The Institute of Internal Auditors (IIA) defines as:

‘An independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation achieve its objectives by bringing a systematic, disciplined approach to evaluate and approve the effectiveness of risk management, control, and governance processes’

As the scale and complexity of the regulatory demands on organisations increase, together with the growing need of accountability and transparency, the role of Internal Audit is becoming increasingly important.

Our team of professionals consists of experts in best practice internal audit methodologies with deep expertise in supporting clients in both the private and public sectors. Our team can provide:

• Outsourced or co-sourced internal audit services;
• Quality and performance review of internal audit functions; and
• Internal audit secondments.

Download PDF

The Service You Deserve

• Provide assistance in developing the Internal Audit charter and the Audit Committee charter.
• Provide assistance in developing the strategic internal audit plan derived from a risk-based approach which
  considers strategic, operational, reputational, financial and IT aspects of your organisation. This can be
  achieved by way of questionnaire, interview or risk workshop and will be delivered with your extensive input.
• Perform each internal audit based on the following approach:
  • On site planning meeting
  • Agree and document the audit scope in advance of fieldwork
  • On site closing meeting to discuss draft findings
  • Issue a draft report for review
  • Obtain management responses for inclusion in the draft report
  • Present the draft report to the Audit Committee
  • Issue the final report to the Audit Committee and senior management
• Conduct follow up internal audits as agreed with the Audit Committee.
• Track internal audit findings and recommendations in an issue tracking document

Corporate governance is the system by which an organisation is directed and controlled. The cornerstones of good corporate governance are ethical behaviour, accountability, transparency and openness. Senior executives need to ensure that they are confident that the organisation’s corporate governance framework is robust and underpinned by these values.

A robust system of governance is vital for all organisations to enable them to operate effectively and ensure senior management discharge their responsibilities in an open and transparent manner. This is evidenced by recent high profile corporate failures.

The requirement for good Corporate Governance is mandatory within the public sector, in accordance with the Code of Practice for the Governance of State Bodies and the Mullarkey Report. Similarly, in the private sector, there has been an increasing emphasis on the need for robust corporate governance structures. The Higgs Report (2003) undertook a review of the effectiveness of non-executive directors and the Smith Report (2003) addressed the role of Internal Audit. Both were later incorporated into a revised Combined Code.

Our team provides a service undertaken by our professionals who have a wealth of experience of governance structures. We can assess your organisations governance processes, compare them to best practice and ensure they meet the needs of your organistation.

Download PDF

The Service You Deserve

• Provide guidance to help you understand your corporate governance responsibilities.
• Provide guidance on ensuring governance systems and structures match and compliment your organisation.
• Benchmark your organisation’s corporate governance structure to best practice so that improvements can be recommended and made.
• Review the terms of reference of the Board and Sub Committees to ensure they are adequate and cover the respective roles and responsibilities.
• Provide assurance to your Board, Audit Committee and Senior Management on overall compliance with the principles of sound governance.
• Provide prompt notification of developments within the regulatory framework which could potentially affect your organisation.
• Provide guidance in relation to the Code of Practice for the Governance of State Bodies and the Combined Code.

An effective risk management framework provides executive management and the Board with assurance that opportunities and threats are appropriately identified and managed.

A risk is an event that may prevent you from achieving your objectives. As risks are managed, they may become less of a threat, while other risks may become more important depending on the level of control or changing circumstances.

Effective risk management has always been key to the successful management of an organisation and in recent times has become a higher priority for many organisations. We can help ensure you identify and control your risks so that you can fully focus on realising your organisation’s goals.

Our team of experienced professional will have a high level of interaction and consultation with you. We believe that this approach helps embed a risk management framework throughout organisations. We will provide a simple and practical approach to identifying, monitoring and managing key risks.

Download PDF

The Service You Deserve

• Provide assistance with the development of a risk management framework in consultation with senior
  management.
• Provide assistance with the identification of key risks, covering financial, strategic, operational, reputational and IT aspects of your organisation.
• Provide assistance with measuring and prioritising key risks based on their impact and likelihood using a predetermined voting scale appropriate to your organisation. The result will give a score that indicates the relative importance of the risk and an associated priority ranking.
• Provide assistance in identifying key controls in place to mitigate risks and consider if these controls are designed and operating effectively. By considering these controls a residual risk is determined, which indicates the remaining threat posed to the organisation.
• Provide assistance with the compilation of an organisational risk register.
• Provide assistance in monitoring and reporting on the risk management process on an ongoing basis.

Information is seen as a key enabler for businesses and is often regarded as an important asset. Technology is a key enabler for the management of this asset both within the organisation and also when interacting with customers, suppliers and business stakeholders. However, whilst technology can facilitate sharing of information, inherent risks as well as regulatory requirements relating to the confidentiality, integrity and availability exist.

The pace of change in the technology world means that we are now seeing more complex, integrated and even intelligent systems. Whilst these systems can enhance the efficiency of an organisation’s operations and provide a competitive advantage, weak underlying business or technology processes or indeed the human element can pose significant risks and challenges.

Our IT Audit approach is grounded in understanding your IT environment and its underlying business processes and their alignment to the organisation’s objectives. This allows us to identify the key risks and recommend practical solutions to ensure that they are effectively managed.

Our team includes a wealth of expertise in the IT governance, risk and control arena and includes professionals with exposure to leading organisations and their IT environments. Our IT Audit services include:

• IT governance and risk management
• General IT controls
• Application controls
• Identity and access management
• Data protection
• Business continuity management

Download PDF

The Service You Deserve

• Engagements led by our partners who have deep IT governance, risk and control experience in both the public and private sectors.
• Take the time to understand your business, systems and underlying processes to assist with identifying the key technology-related risks, their likelihood and potential impact on the business.
• Professionals who have experience with leading organisations and understand both the systems and business processes. This provides a holistic view of the interaction between IT and non-IT risks.
• Work with you to develop practical solutions to address the risks identified which take account of the scale and complexity of your business and underlying systems and also the financial and operational cost associated with implementing improvements.
• Provide advice throughout the systems life cycle from planning to decommissioning to ensure that appropriate controls are in place to safeguard the organisation’s information.
• Utilise leading edge tools and technology to analyse your systems and benchmark your security controls against your industry and/or leading practice.
• Provide you with up to date developments on IT governance, leading practice, regulatory compliance, emerging technologies and underlying issues.