Providing independent, objective assurance and consulting activity to add value and improve an organisation's operations
The role of Internal Audit (IA) departments is to provide an independent, objective assurance and consulting activity to add value and improve an organisation's operations. IA helps an organisation accomplish its objectives by bringing a disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. Internal Audit has an enterprise-wide mandate, assessing the adequacy and effectiveness of all areas of an organisation. IA is the last line of defense in an organisation and must remain impartial and independent in how it works alongside the organisation.
IAProfs are recognised as experts in risk management, internal audit, governance and control. IAProfs are highly competent professional internal auditors, capable of making a significant contribution to the success and strategic direction of an organisation through being an independent voice to leadership. The IAProf will act autonomously, providing challenging and sometimes provocative insights into risks and internal controls. They act in an independent and objective position at all times, representing the interests of the organisation’s stakeholders and must maintain the highest standards of professional conduct and competency; upholding ethical behaviour and integrity at all times. The IAProf is typically part of an audit team, potentially managing other IAProfs or Internal Audit Practitioners (IAPracs). The IAProf typically reports to the Internal Audit Manager or Head of IA.
The IAProf’s typical responsibilities include:
Managing audit engagements, including: (i)planning engagements, supervising and checking the quality of engagements, communicating results to senior stakeholders, discussing and agreeing remedial actions, and monitoring engagement outcomes; (ii)Critically evaluating the inherent risk and control implications of different business processes; understanding the key risks that may jeopardise the organisation’s strategy and objectives, and developing and delivering a risk-based audit programme to help the organisation succeed; (iii)developing stakeholder relationships and acting as an independent assurer, demonstrating a commercial awareness and critically evaluating the external macro environment to identify the short and long term impact of this on the organisation in order to provide a view of the internal risk and control landscape; (iv)using this information to influence senior stakeholders and shape the Audit Plan; (v)lead and manage projects and investigations as required by senior stakeholders, which adds value and informs change to the internal audit function and wider organisation
IA roles will be found in the public, private and voluntary sectors, where the IA function is acknowledged as a cornerstone of good corporate governance essential to the success of an organisation, as recognised by the UK Corporate Governance Code (or other sector-relevant codes of practice). The profession is overseen by the Chartered Institute of Internal Auditors (Chartered IIA), which sets out guidance and standards on how the profession should manage itself and deliver internal audit services for organisations.
|Knowledge||IAProfs, on completion of the Apprenticeship Standard, will:|
|Commercial Awareness||IAProfs understands how to critically evaluate/interpret the internal and wider external (Political, Environmental, Social, Technology, Legal Economic (P.E.S.T.L.E.) environment of the organisation being audited, including the impact of key legislation and regulation on business. IAProfs evaluate ways IA can contribute to success of the organisation and understand key risks to achievement of organisation’s objectives. IAProfs have a solid appreciation of their organisation’s strategy and success measures. IAProfs benchmark the organisation against competitors, and understand IA good practice, current devleopments and emerging risks.|
|Corporate Governance and Risk Management||IAProfs understand characteristics of good corporate governance and risk management, the strategic role of IA, including the Audit Committee, within the corporate governance framework and critically evaluate the contribution they each make to organisational effectiveness and assurance. IAProfs aware of strategic risks facing the organisation and will consider strategic and operational risks when creating the annual IA plan.|
|Organisational Strategy, Structures and Business Processes||In respect of the organisation’s approach to audit planning and reporting, IAProfs understand risk and control implications of different organisational structures, business processes and IT systems.|
|Risk and Control / Audit Methodology||IAProfs know the types of controls to manage these risks, management control techniques, and internal control framework characteristics characteristics (e.g. Committee Organisations Sponsoring Treadway Commission (COSO), International Standards Organisation (ISO), Control Objectives for Information & Related Technologies (COBIT)) used within organisations & industry. IAProfs demonstrate deep understanding of IA methodologies relevant to their organisation/industry, relevant standards in all stages of an IA assignment.|
|Management / Leadership Principles||IAProfs understand management skills/leadership styles, conflict management, project management & change management. IAProfs understand how to lead audit assignments.|
IAProfs, on completion of the Apprenticeship Standard, will:
IAProfs build long-term relationships based on trust and respect, both within IA and with management across the organisation, other assurance providers to inform dynamic changes to IA plan and understand the risk profile of the organisation.
