Setting Up and Managing an Internal Audit Function

Date: 18th September 2024 17:00 - 19:00 Online

With internal audit being a key function in most regulated and a key standard of good governance, setting up the function in a good way is key to ensure maximum benefit is obtained.

This is an opportunity to learn more about internal audit, its benefits, expected outcomes, and role within your company.


Throughout this session we will discuss about the key aspects of internal audit and what a business needs to setup a properly functioning internal audit function. The maturity, its alignment with the core and 2nd line functions as well as its intended role will be discussed.

Ultimately, internal audit is an independent function, with its own cost centre, budget, methodology, policies, etc. Yet, it needs to be aligned to the business needs and strategy to ensure full benefit of its value-added processes can be obtained.



  • Internal Audit in context
  • The 3 lines of defence
  • Setting stakeholder expectations
  • Standards and guidance
  • Risk maturity and the role of internal audit
  • Internal control frameworks
  • Policies and procedures
  • Planning internal audit: the strategy
  • Resources
  • Measuring and monitoring performance

Learning Objectives

To better understand the proper setup of an internal audit function in line with international standards, regulatory and market expectations.

Target Audience

  • General Managers
  • Risk Managers
  • Directors
  • Audit Committee Members
  • Auditors


Assessment Questions and Answers

In line with MFSA requirements, a short multiple-choice assessment will be provided by the trainer towards the end of the session. A Certificate of Attendance will be awarded to all students who attend the CPD (duration will be included on certificate). A Certificate of Achievement will be awarded to those who sit for the assessment and are successful (pass mark 60%).


Stefan Lia, ACII, BA(Hons) Fin. Serv., MSc, CRISC

Stefan Lia currently Heads the Governance, Risk and Compliance Function at Betsson Group. His responsibilities include coordinating internal audit, managing the group insurance program, designing, implementing and managing risk management and governance processes and acting as advisor to operational management on various matters.

Stefan started his career working with a Maltese insurer where he was responsible for Commercial Insurance underwriting. This was followed by a stint at the MFSA where he spent over four years as part of the Consumer Complaints Unit. Prior to joining Betsson in his current role, he was part of the team Risk Advisory at Deloitte Malta.

Stefan holds an Advanced Diploma in Insurance from the Chartered Insurance Institute, a BA Hons in Financial Services from University of Edinburgh Napier and MSc in Risk Management from Glasgow Caledonian University and is certified in Risk and Information System Controls by ISACA.



Register Now

Please fill in the form below to register for this course.
We will contact you with the next steps in your registration process.

Why Choose Us

MITC is made up of a close-knit team with a real passion for learning and insurance, who believe in the continuous development and empowerment of individuals through learning. We understand all of the nuances and challenges that come with insurance training and, that is why we’re here to help you get your training right.

Our courses are developed following in-depth research and consultation on the subject matter and the related market, thus ensuring participant needs are met. All our trainers are experts in their field and actively contribute towards the continuous development of the courses which they deliver.

Our training services are accredited by the Malta Further and Higher Education Authority (MFHEA) and the European Qualifications Framework platforms. MITC’s homegrown insurance programmes are recognised by the renowned Chartered Insurance Institute, UK.

Let's stay in touch

Stay updated with MITC news updates and courses. We promise not to spam your email or share your email with third parties.