Auditing Basel III
Following the most recent financial crisis a full-scale review of the banking capital framework was undertaken by the Basel Committee. Many banking activities will be affected, and the broad consequences will impact banking strategies.
This Program is designed to discuss the likely changes, and their impact.
This Program will help participants to:
·        Understand the recent amendments to Basel II applied to the definition of capital
·        Use Regulatory updates for market, credit, counterparty and liquidity risk.
·        Implement Stress Testing for various risk measures including how to formulate and articulate stress tests
·        Consider the likely effects of “Basel III” on the Kuwait Banking systems in particular and on the international banking industry
·        Recognise the role of the Central Bank of Kuwait
·        Audit the implementation of Basel II, III and stress testing based on a structured audit program
·        Key concepts of Basl II rules for capital adequacy
·        Which are the concepts of Basel II that changed with the introduction of Basel III
·        Brief overview of events leading to the most recent financial crisis
·        Basel III’s Introduction
·        Concept of “going” and “gone” concerns
·        Harmonisation with IFRS
·        Introduction of Stressed VAR
·        Estimation of a capital charge for counterparty credit risk (CCR)
·        Introduction of the Credit Valuation Adjustment (CVA)
·        How to model expected positive exposure
·        The comprehensive risk approach
·        Changes to the Securitisation Framework
·        Multi-Dimensional Risk Measures
·        Detailed introduction to a Liquidity Framework
·        What are eligible liquid assets?
·        Proposed calibration
·        Counter-Cyclical Capital Buffers
·        Estimation of credit to GDP and other measures for each jurisdiction
·        Stress Testing – the criteria to be taken into consideration for stress testing for banks in the gulf region
·        Other changes to Pillars II and Pillar III
·        The main audit objective for auditing (1) implementation of Basel II and Basel III (2) stress testing
Lectures – discussions, case studies, exercises.
Members of the Risk Management Team, Compliance Team and Internal Auditors
The Program will be presented in English
24 hours, 4 days, mornings & afternoons
 Auditing Corporate Compliance Governance
Today’s successful audit leaders never lose sight of the importance of continually assessing and improving their organizations’ corporate governance structure. The IIA has developed a governance course specifically for audit leaders, including CAEs, audit directors, and audit managers, as well as mid- to upper-level internal auditors who want to enhance their roles in governance.
Focusing on small and large discussion groups, and utilizing practical group exercises and individual activities, facilitators will help participants gain the skills necessary to review and improve their corporate governance structure, while developing techniques to assess risk management activities.
This Program will help participants to:
·        Understanding of legal and regulatory guidelines
·        Gain Knowledge on corporate governance
Corporate Governance
  • How did we get to this point?
  • Why is governance important?
  • General definitions including the Standards definition
  • Value of corporate governance, how it translates to share price for public companies and public confidence at non-public entities
  • Examples of impact of poor governance on public and non-public entities
Roles and Responsibilities
  • Board, audit committee, internal audit, external audit, and others (regulators, legislators, investors, donors, financial institutions, credit analysts)
  • Explore how the perspective of those historically responsible has changed and why
Legal, Regulatory, and Standard
  • Central Bank of Kuwait corporate governance circular.
  • IIA Standards
  • COSO Enterprise Risk Management
  • Examine the emerging body of knowledge of the various proponents of corporate governance and how we might respond in Kuwait.
Business Ethics
  • Standards from Ethics professional organizations
  • Codes of conduct, conflict of interest, ethics policies, with examples from large and small organizations
  • Tone at the top, vision, and values — how to influence them
  • Tools for assessing ethics
  • Examine the impact on internal audit assurance and consulting services
  • How to audit business ethics
  • Disclosure committees
  • Executive compensation
  • Independence of Board
  • The role of internal auditing in these sensitive issues
  • Tools for assessing transparency
Enterprise Risk Management
  • Organizational performance
  • Metrics
  • Internal auditing as a catalyst for ERM
  • Examine examples of several organizations, industries, and public and non-public entities
  • Audit committee role/charters
  • Tools for audit committee self-assessment
  • Corporate governance as an auditable risk area
  • Managing relationships
  • Positioning internal auditing in the organization
  • Tracking and measuring governance
  • Ensuring all elements of governance are communicated
  • Developing a strategy to link and implement all of the elements of corporate governance
The following elements are included in CBK circulars:
How to evaluate board performance, committee structures
Audit considerations in whistle blowing process
Audit considerations in related party transactions
Audit considerations in conflict of interest
Audit considerations in confidentiality [How to audit confidentiality]
Auditing business strategy
Methods :
Lectures – discussions, case studies, exercises.
Auditors and Compliance Officers
Language :
The Program will be presented in English
Duration :
24 hours, 4 days, mornings & afternoons

Auditing of Mobile Banking Applications
Internal auditors can play a valuable role in assisting management with understanding how risks will change when the company implements new mobile banking applications. Internal auditors are key in providing risk management services. Auditors can assist management with the design of controls to mitigate the risks identified during the risk assessment.
This Program will help participants to:
         Understand application controls and their benefits
         Appreciate the role of internal auditors in mobile banking applications
         Perform a risk assessment
         Utilize application control review scoping
         Apply different application review approaches
         Employ relevant issues for mobile banking application audit.
Internal audit can test to determine if the controls are designed adequately and will operate effectively once the application is deployed.
          Business Process Method - The business process scoping method is a top-down review approachused to evaluate the application controls present in all the systems that support a particular business process.
         Single Application Control- The single application scoping method is used when the auditor wants to review the application controls within a single application or module as opposed to taking a business process scoping approach.
          Access Controls - No matter what method is chosen to scope the review of application controls, the module's or application's logical access controls need to be reviewed periodically
-          Input data
-          Data is processed as intended
-          Output & stored data is accurate & complete
-          Maintain record to track data processing from input to storage to output
Benefits of application controls
-          Reliability
-          Benchmarking
-          Time and cost
Role of internal auditors
-          Knowledge of key IT risks, security:
As Mobile devices use wireless communication technologies to access network-based applications for mobile banking, the audit objectives for mobile banking applications include:
-          Communications (covering risks such as sniffing and denial-of-service, and protocols such as encryption technologies and fault tolerance)
-          Network architecture
-          Virtual private networks
-          User and session administration (covering risk such as hijacking, spoofing, loss of integrity of data)
-          Public key infrastructure
-          Security architecture.
-          Independent risk assessment – design of controls/education/controls testing
Review approaches
-          Planning
-          Need for specialized resources
-          Documentation
-          Testing
-          Computer assisted audit techniques
Common application controls
-          Input & access controls
-          File & data transmissions
-          Processing controls
-          Output controls
Evaluation of Risks with Mobile banking applications
-          Privacy
-          Authentication
-          Two factor authentication
-          Data integrity
-          Non-repudiation
-          Encryption
-          Procedures
-          Unauthorisation issues
Lectures – discussions, case studies, exercises.
The Program will be presented in English
Duration :
4 days, mornings & afternoons, 24 hours
Target audience
Internal auditors, key IT staff with minimum 2 years experience.

Institute of Banking Studies (IBS) - Copyrights © 2009 - Privacy Policy
Tel: 2290 11 00 - Fax: 2243 47 05,   P.O.Box: 1080 Safat, 13011 Kuwait,   E-mail: