Risk-Based Annual Planning

May 3 – 14, 2021 CEF Online Learning Campus No Fee
Apr 23, 2021 Auditing

What will you learn

This learning initiative aims to bring together internal audit professionals to take stock of current knowledge and best practices regarding the development and conduct of robust internal audit plans. In particular, the importance of developing and applying a flexible audit plan, which allows for a continuous reassessment of the audit resources against set priorities and risks, will be highlighted. It will consider the common challenges related to determining the priorities of the internal audit, evaluating the effectiveness of organization’s risk management, control and governance processes, while also taking into account public sector internal auditing standards. It will also address the question of how to set up and further improve the existing audit planning methodologies in use and devote time for peer learning of different approaches used for conducting the planning process.

How will you benefit

The course will have an interesting exchange of theory and practice, stressing out the challenges with introductory presentations, group discussions and case study work, guiding participants throughout the Risk – Based Annual Planning process. Sufficient time is integrated for question and answer sessions therefore participants can benefit from practical examples and peer-to-peer professional experience sharing.

By the end of the course, participants will have:

  • Recognized the importance of understanding the organization - its structure and maturity level - as a first step toward Risk-Based Annual Planning
  • Comprehended how to  use the existing risk register or identify, assess, and prioritize risks
  • Described the coordination with other stakeholders, how to estimate resources and propose plan and solicit feedback
  • Illustrated the methods to finalize and communicate the plan
  • Pointed out in what way to assess the risks continuously, update the plan likewise communicate updates

Who should attend

Senior or experienced internal auditors (chief internal auditors, deputies and heads of internal audit departments) who are involved and have experience with procedures pertaining to developing and conducting audit plans in their institutions.


This learning initiative will be delivered under the guidance of:

  • Conchita Galarza and Erik Offeringa, Central Government Audit Service, Ministry of Finance, the Netherlands

Erik and Conchita are both working as operational auditors at the Dutch Central Government Audit Service. They both share a long experience in the audit world performing various types of audits at all ministries of the Dutch government. During their career, they specialized in risk management practices. In this capacity, they are co-founders of the Program Risk Management within the Dutch government. The central focus of this Program was to share good practices concerning risk management in all corners of the Dutch government, through the so-called risk dialogue. They helped building a network of over 200 civil servants, working at various ministries and other governmental agencies.

Currently, they employ group facilitation as a fruitful means to perform risk dialogue in the Dutch government – hence contributing to effective risk management throughout governmental management.

  • Tina Toman Pfajfar, Independent Expert, Slovenia

Tina Toman Pfajfar has 20 years of professional experience. She began her internal audit career at the Ministry of Finance of the Republic of Slovenia where she held a position of the Head of Internal Audit Service. She worked as a CAE at the Slovenian KD Life Insurance Company and at the Coface PKZ insurance company. She was a Deputy Director and Head of the On Site Inspection Section at the Insurance Supervision Agency for 6 years. Her main responsibilities when working as CAE included risk-based internal auditing, providing assurance to the Minister (or Board) about the risk management and internal control system, developing internal audit methodology and others. She has given many lecturers about internal auditing in Slovenian and abroad.

She is the former president of the Internal Audit Committee at the Slovenian Institute of Auditors. She is Qualified Internal Auditor, State Internal Auditor, State Auditor and she holds a Certification in Risk Management Assurance (CRMA) at The Institute of Internal Auditors.


This learning initiative was supported by:

Ministry of Finance, the Netherlands Ministry of Finance Slovenia