Internal Audit

Internal auditing is an objective assurance and consulting activity designed to add value and improve an organization's operations. It can help an organization accomplish its strategic objectives by bringing a systematic, disciplined approach to evaluating and improving the effectiveness of risk management, control, and governance processes. Deloitte member firms’ Internal Audit services help boards and senior executives better manage enterprise risks. Deloitte professionals help organizations enhance the effectiveness, quality, and value received from internal audit (IA). Deloitte’s broad understanding of risks and areas of operational improvement — particularly the nuances of specific industry sectors and markets — can help internal audit functions improve their performance and operating efficiency and bring value to their organizations.

Internal audit outsourcing: Deloitte member firm outsourcing engagements are recurring in nature and comprise the performance of all internal audit activities including the annual planning, execution of the annual plan, and reporting to management and the audit committee. Under an outsourcing arrangement, the client may or may not have a chief audit executive (CAE) in place within their organization.

Internal audit outsourcing

Internal audit co-sourcing: Co-sourcing engagements are recurring in nature and comprise the performance of some percentage of the total annual internal audit hours for an organization.


Internal audit co-sourcing

Internal audit expertise/SME sourcing: Subject Matter Expertise sourcing represents specific individual engagements where the client requires Deloitte's specialist skills and expertise to deliver internal audit services. Typically, Deloitte member firm professionals either conduct the entire project on behalf of the client or combine specialist resources with the client team to deliver the internal audit engagement.

Internal audit expertise/SME sourcing

Internal audit effectiveness reviews (QARs): The Institute of Internal Auditors (IIA) International Standards for the Professional Practice of Internal Auditing requires companies to conduct an independent quality assessment of their IA function at least once every five years.

Internal audit effectiveness reviews (QARs)

Internal audit loan staffing: Loaned staffed engagements represent the provision of internal audit resources that are under the sole direction of the member firm client – there is no Deloitte management oversight visible to the member firm client, no review of any working papers or other member firm client deliverables performed.

Internal audit loan staffing

Internal audit transformation: Internal audit transformation engagements represent assignments to assist an internal audit function evolve and transform to become more effective and deliver increased value. Areas of focus may include, but are not limited to, methodology, team matters, use of technology, and internal audit reporting. The buyer of these services may be the chief audit executive, management, or the audit committee of the board of directors.

Internal audit transformation

Internal audit advisory: Internal audit advisory engagements represent assignments to assist organizations with internal audit services not captured by one of the other highlighted solution areas. Services in this area may include, for example, general consultative advice or training.

Internal audit advisory

Internal audit insights: High-impact areas of focus-2017

Many boards and senior executive teams now want internal audit to go beyond “table-stakes” audits. Table-stakes audits allocate too many resources to low-impact areas and too few to high-impact areas of the business. Read more about how your organization can refocus your audits, creating greater value and high-impact.

Download the PDF

Key contact

Michael Bernhardtz

Michael Bernhardtz

Managing Partner | Risk Advisory

Michael is a Deloitte partner within Risk Advisory with more than 20 years of experience in assisting clients with matters related to risk, governance, compliance and internal controls. His primary fo... Mer

Sophie Palmdahl

Sophie Palmdahl

Senior Manager | Risk Advisory | Operational Risk

Sophie is a Senior Manager in Risk Advisory within Deloitte Sweden, where she is the service area lead manager for Operational Risk-services. Sophie has 10 years’ experience providing internal audit, ... Mer

Global contacts

Sarah Adams

Sarah Adams

Managing Dir and Global Leader – IT Internal Audit

Sarah is a Managing Director at Deloitte & Touche LLP and the global leader of Deloitte’s IT Internal Audit practice with over 25 years of audit, technology, operations and IT risk and controls experi... Mer