As companies begin the process of complying with the reporting requirements of Sections 302 and 404 of the U.S. Sarbanes-Oxley Act, internal auditors are struggling to come to grips with their role and involvement in these initiatives. These questions include both short-term issues during the implementation phase, as well as longer-term questions on the role and responsibilities of internal audit in the process. Although the Sarbanes-Oxley Act spells out the various roles of management, the audit committee, and the external auditors, it does not specifically address the role of internal auditors. In a post Sarbanes-Oxley world, the internal audit function needs to walk a fine line between providing assurance and consulting to management without impairing its objectivity and independence.
Maximising the value and effectiveness of the internal audit function requires an understanding of an organisation's objectives, risks, risk management priorities, regulatory environment, and the diverse needs of critical stakeholders including executive management, the board, employees, and shareholders. Ultimately, these needs determine the risk profile of the organisation and the strategic focus, organisation, resources and practices required of its internal audit department.
We can assist organisations that need help improving the quality and effectiveness of their internal audit processes in a number of ways. First, by advising and assisting in the development of internal audit and risk management methodologies, including assessing whether the internal audit function is delivering effectively to stakeholders.
Second, by providing internal audit resourcing solutions, including full outsourcing or complementing in-house functions with specialist skills or geographical coverage. Third, by supporting internal audit functions with software to enhance and support their work. In addition, we can develop training for internal auditors using our extensive market and industry knowledge to create highly-tailored solutions.