What is internal audit and what does an internal audit professional do?

Internal audit is the objective evaluation of a company’s risk management, corporate governance and internal control processes (including accounting processes) to ensure they are operating effectively. They also assess compliance with laws and regulations and help identify and raise instances of fraud or error to management, allowing them to remedy issues before they are uncovered during the external audit.

Internal auditors typically work for the business that is being audited. They examine financial statements, management accounts, expense reports and inventories, as well as creating risk assessments for each department and evaluating how well these risks are being managed. They assess whether internal processes are operating as designed, identify control weaknesses and advise operational management on how to make improvements to systems and processes.

Internal audit professionals consider issues beyond financial statements such as the company’s reputation, growth and the way it treats its employees in order to provide a rounded view of the company. The requirement for autonomy and objectivity in the role means that they usually report directly to senior leadership and have the authority to carry out their responsibilities as required.

Key responsibilities

Responsibilities will vary, but examples include:

  • objectively reviewing an organisation's business processes
  • researching and assessing the management of risk
  • evaluating regulatory compliance programme
  • ensuring the company is complying with relevant laws and regulations
  • creating and presenting final reports on audits that have been undertaken
  • assisting management in the improvement of internal controls and governance processes
  • evaluating the company’s readiness in case of interruption to operations
  • protecting against fraud and theft of the organization's assets
  • promoting ethics and identifying improper conduct.

Why are they important?

Internal auditors provide important insight to leadership on how an organisation is functioning on a day-to-day basis and provide assurance that the results and management information that is being used to drive strategic decision making is sound. The internal audit function provides objective insight, improves efficiency of operations, evaluates risks and protects assets. Robust internal audits are also vital to correcting issues quickly, maintaining a good reputation and preventing unnecessary waste of time and money

Skills needed for this role

Internal auditors will need strong analytical skills and sound judgement, along with good business and commercial acumen. Strong ethical standards and high levels of integrity are key requirements for this role.

Strategic Professional Options linked to this role

Advanced Audit and Assurance

Career opportunities presented by this role

Opportunities for internal auditors are widely available and come with variety and challenge. These professionals can work within accountancy firms, private and publicly traded companies and the public sector. The range of functions that internal auditors are exposed to in the execution of the role, provides an outstanding grounding for other more senior financial roles. International travel is common in this role.

Competencies

High level competencies required by internal audit professionals include:

  • Advisory and consultancy

    A. Gathers and understands financial and non-financial information to develop complete knowledge of the client business and the environment in which it operates.

    B. Provides expert advice that will add value to the business and gain advantage.

    C. Identify and advise on business partnering to develop strategic relationships to create opportunities, improve performance and solve business problems.

    D. Prepare and present business plans and advise on the actions to implement these plans.

     

  • Audit and assurance

    A. Advises on and communicates effectively the role and scope of audit and assurance engagements to relevant stakeholders.

    B. Applies regulatory, legal, professional and ethical standards relating to audit and assurance engagements.

    C. Plans and prepares for audit and assurance engagements.

    D. Performs effective audit, and assurance engagements.

    E. Reviews and reports on the findings of audit and assurance engagements.

    F. Guiding efficient and effective operations.

  • Corporate business and reporting

    A. Prepares financial statements, corporate financial and integrated reports for external stakeholders using appropriate technology.

    B. Leads effective decision making through analysing, evaluating and communicating performance and position of entities.

    C. Prepares financial statements for groups of entities using appropriate technologies.

    D. Monitors, critically evaluates, and advises on the relevant accounting standards, regulations, conceptual and financial reporting frameworks.

     

  • Data, digital and technology

    A. Identifies strategic options to add value, using data and technology.

    B. Analyses and evaluates data using appropriate technologies and tools.

    C. Applies technologies to visualise data clearly and effectively.

    D. Applies scepticism and ethical judgement to the use of data and data technology.

     

  • Governance, risk and control

    A. Evaluates organisational structures and governance to protect the long-term interests of stakeholders.

    B. Recommends appropriate strategies to ensure adherence to governance structures and application of best practice internal controls.

    C. Identifies and manages risk appropriately.

    D. Uses risk management for the best interests of an organisation and its stakeholders.

    E. Monitors and applies relevant legislation, policies and procedures.