Quality Assurance Reviews

The revised Standards for the Professional Practice of Internal Auditing, which became mandatory for all Institute of Internal Auditors members in January 2002, require Internal Audit Functions to carry out an external review of their function at least once every five years. This is what we refer to as a Quality Assurance (QA) review. But it can be difficult to know where to go for this review. What is key to a successful review is to guarantee that the review will not only give your Audit Committee the assurance it needs about the effectiveness of the Internal Audit function, but also that it will offer support and advice ensuring that you improve your overall internal audit performance.

Our Approach

We offer a range of different levels of quality assurance review which include, but are not limited to, the following:

• Basic –provides an assessment of where the function is in relation to compliance with the IIA standards.
• Intermediate – a wider ranging review incorporating both competency and IIA standards. This will identify the processes needed to add value to the organisation and thus better meet organisational expectations.
• Full – a complete review identifying all the issues and working with the client to provide suitable solutions. This review may also include a ‘skills audit’..

The choice of level will depend on the perceived needs of the client. As the units share a common basis upgrading from one package to another during the exercise will not cause a problem.

The basic level review will focus on compliance with IIA professional standards. The intermediate and full reviews will, in addition, cover the following areas:

• Objectives and purpose of the internal audit unit
• The audit process
• Relationship management – internal and external to the function
• Performance measurement and quality control
• Training and development of staff
• Assurance/consulting services
• Management of the environmental contexts in which the internal audit unit and the organisation operate

Process

Prior to the review being carried out the client will complete a short questionnaire which will enable the consultant to understand the role and responsibilities of internal audit within the organisation. The questionnaire will cover such issues as:

• Reporting line/charter
• Relationship with chief executive/audit committee/external auditors
• Type of audit work carried out
• Number/qualifications of audit staff
• Customer feedback mechanisms
• Risk management responsibilities/ summary reporting on quality of internal control
  

We are passionate about the contribution that an effective Internal Audit function can make to corporate governance within any organisation.