Our Internal Audit Code of Practice which comes into effect from January 2025 is designed to enhance the overall impact and effectiveness of internal audit within organisations operating in the UK and Ireland.
The principles outlined in this Code are considered a benchmark of good practice, against which organisations should evaluate their internal audit functions.
The Code is principles-based and should be applied proportionately, considering the nature, scope, and complexity of the organisation. It should also be applied in conjunction with any relevant internal audit regulatory standards that may apply to the organisation.
We believe this Code will be instrumental in moving our profession forward and enhancing corporate governance.
Download the Internal Audit Code of Practice
The Code applies to organisations in the financial services, private, and third sectors that have an internal audit function and a board audit committee comprised of independent non-executive directors or their equivalents. For the first time, we present a unified Code that encompasses all these key sectors.
While the Code may be beneficial for internal audit functions in the public sector, it is not specifically tailored to this sector. Public sector internal audit functions should continue to follow the Public Sector Internal Audit Standards.
The Code includes a comprehensive set of 37 principles for managing an effective internal audit function, developed by the Independent Internal Audit Code of Practice Review Committee. These recommendations were shaped by an extensive public consultation that involved hundreds of internal audit professionals and other stakeholders, including business groups, business leaders, professional services firms, professional bodies, regulators, and standard setters.
The Code is effective from January 2025 and applies to all internal audit functions in the financial services, private, and third sectors.
The Code should be applied in conjunction with the International Professional Practice Framework and the new Global Internal Audit Standards which also come into effect from January 2025. It aligns with and builds upon these standards, aiming to further enhance the impact and effectiveness of internal audit.
Although the Code is principles-based and should be applied proportionately, it is expected that all internal audit functions will engage with its principles and map out an appropriate journey towards compliance. External Quality Assessment (EQA) providers will also benchmark against the Code and assess progress towards best practice.
To support internal audit functions in implementing the Code, we have published comprehensive technical guidance.
Click here to see the guidance that supports the Code’s implementation.