A guide on what organisations need to do to design and embed a framework to deliver operational resilience, including guidance on how to audit operational resilience. The first of two papers on operational resilience for internal audit teams.
In this second paper on operational resilience, we will look at how to develop the audit approach.
ICAEW’s Internal Audit Panel has identified eight risk areas where boards and audit committees should be asking themselves whether they are receiving the objective assurance they need amid increased public scrutiny.
Change is a feature of doing business, but managing it successfully can be complex. This guide outlines how internal audit can help project managers implement changes by adopting good practices throughout the project life cycle.
This guide considers seven challenges commonly faced by smaller internal audit functions and provides recommendations to help heads of internal audit establish and grow an effective function that can meet its priorities.
Cloud computing is transforming business IT services, but it also poses significant risks that need to be planned for. This practical guide for internal audits outlines how they should assess risk management.
This practical guide outlines the eight steps to follow to conduct a successful internal audit of culture.
Guidance for internal auditors on how to provide assurance over the key risks involved in implementing robotic process automation (RPA).
Features and articles
Chartered Institute of Internal Auditors demands a clear schedule for government’s plans to move forward with audit reform as MPs table fresh parliamentary questions on the issue.
Cybersecurity tops annual business risk survey, reflecting the rapidly weaponised cyber attack landscape, as geopolitical uncertainty rises.
Ololade Adesanya of EY explains the range of policy initiatives that could be effective for driving and supporting diversity and inclusion in financial services.
During the worst of the pandemic, Eurobank’s internal audit team took the opportunity to develop its data literacy as pressures to perform increased.
Company directors need to treat climate change risk as a key risk to their business, and do so as a matter of urgency, a joint report from the Chartered Institute of Internal Auditors and British Standards Institution shows.
It stands to reason that if technology has changed the way in which businesses are run, it has also shifted the way in which the Internal Audit function is performed.
23 February 2021: The Buildings Research Establishment has been a trailblazer in its field for a century. Much of the language it uses to describe what it does today is very familiar to chartered accountants.
David Jardine, senior vice president, Internal Audit at bp plc, explains why Chief Executive Officers and Chief Financial Officers need to engage with the Chartered Institute of Internal Auditors’ Code of Practice and why it’s not just for internal audit teams.
Webinars and recordings
This webinar explores what TCFD means to organisations and how internal auditors must develop their skills to help their organisations adapt.
Amanda Bradley, GSK’s director of risk and strategy, audit and assurance, discusses the importance of finding the right balance of open-mindedness and scepticism when conducting internal audits.
In this first of two articles, which considers questions that a board director might ask of their organisation’s compliance and internal audit functions, Mark Stock starts with a reminder of the three lines of defence (3LD) model.
In the second part of this series, Mark Stock now considers some questions that boards and audit committees might ask about their internal audit and compliance functions.
Deloitte's 2024 review of internal audit's role in ensuring effective corporate governance.
Grant Thornton's 2015 exploration of how three major aspects of governance – the role of culture, board composition and strategic planning – are affecting businesses around the world.
Assessing the corporate culture of your own organisation is not easy, but done well it can be a valuable exercise. Christos Skapoullis, head of internal audit at the Bank of Piraeus, outlines the potential pitfalls and how to avoid them.
PwC’s Mark Stock looks at the important role that internal audit can play in helping businesses to prepare for the unexpected.
PwC’s Mark Stock highlights how internal auditors are in a unique position to review how effectively an organisation can respond to change.
2014 Deloitte paper considering how Internal Audit can provide independent assurance over the design and effectiveness of a risk appetite framework.
Sectors — financial services
Deloitte's annual review of the information technology hot topics for Internal Audit functions in financial services.
Deloitte's summary of the planning priorities facing Internal Audit departments in 2018.
Deloitte's survey of internal audit analytics maturity in financial services, aiming to better understand the different approaches to building analytics capability and some of the key lessons learnt.
Sectors — retail
2015 Deloitte paper that explores the key considerations for internal auditors when approaching conduct risk .
Practical information and guidance on internal audit for board members and corporate governance professionals.
Assurance engagements can be typically broken up into nine stages. Not all stages will be clearly separated and identifiable in every engagement. Some stages, such as the engagement letter, may not be required during internal assurance, while others, such as the problem-solving phase, may not be necessary in some external engagements.
Information on the variety of assurance options open to organisations - ranging from those exempt from mandatory audit requirements to those seeking assurance on non-financial business information.
A comprehensive list of standards and guidance covering external assurance engagements. Find out which standards apply for engagements by subject area, as well as information on individual standards and the practical application of guidance to assurance engagements.
Examples of assurance engagements that demonstrate developments in the sector, including work to support EDF's communications about low-carbon tariffs and Indian steel producer Jindal Stainless Limited's reporting on its human rights activities.
Definitions of the key words, acronyms and concepts used in relation to assurance engagements, compiled by ICAEW members working in the assurance sector.
Develop skills to identify risk, technical competence and professional scepticism.