The Chartered Institute of Internal Auditors has taken a bold step towards revolutionising the internal audit profession in the UK and Ireland by releasing its draft “Internal Audit Code of Practice.”
This proposed guidance aims to harmonise and elevate the standards for internal audit across the financial services, private, and third sectors.
As Richard Chambers highlighted in his recent blog post, the draft Code of Practice introduces several significant changes that go beyond the Global Internal Audit Standards.
In this article, we’ll explore five key ways the proposed guidance is set to transform the internal audit profession in the UK.
- Expanded Scope and Responsibilities
The draft Code of Practice significantly expands the scope of internal audit’s responsibilities, requiring auditors to assess a wide range of areas, including purpose, organisational culture, environmental sustainability, climate change risks, social issues, and more. This broadened scope will push internal auditors to develop a more comprehensive understanding of their organisation’s operations, risks, and challenges, enabling them to provide more valuable insights and recommendations to management and the board.
- Enhanced Transparency and Accountability
Internal audit functions will be required to make their charter publicly available and report annually on their impact and effectiveness in the organisation’s annual report and accounts. This is designed to raise the profile of internal audit among stakeholders and hold the function accountable for delivering measurable value to the organisation. As a result, internal auditors must focus more on showing tangible benefits of their work and continuously improving their performance.
- Stronger Independence and Objectivity
The draft introduces stricter independence requirements, particularly for those in financial services. It emphasises the importance of the chief audit executive’s reporting line to the chair of the board audit committee and sets guidelines for the CAE’s remuneration to avoid conflicts of interest. Even if the internal audit function is outsourced, the organisation must directly employ the CAE. These measures aim to strengthen the independence and objectivity of internal audits, enabling auditors to provide unbiased and credible assurance and advice to their organisations.
- Emphasis on Diversity, Equity, and Inclusion
The proposed guidance strongly emphasises diversity, equity, and inclusion in the composition of internal audit teams. Chief audit executives will be responsible for ensuring that their teams are made up of auditors from diverse backgrounds, in line with the organisation’s policies and relevant legislation. This focus on diversity will promote a more inclusive work environment and bring a broader range of perspectives and experiences to the internal audit function, enhancing its ability to identify and address risks effectively.
- Elevated Expectations and Skill Requirements
With the expanded scope, increased transparency, and more robust independence requirements outlined in the draft Code of Practice, internal auditors in the UK will face elevated expectations and skill requirements. They will need to develop a broader understanding of their organisation’s operations, risks, and stakeholder expectations and possess strong analytical, communication, and strategic thinking skills. This shift will likely drive demand for continuous professional development and training programs to help internal auditors acquire the necessary knowledge and competencies to meet these heightened expectations.
