Internal audit is a dynamic profession involved in helping organisations achieve their objectives. It is concerned with evaluating and improving the effectiveness of risk management, control and governance processes in an organisation.
To do this, internal auditors work with management to systematically review systems and operations. These reviews (audits) are aimed at identifying how well risks are managed including whether the right processes are in place, and whether agreed procedures are being adhered to.
Audits can also identify areas where efficiencies or innovations might be made. Internal audits are organised under an ongoing program of review and advisory activity this is based on the strategic needs of an organisation.
During their role, internal auditors work across all areas of an organisation. In addition to core areas of financial control and IT, they review the tangible aspects of operations, such as an organisation’s supply chain or IT systems; as well as more intangible aspects such as
organisational culture and ethics. In fact, any system that has an impact on the effective operation of an organisation may be included in internal audit’s scope.
Internal audit reports are presented to the CEO and board (via the audit committee) as they provide an independent viewpoint on the extent to which an organisation is poised for success and advice on areas for improvement.
Internal auditors work in all sectors (public, private and not-for-profit) and may work as an employee of the organisation, or through an external service provider.