This apprenticeship is in the process of being revised or adjusted. In the meantime, the version below remains approved for delivery. Further details of this and other apprenticeships being revised or adjusted are available in the revisions and adjustments status report. 

Overview of the role

Providing independent, objective assurance and consulting activity to add value and improve an organisation's operations.

Internal audit professional

Reference Number: ST0610

Details of standard

Occupational Profile:

The role of Internal Audit (IA) departments is to provide an independent, objective assurance and consulting activity to add value and improve an organisation's operations. IA helps an organisation accomplish its objectives by bringing a disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. Internal Audit has an enterprise-wide mandate, assessing the adequacy and effectiveness of all areas of an organisation. IA is the last line of defense in an organisation and must remain impartial and independent in how it works alongside the organisation.

IAProfs are recognised as experts in risk management, internal audit, governance and control. IAProfs are highly competent professional internal auditors, capable of making a significant contribution to the success and strategic direction of an organisation through being an independent voice to leadership. The IAProf will act autonomously, providing challenging and sometimes provocative insights into risks and internal controls. They act in an independent and objective position at all times, representing the interests of the organisation’s stakeholders and must maintain the highest standards of professional conduct and competency; upholding ethical behaviour and integrity at all times. The IAProf is typically part of an audit team, potentially managing other IAProfs or Internal Audit Practitioners (IAPracs). The IAProf typically reports to the Internal Audit Manager or Head of IA.

The IAProf’s typical responsibilities include:

Managing audit engagements, including: (i)planning engagements, supervising and checking the quality of engagements, communicating results to senior stakeholders, discussing and agreeing remedial actions, and monitoring engagement outcomes; (ii)Critically evaluating the inherent risk and control implications of different business processes; understanding the key risks that may jeopardise the organisation’s strategy and objectives, and developing and delivering a risk-based audit programme to help the organisation succeed; (iii)developing stakeholder relationships and acting as an independent assurer, demonstrating a commercial awareness and critically evaluating the external macro environment to identify the short and long term impact of this on the organisation in order to provide a view of the internal risk and control landscape; (iv)using this information to influence senior stakeholders and shape the Audit Plan; (v)lead and manage projects and investigations as required by senior stakeholders, which adds value and informs change to the internal audit function and wider organisation

IA roles will be found in the public, private and voluntary sectors, where the IA function is acknowledged as a cornerstone of good corporate governance essential to the success of an organisation, as recognised by the UK Corporate Governance Code (or other sector-relevant codes of practice). The profession is overseen by the Chartered Institute of Internal Auditors (Chartered IIA), which sets out guidance and standards on how the profession should manage itself and deliver internal audit services for organisations.  


Knowledge IAProfs, on completion of the Apprenticeship Standard, will:
Commercial Awareness IAProfs understands how to critically evaluate/interpret the internal and wider external (Political, Environmental, Social, Technology, Legal Economic (P.E.S.T.L.E.) environment of the organisation being audited, including the impact of key legislation and regulation on business. IAProfs evaluate ways IA can contribute to success of the organisation and understand key risks to achievement of organisation’s objectives. IAProfs have a solid appreciation of their organisation’s strategy and success measures. IAProfs benchmark the organisation against competitors, and understand IA good practice, current devleopments and emerging risks.
Corporate Governance and Risk Management IAProfs understand characteristics of good corporate governance and risk management, the strategic role of IA, including the Audit Committee, within the corporate governance framework and critically evaluate the contribution they each make to organisational effectiveness and assurance. IAProfs aware of strategic risks facing the organisation and will consider strategic and operational risks when creating the annual IA plan.
Organisational Strategy, Structures and Business Processes In respect of the organisation’s approach to audit planning and reporting, IAProfs understand risk and control implications of different organisational structures, business processes and IT systems.  
Risk and Control / Audit Methodology IAProfs know the types of controls to manage these risks, management control techniques, and internal control framework characteristics characteristics (e.g. Committee Organisations Sponsoring Treadway Commission (COSO), International Standards Organisation (ISO), Control Objectives for Information & Related Technologies (COBIT)) used within organisations & industry. IAProfs demonstrate deep understanding of IA methodologies relevant to their organisation/industry, relevant standards in all stages of an IA assignment.
Management / Leadership Principles IAProfs understand management skills/leadership styles, conflict management, project management & change management. IAProfs understand how to lead audit assignments.

IAProfs, on completion of the Apprenticeship Standard, will:

Building Relationships

IAProfs build long-term relationships based on trust and respect, both within IA and with management across the organisation, other assurance providers to inform dynamic changes to IA plan and understand the risk profile of the organisation.

