home | events

Event Details

 

IIA NZ GIAS Workshop #3

Date 
29 September 2026
Time
9:00 am - 10:00 am
Online
Delivery Method
Online
Facilitator
IIA NZ

IIA NZ GIAS Workshop #3: Topical Requirements - Third-Party Risk
(3rd Workshop of 3)

Event Information:

  • Date: Tuesday 29 September 2026
  • Delivery Method: Online - Teams Meeting
  • Time: 9:00 - 10:00 am
  • Duration: 1 Hour
  • Speakers: IIA NZ GlAS Champions (Will Dougherty, Brian Robb and John Stewart)

Third-party risk is already a priority for many organisations, whether through outsourcing, procurement, technology providers, data sharing, service delivery partners, critical suppliers, or other external relationships. It is also increasingly visible to boards, audit committees, regulators, and executive teams.

From 15 September 2026, internal audit teams delivering assurance work in this area will need to consider the IIA's new Third-Party Topical Requirement under the Global Internal Audit Standards. Where the requirement is relevant, internal auditors will need to be able to show how it has been applied - or explain why particular requirements were not applicable.

This IIA NZ member session will provide a practical introduction to the new Third-Party Topical Requirement and what it means for internal audit planning, engagement scoping, methodology, and documentation. The focus will be practical rather than theoretical: what internal auditors need to know now, what should be built into 2026/27 audit planning, and how to avoid discovering too late that third-party risk work does not adequately address the new requirements.

If third-party risk is on your audit plan, this matters. The session will help members get ahead of the change, understand the practical implications, and consider how to apply the requirement in a way that is risk-based, proportionate, and useful.

Session objectives

By the end of the session, participants will be able to:

  • Understand the purpose of Topical Requirements and how they sit alongside the Global Internal Audit Standards.
  • Recognise when the Third-Party Topical Requirement is likely to be relevant to an internal audit engagement.
  • Identify the key areas covered by the requirement, including third-party governance, risk management, controls, lifecycle management, monitoring, escalation, and offboarding.
  • Consider what internal audit teams should do now to prepare for third-party risk engagements commencing after 15 September 2026.
  • Discuss practical implementation questions, including proportionality, documentation, downstream or subcontracted relationships, and the use of professional judgement. We will consider this from an NZ perspective, and will also include some sector specific context.
  • Connect with other IIA NZ members to share emerging challenges, approaches, and leading practice.

This session is designed for internal auditors, assurance leaders, risk professionals, audit committee members, and others involved in planning, delivering, or overseeing assurance over third-party relationships.

IIA NZ Members: $FREE

This is a closed IIA NZ member's event. A minimum attendance of 10 people applies for this event, with a maximum of 100 online.

Registrations are now open and will close on the 23 September 2026.

IIA NZ Event Overview and Refund Policy: https://iianz.org.nz/Site/terms-and-conditions.aspx

If you require assistance with registering, please contact events@iianz.org.nz


Prices
IIA NZ Member: Attending Online
Complimentary

MoST Content Management V3.0.9553