Skip to main content
Image coming soon

The Regional Bank Internal Audit Playbook

$199.00
Adding to cart… The item has been added

A focused course, tailored for you

The Regional Bank Internal Audit Playbook

Build the methodology that closes findings cleanly, satisfies regulatory examiners, and gives your audit committee an accurate picture of control health.

Findings that stay open quarter after quarter. Action plans that technically respond but do not remediate. An audit committee heat map that shows green when you know the control is not working. These are methodology problems, not resourcing problems.

$199 one-time
Tailored to your situation. Access within 24 hours. 30-day money-back.

Includes a hand-built implementation playbook delivered alongside course access, generated for your specific situation.

Why this course

Regional Audit Managers at complex banking groups run programs where the audit universe spans dozens of entities, multiple regulators, and hundreds of controls. The challenge is not finding problems. It is building a methodology rigorous enough that findings close cleanly, evidence meets regulatory standards, and the audit committee can distinguish material risk from noise. Most audit teams at this scale build their methodology on the job, which produces inconsistent evidence standards, findings that reopen, and regulatory examiners who find gaps in audit coverage. This course is the systematic build that most functions never had time to complete.

What you walk away with

  • Build a risk-based audit universe prioritization you can defend to regulators and audit committee.
  • Set jurisdiction-aware evidence standards upfront so findings close on first follow-up rather than reopening.
  • Draft findings in condition, criteria, cause, and effect form that survive business line challenge and second-line review.
  • Govern management action plans with testable milestones and a documented escalation protocol.
  • Prepare your audit work paper archive to support regulatory examination without opening new issues.
  • Present complex findings to audit committee in a format that conveys accurate severity without false reassurance.

The 12 modules

Module 1. Audit Universe Scoping for Multi-Entity Banking Groups
How to segment and prioritize the audit universe across legal entities, product lines, and geographies when resources are limited. Covers the risk-based methodology for deciding which audits run this cycle versus defer, how to document the prioritization rationale for audit committee and regulatory review, and how to handle entities with rapidly changing risk profiles mid-cycle without reopening the annual plan.
Module 2. Jurisdiction-Aware Evidence Standards
ACPR, PRA, FRB, and MAS each hold different expectations for what constitutes adequate audit evidence. This module builds an evidence standard framework that specifies documentation requirements by jurisdiction and audit type, teaches how to state those requirements in audit scope letters before fieldwork begins, and explains how to reject insufficient evidence at fieldwork stage rather than at report review when it is too late.
Module 3. Cross-Border Fieldwork Planning and Team Coordination
Managing fieldwork when your audit team spans multiple cities and time zones. Covers fieldwork documentation standards, interim status reporting cadence, how to maintain consistent testing methodology when different team members interpret the same control objective differently, and how to conduct effective fieldwork on trading and lending controls without disrupting front-office operations or triggering escalations from local management.
Module 4. Control Testing Methodology for Banking Products
Structured testing approach for controls across market risk, credit risk, liquidity management, and AML. Each banking product category has a different control architecture. This module maps which testing approach, whether re-performance, observation, inspection, or inquiry, applies to which control type, with worked examples drawn from structured lending, transaction banking, and securities trading environments.
Module 5. Findings Drafting: From Observation to Reportable Issue
The gap between what an auditor observes in fieldwork and what becomes a defensible finding in the audit report. How to write condition, criteria, cause, and effect for complex banking findings, how to set risk ratings that survive challenge from business lines and second-line functions, and how to document root cause analysis in a way that produces a genuinely actionable management response rather than a policy update.
Module 6. Management Response and Action Plan Governance
How to review management responses for sufficiency rather than just accepting them, how to set action plan milestones that are testable and time-bound, how to escalate responses that describe intent rather than remediation, and how to maintain a findings tracker that remains accurate through staff turnover on both the audit and business sides. Includes a response sufficiency checklist built for multi-entity programs.
Module 7. Follow-Up Auditing and Findings Closure
The persistent backlog problem: why action plans stay in-progress for multiple quarters. This module establishes the evidence bar for closing a finding, how to conduct targeted follow-up reviews without a full re-audit, what to do when management claims completion but the evidence does not support closure, and how to apply a closure decision tree that holds up under audit committee and regulatory scrutiny.
Module 8. Regulatory Examination Support: What Examiners Need
When regulators conduct an examination, your prior audit work becomes their primary evidence base for assessing program adequacy. This module covers how to prepare the audit work paper archive, what examiners from ACPR, PRA, FRB, and MAS typically look for in an internal audit program, how to respond to examiner requests without inadvertently opening new issues, and how to brief your Chief Audit Executive before examiner interviews.
Module 9. Audit Committee Reporting for Complex Findings
How to present findings with jurisdictional complexity, multi-year root causes, or politically sensitive business involvement to audit committee members who are not operational specialists. Covers executive summary architecture, heat map design principles, and how to convey severity and trend accurately without creating alarm or, conversely, understating risk that the committee needs to understand and act on.
Module 10. Auditing the RCSA: Challenging the Line 1 Risk View
The Risk and Control Self-Assessment is a first-line tool, but internal audit is responsible for challenging whether it is complete and credible. This module covers how to audit the RCSA process itself, how to cross-reference RCSA outputs against audit findings to identify where business lines are systematically optimistic about their control environment, and how to report material discrepancies to audit committee.
Module 11. Audit Quality Assurance and External Assessment Readiness
Every internal audit function is subject to IIA standards, including internal quality reviews and an external assessment every five years. This module covers what a quality assurance program looks like inside a complex banking group, how to prepare for an external assessment without extensive disruption to the ongoing audit plan, and how to respond to quality findings in a way that demonstrates genuine methodology improvement rather than procedural compliance.
Module 12. Building the Annual Plan and Budget Case
How to construct a multi-year audit plan that tracks the institution's evolving risk profile, how to resource it across regions and specialist domains, and how to present the budget case when you need additional headcount or co-source capacity. Includes the effectiveness metrics that CFOs and audit committees use to assess program output and how to position your function's results in those terms.