Communication IAProfs communicate clearly and succinctly, both verbally and in writing, turning complex issues into plain language. IAProfs adapt communication to suit situation and audience, promote open communication to gain commitment and action. IAProfs chair meetings effectively to achieve objectives.
Influencing & Collaboration IAProfs wield influence and motivate others through collaboration to remove organisational barriers, manage conflict, reach consensus and achieve results, and will empower others to achieve outcomes.
Analytical and Problem Solving IAProfs determine use of data analytics/data extraction software, communicate requirements to others. IAProfs gather necessary facts/evidence to make decisions. Critcally analyse and evaluate information quickly, drawing accurate conclusions, assessing problems from multiple angles, using benchmark data to inform. Apply business intelligence/problem solving techniques, focus on themes/trends; use this information to make informed decisions and judgements.
Business Acumen IAProfs interpret/articulate key risks impacting organisation/wider industry; apply understanding of this wider context to drive audit plan.
Risk and Control / Audit Methodology IAProfs understand different types of control; management control techniques; internal control framework characteristics (e.g. COSO, ISO, COBIT, etc.) used in organisation/industry. Apply different types of IA methodologies and standards through all stages of an IA assignment.

Delivery Management

IAProfs lead/manage audit assignments allocating resources/delegating work; applying management skills/leadership styles, conflict management, project management & change management skills to deliver quality work within budget and timeline.  IAProfs deliver a level of oversight/supervision to manage others, delivering assurance to conform to the IIA standards. IAProfs are fundamental in developing and applying quality assurance and improvement programme and continuous improvement. IAProfs support delivery of IA observations, implementation of follow-up programmes and reporting for IA management to deliver at the audit committee.
Managing Others IAProfs act as role models; motivate others to deliver results, create environment to encourage creative thinking & manage through others to deliver results. IAProfs develop potential of others supporting their career aspirations through feedback/ coaching, supporting well-being of others.
Systems and IT Skills IAProfs effectively use business systems/software to deliver IA outcomes e.g. sending emails, using word processing and spreadsheet software, work papers etc. to get the most out of their role.
Behaviours IAProfs, on completion of the apprenticeship standard, will:
Ethics and Integrity IAProfs act with integrity and within the ethical code of conduct of organisation/auditee, acting as a role model; they will demonstrate organisational values in how they work¸ confidentiality, and independence and objectivity
Adds Value/Continuous Improvement IAProfs apply their knowledge of the organisation and wider context to identify improvements/opportunities to meet objectives/deliver on promises/live values, enabling the organisation to better serve its customers and grow its business. 
Professional Development IAProfs take responsibility for own/audit team’s professional development by seeking out opportunities to learn and grow, and are mindful of others well-being, encouraging resilience
Proactive and Adaptable IAProfs are proactive; able to think ahead to adapt their approach to manage conflicting priorities as circumstances and priorities change. IAProfs have an open mindset; role model for change.
Professional Scepticism IAProfs demonstrate an attitude that includes a challenging mind and being alert to conditions that may indicate possible misstatement of information due to error or fraud. IAProfs will be able to speak out courageously in their own organisation.


This is a level 7 apprenticeship


The length of this apprenticeship should typically be 36-42 months, depending on prior qualifications and relevant work experience.

Entry Requirements: 

Individual employers will set the selection criteria for their apprenticeship, but the apprentices will as a minimum have 3 GCE A ‘levels or equivalent.
A key element of successfully completing this apprenticeship is to be eligible for attaining Certified Internal Auditor certification. To do this, apprentices must:

  • hold a valid government issued identification.

and fulfil one of the following criteria:

  • Active Internal Auditor designation and two years Internal Audit Experience
  • Hold an Internal Audit Practitioner designation in the last 3 years.
  • Completion of the Internal Audit Practitioner apprenticeship in the last 3 years
  • A bachelor’s degree in any discipline
  • Five years Internal Audit experience


Internal Audit Professionals will be required to attain the following mandatory professional qualifications:

  • Certified Internal Auditor (CIA) Certification
  • Chartered by Learning Module 1: Strategy
  • Chartered by Learning Module 2 Leadership

Apprentices without Level 2 English and Mathematics will need to achieve this level prior to taking their End Point Assessment. For those with an education, health and care plan or a legacy statement the English and
Mathematics minimum requirement is Entry Level 3, and British Sign Language qualifications are an alternative to English qualifications where this is their primary language.

Link to professional registration:

The Chartered Institute of Internal Auditors (CIIA) is the recognised professional body for internal auditing in
the UK and Ireland. The apprentice will apply for membership of the CIIA at the outset of the apprenticeship.
Completion of the IIA Certificate leads to the Internal Auditor Certificate (IACert) designation.


This apprenticeship should be reviewed after three years

Crown copyright © 2024. You may re-use this information (not including logos) free of charge in any format or medium, under the terms of the Open Government Licence. Visit

Status: Approved for delivery
Level: 7
Degree: non-degree qualification
Reference: ST0610
Version: 1.0
Date updated: 08/04/2022
Approved for delivery: 8 August 2018
Route: Legal, finance and accounting
Typical duration to gateway : 36 months (this does not include EPA period)
Maximum funding: £17000
LARS Code: 324
EQA Provider: Ofqual
Employers involved in creating the standard: Barclays, Mazars, Moore Stephens, HSBC, BT, JP Morgan, Citibank, Prudential, BAE Systems, Deutche Bank, Hertfordshire County Council, Ageas, Lloyds Bank, Aviva

Version log

Version Change detail Earliest start date Latest start date Latest end date
1.0 Approved for delivery 08/08/2018 Not set Not set

Is this webpage useful?

Thank you for your feedback

Tell us about your experience