Practitioner
Overview
Those at practitioner level should have a developed understanding of what internal audit involves, including how to utilise essential audit tools. Your remit includes but is not limited to: documenting processes, and assessing/evaluating the effectiveness of governance, risk management and internal control within functions across an organisation. Your other development areas range from measuring effectiveness to building and strengthening relationships with senior managers and non-executive directors.
Typical responsibilities
Practitioner-level auditors should have an intermediate grasp of the profession and be able to apply that knowledge to their roles. Your responsibilities will include but not be limited to:
- Researching the activities being audited by spending time with the area of the organisation being audited
- Data gathering, analysis and interpretation through face to face, email and other forms of data gathering practices used in the organisation
- Documenting the business process and control environment through process mapping, e.g. flow-charting, and validating the process via a ‘walkthrough’
- Identifying and evaluating the associated governance, risks and controls through mapping against governance policy set out in the organisation
- Reviewing the documented internal risk processes including any documented management controls in place as set out by the business
- Performing tests and analyse to evaluate the effectiveness of controls (i.e. do the controls protect the organisation against potential risks, as identified by the organisation, management or internal control functions)
- Identifying vulnerabilities and exposures
- Communicating the results of their audit work to audit management
Knowledge
1. Commercial awareness
IA Practitioners will understand the internal and external environment of the organisation being audited.
Relevant guidance
2. Corporate governance and risk management
IA Practitioners will demonstrate an awareness of the characteristics of good corporate governance and risk management, and the role of internal audit, and will be able to assess the contribution they make to organisational effectiveness and assurance.
Relevant guidance
3. Organisational business processes
IA Practitioners will have an understanding of their organisation’s strategy and success measures and be cognisant of how their work contributes to the success of the function/organisation’s industry.
Relevant guidance
|
How to approach unfamiliar areas of work |
4. Risk and control/audit methodology
IA Practitioners will know the different types of controls, management control techniques, and internal control framework characteristics.
Relevant guidance
|
Risk appetite – concept and theory Risk appetite – the board’s role |
|
| Production of the internal audit plan | Writing about risk |
Skills
1. Building relationships
IA Practitioners will build sustainable relationships based on trust and respect, within their function and with stakeholders, on an audit by audit basis.
Relevant guidance
|
Risk appetite – the board’s role Risk appetite – the role of internal audit |
2. Communication
IA Practitioners will communicate clearly and succinctly both verbally and in writing.
Relevant guidance
3. Collaboration
IA Practitioners will collaborate effectively with other audit colleagues to gain understanding and insights to inform audits and gather data to deliver results and will be team players.
Relevant guidance
|
Position paper: Internal audit’s relationship with external audit |
4. Data analysis
With guidance, IA Practitioners will select and use tools/techniques to obtain relevant data/information for specific audit assignments.
Relevant guidance
|
Computer assisted audit techniques (CAATs) |
5. Time management
IA Practitioners will manage their time effectively to deliver high quality work within appropriate timelines to deliver their audit assignments and other work requirements.
Relevant guidance
6. Systems and IT skills
IA Practitioners will be proficient in the use appropriate business systems and software e.g. sending emails, using word processing and spreadsheet software, documenting workpapers using an organisation’s appropriate audit systems etc.
Relevant guidance
|
Using internal audit software – top tips |
|
7. Business acumen
IA Practitioners interpret/articulate key risks impacting organisation/wider industry.
Relevant guidance
|
Risk appetite – concept and theory Risk appetite – the board’s role |
Production of the internal audit risk-based plan |
Behaviours
1. Ethics and integrity
IA Practitioners will act with integrity to their profession and the ethical code of conduct of their organisation/auditee.
Relevant guidance
2. Adding value/continuous improvement
IA Practitioners will add value to the organisation/department they are auditing by proactively sharing issues identified during their audit work with their line manager.
Relevant guidance
|
Position paper: Independence and objectivity Position paper: Internal audit and corrupt practices Internal audit document retention |
Delivering internal audit findings |
3. Professional development
IA Practitioners will take responsibility for their own professional development by seeking out opportunities to learn and grow.
Relevant guidance
|
Operational responsibilities – you asked us |
4. Proactive and adaptable
IA Practitioners will demonstrate drive and energy to get the job done and an open mindset in all their audit work, able to adapt in changing circumstances.
Relevant guidance
5. Professional scepticism
IA Practitioners will demonstrate an attitude that includes a questioning mind and being alert to conditions that may indicate possible misstatement of information due to error or fraud.
Relevant guidance
|
How to gather and evaluate information |
Auditing business functions
In addition to specific guidance to meet the needs of internal auditors at the various stages of their career, there is a generic range of functions and subject areas that inform all levels of our competence framework.
Got a question?
Our technical team are on-hand to answers any questions you may have, whether that be in relation to your skill-level or a specific piece of guidance.
