Challenges and responsibilities
The role of an internal audit department is to help the organisation achieve its strategic objectives. It does this by helping managers to identify and control the factors that can threaten their ability to achieve their goals. All organisations face risks in everything they do. The profession of internal audit is fundamentally concerned with providing assurance by evaluating an organisations management of risk.
An important part of the job of an effective senior management team is setting in place systems which show how well all the complex processes to manage risks are working. In this ideal context, the role of the internal auditor is to evaluate, across all parts of an organisation, the quality of those systems of internal control, risk management and corporate governance processes and then report this directly and independently to the senior management.
How well they recognise, understand and manage those risks will play a critical part in the success (or failure) of the organisation and consequently the value delivered to customers, shareholders and stakeholders. As well as this ongoing assurance provision, the internal auditors’ knowledge of the management of risk enables them to act as consultant and catalyst for improvement in an organisation's practices.
Because the knowledge that an internal auditor builds up is not limited to one part of the organisation, they are very valuable employees. This gives internal auditors an insight into what it’s like to work in other parts of an organisation, should they decide to move.
How do internal auditors work?
Depending on the environment in which they are working, an internal auditor’s role will vary. The head of internal audit will decide which areas of the organisation to focus on and divide the work up into audit assignments. Typically, these assignments involve looking at one particular area of the organisation and can take as little as a few days, or as long as several weeks to complete.
Helen Elliott - Auditor, Gentoo Group Ltd
"I have found internal auditing challenging, as no two days are the same in the company I work for. I audit different areas of the business, from Construction where I am out on site in hard hat and boots, to Tenancy & Estate Management where I am trawling through archives and house files."
Assignments allow internal auditors to gather information about a particular area, and then give their opinion on how well they think the area is managing its risks:
An audit assignment may involve:
-
looking at the range of risks that management has identified and how much risk they are prepared to accept
-
looking at what controls are in place and whether they are working properly
-
arriving at conclusions, reporting, making recommendations as necessary and providing an opinion on the effectiveness of risk management and control in the audited area.