As an independent provider of internal audit effectiveness reviews, we have unique insight into how internal auditing functions operate. This report brings together our findings from reviews of a range of public and private sector organisations over the past year, with both large and small internal audit functions.
The report provides benchmarks and highlights potential areas for improvement. In it we examine the significant trends, examples of good practice and the key areas for improvement in five core aspects of internal audit:
Since piloting external quality assessments (EQAs) in the latter part of 2011/12 we have undertaken over 80 reviews. These include public and private sector organisations with large and small internal audit functions.
We expect this growth to continue based on our unique ability to drive the development of the profession through benchmarking, guidance, qualifications and training. During 2016/17 we undertook 23 reviews (11 in the public sector, 9 in the private sector and 3 in the Financial Services sector) of which 15 generally conformed to the IIA Standards, 4 partially conformed and there was one instance where the internal audit function did not conform to the Standards. This means 98% of internal audit functions we see are achieving high or good levels of performance which is an increase of 13% conformance since 2015/16.
This window into internal audit practice provides interesting reading with grounds for both optimism and concern.
Continuing the positive message we have seen only 6% of partial non-conformance with the Definition and Code of Ethics i.e. Rules of Conduct, which is really encouraging, demonstrating how seriously internal audit functions are taking conformance with the Standards.
One of the common themes in the areas for improvement is Planning (Standards 2000 to 2130). Our EQA work shows that of the six areas of conformance, 34.4% of recommendations are within Planning. Planning also has the greatest instances of partial or non-conformance of the Standards at 22%.
The knowledge, experience and support of our review team has helped these organisations to devise action plans to deliver significant improvement. The Chartered IIA is seeking to identify common themes in terms of non-conformance with the Standards so that technical guidance can be created to address these areas and thereby providing additional support to internal audit functions and aid conformance with the Standards.
Our colleagues at IIA Global, following the revision to the Standards, have provided implementation guidance to provide clarity and guidance as to how to demonstrate conformance with the Standards. The implementation guides are available to members on the Chartered IIA website at www.iia.org.uk.
The detail within this report provides useful benchmarks and highlights potential areas for improvement based on our insight into the organisations we have worked with.
The key points highlighted, cumulatively, in the EQA review findings include:
Figure 2: Overall Performance against IIA Standards