|Communication||IAProfs communicate clearly and succinctly, both verbally and in writing, turning complex issues into plain language. IAProfs adapt communication to suit situation and audience, promote open communication to gain commitment and action. IAProfs chair meetings effectively to achieve objectives.|
|Influencing & Collaboration||IAProfs wield influence and motivate others through collaboration to remove organisational barriers, manage conflict, reach consensus and achieve results, and will empower others to achieve outcomes.|
|Analytical and Problem Solving||IAProfs determine use of data analytics/data extraction software, communicate requirements to others. IAProfs gather necessary facts/evidence to make decisions. Critcally analyse and evaluate information quickly, drawing accurate conclusions, assessing problems from multiple angles, using benchmark data to inform. Apply business intelligence/problem solving techniques, focus on themes/trends; use this information to make informed decisions and judgements.|
|Business Acumen||IAProfs interpret/articulate key risks impacting organisation/wider industry; apply understanding of this wider context to drive audit plan.|
|Risk and Control / Audit Methodology||IAProfs understand different types of control; management control techniques; internal control framework characteristics (e.g. COSO, ISO, COBIT, etc.) used in organisation/industry. Apply different types of IA methodologies and standards through all stages of an IA assignment.|
|IAProfs lead/manage audit assignments allocating resources/delegating work; applying management skills/leadership styles, conflict management, project management & change management skills to deliver quality work within budget and timeline. IAProfs deliver a level of oversight/supervision to manage others, delivering assurance to conform to the IIA standards. IAProfs are fundamental in developing and applying quality assurance and improvement programme and continuous improvement. IAProfs support delivery of IA observations, implementation of follow-up programmes and reporting for IA management to deliver at the audit committee.|
|Managing Others||IAProfs act as role models; motivate others to deliver results, create environment to encourage creative thinking & manage through others to deliver results. IAProfs develop potential of others supporting their career aspirations through feedback/ coaching, supporting well-being of others.|
|Systems and IT Skills||IAProfs effectively use business systems/software to deliver IA outcomes e.g. sending emails, using word processing and spreadsheet software, work papers etc. to get the most out of their role.|
|Behaviours||IAProfs, on completion of the apprenticeship standard, will:|
|Ethics and Integrity||IAProfs act with integrity and within the ethical code of conduct of organisation/auditee, acting as a role model; they will demonstrate organisational values in how they work¸ confidentiality, and independence and objectivity|
|Adds Value/Continuous Improvement||IAProfs apply their knowledge of the organisation and wider context to identify improvements/opportunities to meet objectives/deliver on promises/live values, enabling the organisation to better serve its customers and grow its business.|
|Professional Development||IAProfs take responsibility for own/audit team’s professional development by seeking out opportunities to learn and grow, and are mindful of others well-being, encouraging resilience|
|Proactive and Adaptable||IAProfs are proactive; able to think ahead to adapt their approach to manage conflicting priorities as circumstances and priorities change. IAProfs have an open mindset; role model for change.|
|Professional Scepticism||IAProfs demonstrate an attitude that includes a challenging mind and being alert to conditions that may indicate possible misstatement of information due to error or fraud. IAProfs will be able to speak out courageously in their own organisation.|
This is a level 7 apprenticeship
The length of this apprenticeship should typically be 36-42 months, depending on prior qualifications and relevant work experience.
Individual employers will set the selection criteria for their apprenticeship, but apprentices will as a minimum be qualified to GCE A Levels or equivalent L3 qualification.
IAProfs will be required to complete the:
Apprentices without Level 2 English and Mathematics will need to achieve this level prior to taking their End-Point assessment. For those with an education, health and care plan or a legacy statement the English and Mathematics minimum requirement is Entry Level 3, and British Sign Language qualifications are an alternative to English qualifications where this is their primary language.
The Chartered IIA is the recognised professional body for internal auditing in the UK and Ireland. The apprentice will apply for membership of the Chartered IIA at the outset of the apprenticeship. On completion of the apprenticeship and the above professional qualifications, the apprentice will be able to apply for CMIIA designation (Chartered Internal Auditor) and gain voting member status at the Chartered IIA.
This apprenticeship should be reviewed after three years
Crown copyright © 2017. You may re-use this information (not including logos) free of charge in any format or medium, under the terms of the Open Government Licence. Visit www.nationalarchives.gov.uk/doc/open-government-licence
|Version||Date updated||Change||Previous version|
|1.1||08/08/2018||Funding band added - standard now approved for delivery||
|1.1||28/06/2018||Assessment plan first published||
|1||27/03/2018||Standard first published||