Navigate Up



 Evolving Practices in Auditing Second Line Functions

Chapter Event
1/23/2019 8:00 AM
1/23/2019 10:00 AM
Deloitte – 8 Adelaide Street West; Toronto, ON M5H 0A9 | Canada - Ontario
Session Overview

Continuing to be strategically relevant for and satisfying the assurance needs of stakeholders is a key priority for every Internal Audit function.  However, the pace of organizational change, risk transformation initiatives, regulatory expectations, emerging risks/trends and emerging engagement models between the lines of defense pose a challenge to Internal Audit. Internal Audit shops have had to continuously re-think the best operating model and audit programs for carrying out their role in providing assurance in the most effective and efficient manner.

While Internal Audit professionals grapple with this challenge, Risk Management and Corporate functions may not understand Internal Audit’s expectations in the changing landscape. For example, what is the nature of evidence ideal to demonstrate that effective challenge was performed? How does the notion of working collaboratively, yet retaining independence from the first line to deliver the organization’s goal be best evidenced to the third line? While solving for practical challenges in learning new and emerging disciplines (e.g. artificial intelligence, robotic process automation, blockchain) and putting them to use to further the organization’s strategic priorities, how do we educate Internal Audit to allow them to provide an informed opinion and assurance? Furthermore, clarity of roles and responsibilities and blurred lines of defense add to the challenges faced by Risk Management and Corporate functions.

After a quick primer on how the three lines of defense have evolved, using live examples, the session will explore certain challenges in auditing the second line. The session will also discuss ways leading Internal Audit shops are evolving their capabilities and methods to audit Risk Management and Corporate functions. The session will introduce the concept of Integrated Risk Assurance and its benefits.

After attending this session, participants will be able to:

  1. Appreciate how a true three lines of defense model is evolving as organizations undergo risk transformation.
  2. Understand the challenges and maturity levels associated with risk/control functions in the context of a three lines of defense model.
  3. Understand how leading Internal Audit functions are evolving their approach and programs to audit second line functions.
  4. Appreciate the concept of Integrated Risk Assurance and how that can benefit assurance providers to provide improved service, assurance and strategic value to key stakeholders.

Speaker         Baskaran Rajamani, Deloitte

                       Luiz Dias, Deloitte

Baskaran Rajamani is a Senior Partner with Deloitte focused on Risk Advisory services. Baskaran specializes in helping Financial Services clients across lines of defense in dealing with the impact of technology, third party and emerging risks. He provides thought leadership on IT risk management audit/assurance frameworks, methodologies and optimization. Baskaran is a Faculty at Deloitte University in its Toronto and Dallas, TX campuses.

Baskaran is a popular speaker and has authored several technical papers on IT risk management and assurance, presented at conferences and seminars in different parts of the world. Baskaran is the co-author of Deloitte’s latest point of view of Integrated Risk Assurance. He holds a Master’s degree in Engineering and an MBA.  His designations include CISA, CISSP and is a past President of the ISACA Toronto Chapter.

Luiz Dias is a Partner with Deloitte’s Risk Advisory practice in Toronto and has over 18 years of experience in Internal Audit, Enterprise Risk Management, Governance and Compliance, primarily in the Financial Services industry. Luiz has worked with large and mid-sized financial institutions in projects that include defining and implementing risk based Internal Audit methodologies and rolling them out globally as well as integrating methodologies with 2nd lines of defense.

Prior to joining Deloitte’s Risk Advisory practice in Toronto, Luiz was a Partner of Deloitte Brazil´s Financial Services practice, where he led the Operational Risk group. He holds a Bachelor’s degree in Business and a MBA in Banking. Luiz is a frequent conference speaker on the topics of internal audit and risk management and has served as Faculty at Deloitte University in its Toronto and Dallas, TX campuses.


As space is limited, please pre-register on-line at the website noted below. Late registrations may not be accommodated due to space limitations.  Substitutions are welcome.   

To register online, please visit the event website:

Phone: 416-223-5326


Deloitte – 8 Adelaide Street West; Toronto, ON M5H 0A9

Registration, Light Breakfast and Networking: 8:00 a.m. – 8:30 a.m.

Presentation and Q&A:  8:30 a.m. – 10:00 a.m.


IIA Toronto Chapter Members - $64.99 (Plus HST)

Non-Members - $76.99 (Plus HST)

Students – Free if a valid student ID card is presented at the event

CPE: 1.5 credits

Please Note:  There is a cancellation policy in effect.