PwC Internal Auditing Assurance & Advisory Services

Embracing innovation to enhance your internal audit capabilities, see risk differently and deliver confidence and insights

Transform your internal audit function with the new IIA Global Internal Audit Standards™

The Institute of Internal Auditors (IIA) released the new Global Internal Audit Standards on January 9, 2024. These standards will come into effect in January 2025 and are a transformative opportunity for internal audit (IA) functions to better engage their stakeholders, make their capabilities fit for the future and increase the value they create for their business.

Many companies are developing implementation plans to comply with the new standards, which have implications for parts of the organization beyond IA. This means that proper preparation requires collaboration between the board and individual departments. But these standards also create new opportunities for the IA function to reframe, reinvent and reposition themselves for success.

Reach out to learn how we can help you transform your IA function to drive new value.

Learn more Meet our community of solvers


ESG for Internal Audit: Maturity Assessment image

A pioneer in internal auditing assurance & advisory services


As the world enters a risk landscape that’s more complex and connected than ever before, it’s time for Internal Audit (IA) to shine.

IA is at the heart of trust. It gives companies and their stakeholders confidence in their people, processes, systems and data, allowing them to see risk differently, move faster and make better decisions.

Internal Audit uniquely combines a risk mindset, objectivity and organizational reach. At PwC Canada, we believe IA can act as their organization’s lighthouse—helping it navigate risk and see around corners. With the right vision, approach and technology, Internal Audit can protect value and cast light on new opportunities for value creation.

Internal Audit is the last line of defence, but increasingly the first one called to help.


Please accept all cookies to view the video.

Our  internal auditing experience working with world-leading organizations has demonstrated that solving important problems can’t be undertaken alone. When we combine our capabilities, we multiply our value.

Modern Internal Audit needs to combine skills and capabilities across different areas to address the many risks that companies face.

At PwC Canada, we combine core Internal Audit capabilities with other expertise to cover the full risk spectrum, including working with specialists in areas such as cybersecurity, ESG, regulation and compliance, culture and behaviours, forensics and tax. We also add industry experts and the latest digital tools to ensure Internal Audit is focused on the right areas and delivered efficiently.

This allows IA to achieve a multiplier effect—adding up to better risk coverage, greater efficiency and more valuable insights.

The virtual world is not the real world. Unlocking the true value of Internal Audit requires more than technology. It takes our human superpowers, too.

At PwC Canada, we’ve already built advanced technology into our Internal Audit services. But we know that to make it meaningful to you, we need to combine it with specialists who understand your business, culture, values, strategy and people. In today’s hyper-connected world, organizations cannot afford to have any missing links.

Our internal auditing teams can use or deploy technology to enhance your IA risk assessment, testing and analysis, investigation, and dashboarding and reporting, as well as the end-to-end audit lifecycle. This includes technology for:

  • robotic process automation (RPA)
  • data analytics and visualization
  • artificial intelligence (AI)
  • enterprise resource planning (ERP) and governance, risk and compliance (GRC)
  • continuous monitoring
  • Internal Audit management

PwC Canada internal audit helps you solve your real-world issues and is more than the sum of its parts. This is IA evolved.

Want to do internal auditing differently?

PwC helps companies around the world set up, plan, enhance and deliver leading Internal Audit capabilities. What would you like to do?

I want to...

Set up or transform internal audit

Plan, develop and structure IA to fit your organization—and make IA fit for the future:

  • IInternal Audit function set-up
  • Internal Audit charter, strategy and vision
  • Policy and plan development
  • Restructuring IA (e.g. due to an IPO or merger)
  • Organization-wide alignment and integrated assurance across the first, second and third line

PwC Canada perspective: A bold Internal Audit vision that’s aligned to other governance functions helps position IA as a pioneer, reduces duplication, increases collaboration and ultimately strengthens the risk shield around your organization.

