If internal audit departments are to provide the support their organisations need and meet the ever-increasing demands of stakeholders, they must work together with others in the organisation who can provide assurance. They may also be bringing more people into their teams who are subject experts, but do not have previous internal audit experience or in-depth understanding of corporate governance. All these people – and others in the business working in compliance roles or on audit committees – may benefit from gaining the IIA Certificate in Internal Audit and Business Risk.
Heads of internal audit, in turn, benefit from knowing that they can rely on other assurance providers and compliance functions to understand the corporate governance framework and work to common standards and levels of knowledge. So, by encouraging internal auditors in their teams who lack formal internal audit qualifications and others working in compliance to study for the certificate, they will also be supporting the business and reinforcing their own team’s work.
It’s worth thinking broadly about who this applies to since the costs and penalties of inadequate compliance are increasing all the time – and it is likely that the government’s work on audit reform will put more onus on the senior leadership team to understand the quality of the assurance they receive and where it comes from. A board that can state confidently that all the relevant assurance providers have gained the certificate will at least know that everyone who needs it has a common basic level of expertise.
This is also why the course is included as part of the internal audit apprenticeship programme. “One advantage of the certificate is that we do not have to focus on preparing candidates to answer exam questions, so the courses can be more flexible and activity led,” explains Marian Silltow, one of the Chartered IIA’s course trainers. “We have the freedom to explore topics and encourage open discussions about issues that attendees want to understand better.”
The programme comprises five modules. “Corporate governance and risk management” and “Internal audit planning and assurance framework” are compulsory. Participants then choose two of the remaining three modules: “Effective delivery of audit and assurance”, “Interpersonal skills for audit and assurance”, and “Compliance audit and assurance”. They must complete a Personal Development Log for each module within six weeks of completing it and then, after finishing all four modules, they must submit a Professional Experience Record and demonstrate that they have at least six months’ relevant experience in a related audit or assurance or risk role.
Each module is supported by a two-day training course led by an experience Chartered IIA trainer. These can be run in-house for organisations
that require several people to gain accreditation, or via public courses.
“I love running these courses because there tends to be lots of positive interaction. People are usually willing to talk and exchange ideas and questions about issues they are seeing in their own organisations. Junior team members don’t always get much opportunity to do this in their normal roles. It can be really valuable for them to talk to their peers in different sectors and other businesses,” Silltow says.
The whole certificate can easily be completed within a year. Some people do it faster, but Silltow recommends allowing a month to six weeks for each module to give participants time to complete the reading and reflect on their learning. The range of relevant backgrounds means that each person brings a different mix of knowledge and experience to their training, so the amount of work they need to do varies widely.
“This is one of the main benefits of the course,” agrees Stephen Maycock, another of the Chartered IIA trainers. “Most people know how things are done in their organisation. This gives them a chance to find out what best practice is based on the insights of the institute and to explore how others in their sector and more widely do things. Each group of attendees is different, so no two courses will be the same and you meet a variety of people doing different roles on each one you do.”
At the end of the course, you not only get letters after your name, which is always good for the CV, but you also have transferable skills that will be relevant and useful in a wide range of roles whether you work in internal audit or in a variety of second or first line jobs during your career, he points out. Whatever you plan to do in future, the need for assurance is only going to increase, so gaining this certificate gives you a strong foundation.
This article was published in November 2021.