Internal Audit and Internal Control

Background
Internal audit represents one of the cornerstones in an organization structure and framework for governance, risk, and compliance, and is often referred to as “the third line” (former “third line of defense”).

Internal audit is by definition an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, internal control, and governance processes.

A well-designed and professional internal audit function is a tool for the Board of Directors to get an independent view on the effectiveness of risk management, internal control, and governance processes and provides trust to owners, management, the society, and other stakeholders. A robust framework (International Professional Practices Framework, IPPF) has been established to ensure qualitative and professional working procedures.

How we can help
Internal audit is one of Transcendent Group’s core services and we have extensive experience in serving clients within a wide range of sectors, including government agencies, financial services, health care, automotive, manufacturing, media and entertainment, energy, and retail. Our team includes certified internal auditors, consultants with experience from internal audit departments including roles as CAE as well as subject matter experts within compliance, cyber security, and other GRC-areas.

Internal audit can provide real value to an organization. Audits provide assurance that business operations and IT related services are delivered efficiently, effectively, securely and in compliance with regulations, to support business goals with acceptable risk levels. Our experienced consultants and subject matter experts are trained in the International Professional Practices Framework (IPPF) for internal auditors. They can provide personal and effective/efficient internal audit services that give you clear advice on business improvements and deeper insights.

Services provided
We offer a wide range of services in the audit area:

• Outsourced internal audit function: You can outsource your Internal Audit Function to us which includes creating a risk-based audit plan, performing the audits, doing follow-up and reporting to management and the board.
• Co-sourcing: We can be your co-sourcing partner in one or more audits, where we offer you experienced consultants and subject matter experts in several areas.
• Interim solutions: We can also provide you with different interim solutions to fill temporary resourcing challenges such as interim Chief Audit Executive (CAE) and interim internal auditor. We have several consultants with CAE experience and all our internal audit consultants have extensive experience in the field.
• External Quality Assessment (QAR): Our certified and experienced consultants can support your internal audit function to evaluate capacity, methodology and compliance with IPPF/IIA Standards and stakeholder expectations.
• Assurance mapping: We can support you in evaluating the overall efficiency and effectiveness of the GRC-organization including coordinating control functions and “lines.”
• Risk assessment: Support in performing the risk assessment as part of establishing a value-added, risk based internal audit plan for your organization.
• Data driven assurance: Data analytics is an efficient method within audits, risk assessments and evaluations, to provide assurance on high volumes of transactions. We can offer several standardized analyses as well as customized data/transaction analyses.
• Third party assurance reports (ISAE 3000 report, ISAE 3402 report, SOC report, Type 1, and type 2)
• Training: We also offer training in internal audit methodology, fraud etc.

Track record
Interim CAE
A company in the financial sector needed to fill the Chief Audit Executive (CAE) position temporarily, with short notice. We were able to immediately fill the position with an experienced consultant with previous experience of leading internal audit functions. Due to high turnover in the audit department, we also performed some of the planned audits with our staff to keep up with the audit plan. Since none of the old staff was left when the new CAE arrived, we also ensured a smooth introduction and transition.

Outsourced internal audit function
A company within the energy industry saw both financial and qualitative benefits from outsourcing the internal audit function. Our proposal with very experienced internal audit / IT audit consultants who could team up with several subject matter experts within relevant areas such as compliance, privacy and cyber security was considered a perfect match for their need. Our pragmatic approach and a proposed audit plan with a balance of risk-based audits and compliance-oriented audits, were in line with the organization’s ambition level.