Internal Audit


Internal Audit

Internal audit has always been one of the cornerstones of corporate governance. The current economic environment, greater public scrutiny and increased globalisation, however, have all increased its profile – focusing the spotlight on quality and new risk-related considerations.

It is clear that Boards are now much more aware of the importance of understanding risk. Unlike external auditors, internal audit looks beyond financial statement risks, towards the wider issues that help businesses to mitigate the risks to which they are exposed. This means the strategic value of internal audit is greater that it has ever been.

Many organisations are struggling to keep pace with the changing regulatory environment and to identify, let alone manage, the complex risks they face. Tailored to your size, sector, risk appetite and the regulatory requirements that apply to your organisation, our consultants in Risk and Advisory Services can provide support through a fully-outsourced or co-sourced service or can supplement your existing skill set by providing specialist input. Our range of services also includes reviews of internal audit functions and internal audit start-up assistance.

Our specialist teams will help you to assess and increase your focus on:

  • Governance structures: are they effective and fully integrated into your organisation?
  • External Quality Assessment (EQA): has your internal audit function been independently assessed in the last 5 years?
  • Existing risks: are you managing these, as well as your people, customers and key stakeholders, appropriately?
  • Current regulations: are you complying with them and preparing for future requirements?
  • Financial reporting: is yours robust, transparent and timely for business decision-making?
  • Systems and processes: do they support the business in achieving its objectives?
  • New risks: are you prepared for what may be over the horizon?

IT Internal Audit

Organisations are increasingly embracing more complex and sophisticated technology solutions in an effort to provide a wider suite of services, reach more customers and drive greater efficiencies. Internal audit functions must draw on expertise to ensure the right technology risks are identified and related controls assessed, including:                                                                                                    

·         Cybersecurity

·         Changing data privacy agenda

·         Growing technology resilience dependencies, and

·         Challenges with implementation of digitalisation across the business.

The risks associated with such solutions are significant, and can result in severe impacts on operations if not addressed.  Understanding these risks is critical in order to ensure that the right countermeasures are in place and operating effectively. Internal Audit has a fundamental role to play in reviewing and assuring the way in which a business evaluates its technology risks and controls.


Why BDO?
At BDO we have a dedicated and experienced IT Internal Audit team who assess traditional and emerging technology risks and support audit functions when undertaking annual IT audit. We have a formal IT risk evaluation methodology to ensure the assessment of risk is both consistent and comprehensive. 
The methodology recognises six main areas of IT risk:
  • IT security
  • IT operations
  • IT governance
  • IT continuity
  • Managing change
  • Strategic leadership

Behind each risk sits 32 sub risks each of which can be separately evaluated and used to benchmark an organisation’s maturity in the operation of mitigating controls.


Pension Schemes

The IORP II Directive sets out standards in relation to an effective system of governance for Irish Occupational pensions schemes, as well as enhanced duties around member communications. For an overview of the requirements and how BDO can support your organisation, please download our IORP II brochure.

Trust the guidance of our experts