News Articles

Internal auditors look at how organisations are managing their risks, including mitigating them. They inform the Audit Committee and governing Board about whether risks have been identified, and how well those risks are being managed.

They check that operations are conducted effectively, efficiently and economically in accordance with the organisation’s policies; that laws, regulations, policies and procedures are complied with; that the assets of the organisation are being safeguarded; that management information is relevant, reliable and accurate. Internal auditors review systems under development to ensure that good controls are built in. They may carry out consultancy services or special reviews at the request of Management.

The function is different to that of external auditors because it does not look only on financial risks: much of the work looks at reputational, operational or strategic risks. Internal auditors give an independent opinion on whether internal controls that are put in place to manage the risks, such as policies and procedures, are actually working efficiently as intended.

The official IIA definition of internal auditing: Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation's operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.

The responsibility to manage risks always resides ultimately with the governing body and, through them, Management. Internal Audit’s role is to identify potential problem areas and recommend ways of improving risk management and the internal controls that address the risks.

Internal audit may be provided by in-house staff, or an outsourced team.  Either way, it should be optimally independent of the Management structure. The function reports directly to the Audit Committee. This independence gives it a unique and valuable perspective on risk management and internal control processes. 

The Institute of Internal Auditors UK and Ireland (IIA) is the recognised authority on internal auditing. The institute promotes best practice throughout the profession and develops the profession for the benefit of members and their organisations.

A professional, well resourced Internal Audit function is an integral and necessary part of an effective corporate governance framework. Alongside the governing body, and external audit, and executive Management, Internal Audit is one of the cornerstones of good governance - all the more so during the Credit Crunch of 2008 and global economic recession of 2009.