How this addresses your situation

Specific modules that map to what you said you are dealing with.

Findings that reopen: Modules 5, 6, and 7 build the full lifecycle from drafting to closure governance.
Regulatory examination upcoming: Modules 2 and 8 cover evidence standards and examiner preparation.
Audit committee presentations need to be clearer: Module 9 covers the reporting architecture for complex multi-entity findings.
Audit universe too large for current headcount: Modules 1 and 12 address prioritization and resourcing.

What you get with this course

  • 12 text-based modules, each with a worked example from a banking audit scenario.
  • Downloadable evidence specification templates for each major audit type, pre-formatted for multi-jurisdiction use.
  • A findings lifecycle tracker with closure criteria, escalation triggers, and audit committee status categories.
  • A regulatory exam preparation checklist covering ACPR, PRA, FRB, and MAS standard request formats.
  • The hand-built implementation playbook tailored to your regional banking audit environment, delivered alongside course access.

What you will have in hand by Day 1, Week 1, Month 1

Account provisioned within 24 hours of purchase.

Hand-built implementation playbook delivered alongside course access.

All 12 modules immediately available, self-paced.

Before and after

Before

Findings tracker shows multiple items in-progress from two quarters ago. Several have revised target dates. Action plan responses from business lines describe intent rather than remediation. Regional regulators are asking why certain control areas have not been audited in the current cycle.

After

Evidence standards are set in scope letters before fieldwork starts. Action plans have testable milestones. The follow-up methodology closes findings on first review. Audit committee heat maps show accurate severity. Regulatory examiners see complete coverage documentation and a clean findings lifecycle.

What happens if you do not address this

A persistent findings backlog signals a methodology gap to regulators, not just a management execution problem. When examiners review your audit program and find evidence standards that vary by auditor or findings that reopen repeatedly, that becomes an observation about the audit function itself. The risk is not inefficiency inside the team. It is regulatory scrutiny of the program's credibility.

Who it is for

You manage a regional internal audit function inside a complex financial institution. You are accountable to the Chief Audit Executive and to regional regulators. You have audit teams working across multiple jurisdictions and you present findings to an audit committee that expects clarity. Your current challenge is methodology: evidence standards, findings lifecycle governance, regulatory exam readiness, and audit committee reporting for situations where the answer is complicated.

Who this is NOT for. Single-entity audit teams with a simple regulatory footprint. External auditors who are not managing an ongoing audit universe. Compliance officers who have not held an internal audit management role.

How it arrives

Text-based course in the Art of Service learning environment, plus downloadable templates and worked examples for every module, plus the hand-built implementation playbook delivered alongside course access.

Time investment. Each module is 25-40 minutes of focused reading plus template work. Most regional audit managers complete the full course across three to four work weeks at two to three modules per week.

Why $199 is the right number

IIA training covers standards and principles. This course covers the operational methodology for applying those standards inside a complex multi-entity banking group: how to scope, evidence, draft, track, and report in an environment where regulators review your work papers. The gap between holding the CIA designation and running a findings lifecycle that satisfies the ECB or FRB examiner is what this course fills.

FAQ

Is this specific to any particular jurisdiction or regulatory regime?
The methodology applies across the major banking regulators, with specific modules covering ACPR, PRA, FRB, and MAS examination expectations. The evidence standard framework in Module 2 is designed to be adapted to your specific jurisdiction mix.
We already follow IIA standards. What does this add?
IIA standards define what an audit function should do. This course covers how to do it inside a complex banking group: how to set evidence standards that hold up under regulatory examination, how to govern action plans across jurisdictions, and how to report to an audit committee when findings have multi-entity root causes.
Can this be used to onboard new audit managers in the team?
Yes. The module structure maps to the core competencies for a regional audit manager role. The course works well as a structured methodology foundation for audit managers stepping up to cross-jurisdiction scope for the first time.

30-day money-back guarantee. If after a week of working through the materials this is not what you needed, reply to the receipt email and a full refund is processed. No questions, no forms.

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.

!