What is internal audit?

20 May 2020

It’s Internal Audit Awareness Month! Yes, they really do get a whole month.

We’re aiming to raise awareness of internal audit through a series of posts exploring what audit is, where it came from and why it’s important.

What is internal audit?

Internal audit exists to provide independent assurance that an organisation is operating effectively. The Institute of Internal Auditors says:

“The profession of internal audit is fundamentally concerned with evaluating an organisation’s management of risk.”

This means auditors look at a range of areas to assure managers that internal controls, governance and risk management are operating as they should be.

Internal audits can cover any area of the organisation.

Within a local government context, audit provides assurance that public resources are being used effectively. The function exists to help managers and services ensure that their service performs to the best of its ability.

Where did audit come from?

According to the Institute of Internal Auditors Research Foundation, formal record-keeping systems date back to 4000 BC. Governments and businesses wanted to ease any concerns about correct accounting for receipts, disbursements and taxes.

“The origin of auditing goes back to times scarcely less remote than that of accounting. Whenever the advance of civilization brought about the necessity of one man being intrusted to some extent with the property of another, the advisability of some kind of check upon the fidelity of the former would become apparent.”

Even the Bible contains reference to the importance of internal controls to prevent fraud.

Gradually practices developed over the years, and in 1941 the Institute of Internal Auditors was formed in the USA. The first internal auditing standard in the UK was implemented in 1976.


The word audit comes from the Latin ‘audire’ (to hear) – originally, official examination of accounts was an oral procedure. [Source: www.etymonline.com]

What do auditors do?

Internal auditors are often described as a ‘critical friend’. They can act as a catalyst for change, challenging current practice and championing best practice. Auditors help an organisation to achieve its strategic objectives.

This could involve:

  • Evaluating controls
  • Advising managers
  • Reporting on the effectiveness of policies
  • Evaluating risks
  • Assessing the risk management culture
  • Providing advice and insights
  • Analysing operations
  • Working with other assurance professionals eg fraud investigators or security experts
More information

Read our A-Z of internal audit, or speak to the team