Congratulations on the invitation; I'm envious. A few thoughts come to mind for preparation for and during the meeting:
• Take a look at the IIA Standards, particularly related to Internal Audit’s responsibilities around Governance (Section 2110).
• Review COSO’s ERM Framework (cube) and the IIA Position Paper “The Role of Internal Auditing in Enterprise-Wide Risk Management.” Ask questions of management to determine whether they are thinking about how they plan to achieve their objectives and what events/obstacles/risks would prevent them from achieving. What is management’s risk appetite and does it align with their strategy? Do alternatives exist if set strategies are unreasonable or unreachable?
• If you have time, also review the South Africa King III report, or at least the article in the February 2010 Internal Auditor magazine about King III.
• Listen, listen, listen. Ask questions. Take notes. Internal Audit is responsible for establishing a risk-based Internal Audit Plan and what better place to begin than understanding management’s strategy for the organization and the highest risks that would prevent achievement.
I hope this was of some help. Good luck to you! I would be very interested to hear how your meeting goes.
_________________________
"Who would have thought that the thing that would save this company would be work. And pancakes." - Michael Scott-The Office