Internal Audit Advisory Services

Quality Assurance Reviews (QAR+):

QAR+ is designed to help the internal audit function as well as the management meet the defined expectations. The reviews are designed to help internal audit function benchmark their procedures and work practices against similar functions across the industry as well as against professional standards issued by Institute of Internal Auditors, Florida.

Such reviews often start with establishing a clear vision for internal audit. Then, the ability of the department to fulfill the vision is evaluated, including the need to amend internal audit strategies, staff resources, technology and working practices. Adoption of “Best Practices” and continuous improvement aspects are also included in the review. PwC uses its proprietary tool, Profiler, to benchmark existing IA practices against demonstrated best practices of high performing internal audit functions.

Quality Assurance Reviews are designed to identify service delivery and expectation gaps based on surveys/interviews of the management, internal auditors and the audit committee. Practical suggestions are then provided based on PwC’s experience, which can help internal audit bridge the identified gaps.


Risk Assessment and Methodology Development:

Internal audit departments of large organisations face a unique economic problem: limited audit resources and a disproportionately large audit area, location or functions. Failure to select the right area can result in unexploited opportunities. The internal audit function therefore has to focus on what needs to be audited and how frequently.
Also, changes in governments, legislation, information technology, customer preferences, competitors’ initiatives, financial markets, etc. all contribute to ever changing business environment. Such situations demand a mechanism which will proactively assess risks and then design controls to mitigate those. Risk management through an all round strategy and to use it to an organisation’s benefit is one of the new initiatives in the field of internal auditing.

PwC’s risk management practitioners help management define the objectives and the “end state” vision, assess the risk profile and practices, formulate a risk management framework based on best practices including the tools, methods and policies. They also help provide risk inventory to be managed along with its gradation (high, medium or low) and develop a framework for continuous monitoring.


Standard Operating Procedures (Internal Audit, Accounting/Controls manual, etc.):

PwC can help in documenting policies and procedures and key controls in a process that facilitate day to day operations and decision making. The prime objective includes strengthening of monitoring mechanisms for greater accountability within the organization.


Control Self Assessment (CSA):

CSA is a process that allows an organization to step back and evaluate the strengths and weaknesses in its control environment, assess risks and evaluate the adequacy of controls in key business processes. Often, internal audit or the corporate control function acts as the champion.
The process, by definition, does not have any independence, but can be an efficient means to identify weak control areas. Although control self assessment is not a substitute for internal audit activity but it can act as an instrument to increase efficiency and effectiveness of the internal audit function.
Today CSA has evolved as a management technique and tool in response to business needs for strengthening controls and applying total quality principles to aspects of Corporate Governance.


Training - IA skills, Risk Assessment, CAAT tools, soft skills:

PwC can help client's internal audit departments fulfill their training needs by preparing and delivering training programmes for the department. The development and delivery of these programmes is carried out by trained internal audit professionals.