Is your organisations internal control environment operating effectively?

Our internal audit service offers best practice benchmarked expertise in supporting our corporate and financial services clients with their internal audit assurance requirements.

Our internal audit delivery model encompasses co-sourced and outsourced solutions as well as the provision of subject matter expertise on a standalone or integrated basis. We also offer our clients the opportunity to avail of our independent internal audit effectiveness review (IAER) solution.

All of our internal audit services are underpinned by a robust internal audit framework and methodology that are aligned to best practice guidance and CIIA standards. 

Partner Sheila Duignan

Business risk services

Find out more

We encourage our clients to calibrate the scope of their internal audit engagement to the inherent risk maturity of their organisation, their risk appetite and the level of assurance they require by choosing one of the following configurations:

  • Full Scope Review – holistic audit of the process, risks and controls of the ‘in scope’ process itself. The intention is to fully assess both the design and operating effectiveness of the key controls within the end to end ‘in scope’ process. Typical for high risk processes and where there is a need for a high level of assurance.
  • Readiness Review –such reviews still require an understanding of the end to end process, risks and controls but audit testing is more limited with small sample sizes attaching. Consequently the level of assurance in respect of the operating effectiveness of the key controls themselves is lower.
  • Control Design Assessment – is focussed solely on critically assessing the robustness of control design parameters to determine if they are fit for purpose. These types of reviews are typically used where new controls are being introduced and or where new or restructured processes or systems are being operationalised.
  • Remediation Review – concerned with assessing the remediation of control recommendations made from a previous audit. Involves the review of all ‘in scope’ control recommendations and the  performance of remediation testing on same to provide an updated level of assurance on the ‘in scope’ process itself and its inherent key controls.
  • Lean Review – the objective of this type of review is to identify process efficiencies and in turn ‘lean out’ the controls that support the management of risks within the end to end process itself, whilst still ensuring that risks are adequately mitigated. The identification of duplicate controls and redundant controls is a primary objective of this type of review so as to ensure optimum process cost effectiveness, efficiency and risk mitigation.

Beyond assurance we cater for internal audit governance matters, the use of data analytics as part of an integrated assurance delivery model and the nuances to performing internal audits of outsourced services and/or third party audits themselves.

Should you wish to discuss on of these services please do not hesitate to contact Sara McAllister, Director of Business Risk Services directly, or one of the BRS management team.