Internal auditors provide assurance that an organisation’s governance, risk management and internal controls are effective.

Working for an organisation’s internal stakeholders – such as the risk and audit committee – internal auditors’ objective is ensuring that systems are robust.

To ensure the correct risk controls are in place, internal auditors are involved in areas such as:

  • IT 
  • environmental policies
  • finance. 

Internal audit is where commercial imperatives meet risk management: internal auditors perform important work ensuring organisations have correct controls and processes while operating effectively

Entry and progression

Internal audit covers the full breadth of an organisation’s policies and procedures. It is possible, therefore, to become an internal auditor through non-financial routes such as compliance and risk.

However, many organisations look to recruit from accountancy practice, especially experienced external auditors. Internal auditors can progress to senior levels.

Exam options

ACCA develops the skills and knowledge required by forward-thinking professional accountants, including those focused on internal audit. For those who work in internal audit, or aspire to be an internal auditor, the most relevant exam options are:

Advanced Performance Management helps to evaluate efficiency and effectiveness and shows how to use relevant performance indicators. Advanced Audit and Assurance (AAA) teaches relevant techniques and principles.

Performance objectives

Remember it’s not just about exams. You need to have the right experience so that you are competent – you have the experience and knowledge – to start and continue your internal audit career.

Performance objectives (PO) which would provide great experience and must be signed off as part of the Practical Experience Requirement (PER) could include:


High level competencies required by internal auditors include:  

  • Audit, Assurance and Advisory

    A. Advises on and communicates effectively the role and scope of audit, assurance and advisory engagements to relevant stakeholders.

    B. Applies regulatory, legal, professional and ethical standards relating to advisory, audit and assurance engagements.

    C. Plans and prepares for audit, assurance and advisory engagements.

    D. Performs effective audit and assurance engagements.

    E. Reviews and reports on the findings of audit and assurance engagements.

    F. Guides efficient and effective operations.

  • Governance, Risk and Control

    A. Evaluates organisational structures and governance to protect the long-term interests of stakeholders.

    B. Recommends appropriate strategies to ensure adherence to governance structures and application of best practice internal controls.

    C. Identifies and manages risk appropriately.

    D. Uses risk management for the best interests of an organisation and its stakeholders.

    E. Monitors and applies relevant legislation, policies and procedures.

  • Ethics and Professionalism

    A. Develops advanced ethical values and professional skills in the promotion of public interest and the profession.

    B. Demonstrates personal effectiveness in fast changing environments.

    C. Encourages innovative thinking within the context of professional scepticism.

    D. Thinks proactively about the future, applying professional judgement and commercial intelligence and seeks specialist input when needed.

    E. Communicates effectively and influences others.