progress
- Design methodology
- Site environment
- Measurement and valuation methods
- Evaluating the Quantity Surveyor process
- Variations and claims
- Performance management
- Payments
- Liquidated damages
- Performance guarantees
- Sub-contractors
- Contract finalisation
- Exercise 9: Auditing the project during the ‘active’ phase
Cost control and accounting
- The project budget
- Cost control and forecasting
- Cost accounting
- Schedule control
- Dealing with cost over-runs
- Exercise 10: Auditing the project costs
Handover and post audit
- Commissioning risks
- Completion certificates
- Maintenance agreements
- PFI contracts
- Post completion reviews
- Learning from successes and mistakes
- Exercise 11: Completing a post audit of a project
Auditing systems under development
- Why auditing systems under development need not compromise your wider audit role
- The need to audit at key stages – not to be part of the project team
- Ensuring that the processes and policies are complied with
- Determining the points of potential failure
- Ensuring controls are not bypassed – due to time constraints
- Ensuring risks are identified at the start and regularly reviewed
- Ensuring sufficient end user involvement
- Audit stages and the questions to ask
- Exercise 12 – Challenges of systems development audit
Course delivery details
The course will consist of three 1.5 hour sessions each day.
Delivery method – On-line-live (with exercises and role-plays to simulate audit scenarios and situations that new auditors will encounter)
Expenses
Course fee: GBP 450 (US$ 560) which includes comprehensive course materials
Continuing Studies
- PROMOTE the benefits of an audit involvement in all key projects
- APPLY the concepts and practical application of a risk based approach to project audit
- AUDIT major projects with confidence
- HELP identify project warning signs and influence positive action
- IMPLEMENT proven techniques to ensure that more projects meet their agreed objectives
- UNDERSTAND how to identify, mitigate and control project risks effectively
- ENSURE that key controls are not omitted when a project is under pressure