Deliver the internal audit plan

Combine modern internal auditing methods, technology, industry knowledge and subject matter expertise to deliver effective IA, anywhere in the world

  • Internal Audit co-sourcing and outsourcing, including:
    • Risk assessment (including use of digital risk tools)
    • Planning, scoping and work program design
    • Audit execution (including tech-enabled and data-led audits)
    • Global project management, coordination and communication (multi-language)
    • Reporting and stakeholder engagement, including visualization tools
    • Internal Audit management (including taking the chief audit executive or head of IA role)
  • Full IA managed services—scalable, efficient and effective end-to-end service using PwC's technology and IA teams, and delivery centres across the world
  • Organization-wide internal controls programmes, such as Sarbanes–Oxley Act (SOX) or equivalent
  • Specialist audits, such as cyber, ESG, M&A, HR and culture, media and strategy audits
  • Third-party audits, such as vendor compliance and due diligence audits
  • Forensic audits and investigations, including responses to fraud and compliance breaches

PwC Canada perspective: Many Internal Audit functions are considering how they tackle strategic risks in an organization, such as corporate strategy and decision-making, transformation, M&A and cost management. This requires Internal Audit to have a clear and conscious plan of how to achieve the right balance in the audit program to make sure more traditional risk areas also receive adequate coverage and are supported by the right tools and talent.

Implement or use technology in internal audit

Deploy, configure and use technology to increase the efficiency and effectiveness of Internal Audit, and extract knowledge and insights from data.

  • Internal Audit technology strategy
  • GRC system selection, implementation and configuration
  • Design and use data analytics, robotic process automation (RPA), continuous auditing and artificial intelligence (AI)
  • Alignment and integration with other technology across the organization, including risk, compliance, and enterprise resource planning (ERP) tools and data
  • Digital training and upskilling

PwC Canada perspective: The technologies used for Internal Audit, risk, compliance and business operations are converging. This means Internal Audit has the opportunity to help digitize governance and assurance across the organization and benefit from better risk data and automation. A clear Internal Audit technology strategy and good communication with the first and second lines is needed to avoid making siloed investments and making sure the whole organization can benefit.

Develop my people in internal audit

Build confidence and develop new skills to unleash the potential of your people and equip them for success.

  • Internal Audit talent strategy and framework implementation
  • Design and delivery of in-person and on-line training for:
    • Internal Audit and other assurance teams, including those running controls programs
    • Business teams, including risk and control owners
    • Executive and other management, including upskilling on corporate governance topics
  • Subject matter specialist support on audits where knowledge transfer is important
  • Coaching and mentoring, including IA leadership, audit committee members and other managers

PwC Canada perspective: Technology is critical to modern Internal Audit. But the human journey is equally important to becoming a pioneer and trusted advisor. This means having people who can turn data into insights, risk into opportunity, and ideas into action. This requires a holistic and strategic approach to getting the right mix of technical and human skills, such as communication, project management and negotiation.

Assess the maturity and quality of internal audit

Evolve your capabilities to seize the potential of next-generation IA and meet the expectations of your stakeholders.

  • External quality assessments (EQAs)
  • Benchmarking and health-checks on Internal Audit maturity and performance
  • Development and review of your Internal Audit quality management framework and quality processes
  • Internal Audit key performance indicators (KPIs), including alignment to corporate strategy
  • Optimizing IA and stakeholder reporting

PwC Canada perspective: Like any ecosystem, your governance program benefits from renewal and evolution. there’s an opportunity to rethink which KPIs drive Internal Audit excellence and make sure these are aligned with corporate strategies and priorities, and properly reflect what stakeholders value. This includes getting the right balance between quantitative, qualitative and both inward- and outward-looking KPIs.

Address a particular business problem or risk

Use Internal Audit to understand or quantify problems, provide advice on improvement and remediation, and offer perspectives on blindspots and emerging risks.

Examples of areas where Internal Audit can add value:

  • Operational issues, including root-cause analysis and optimization
  • Corporate transactions, such as due diligence and post-merger integration
  • Regulatory breaches, including root-cause analysis and remedial monitoring to satisfy regulators
  • Organizational transformations, including large system conversions and in-flight project assurance
  • Governance processes and board effectiveness, such as management decision-making and delegation of authority (DoA) processes
  • Local country laws, regulations and risks; for example, as part of a market entry strategy
  • Culture and behaviours; for example, to address workstyle reform or organizational transformation risks

PwC Canada perspective: Organizations always benefit from an objective viewpoint. Internal Audit is well-placed to provide this perspective. This does not always require a traditional audit, and can be more effective than a risk position paper, executive update or simple discussion.

Follow us

Contact us

Carlie Persson

Carlie Persson

Partner, National Risk and Governance Services Leader, PwC Canada

Tel: +1 780 441 6880