Internal Audit

Uncertainties created by economic downturns, corporate failure, organisational restructuring and regulatory changes have all added to the responsibilities of Board Directors, with Non-Executives and Audit Committee members seeing expectations of their roles increase more than most. The assurance provided by a professional internal audit function is therefore more valuable than ever.

Boards, Audit Committees and senior management are always looking for fresh perspectives, added value and objective assurance and insights on the effectiveness and efficiency of governance, risk management, and internal control processes from its internal audit function.

Our approach

Internal Audit is designed to add value and improve organisational operations. It helps accomplish business objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Forvis Mazars Internal Audit and Advisory performs a variety of services, including:

  • Internal Audit Outsourcing and Co-Sourcing
  • Evaluation of Internal Audit Functions
  • Risk Management Implementation and Advice
  • Corporate Governance Evaluation and Support
  • Project Governance
  • Board and Committee Evaluations
  • Public Finance Management
  • King IV– evaluation and advice regarding implementation
  • Companies Act Implementation and Guidance
  • Performance audits

Committee of Sponsoring Organisations (COSO)

Forvis Mazars Internal Audit follows the Committee of Sponsoring Organisations (COSO) control model. This model includes a focus on expectations for governance oversight

  • Globalization of markets and operations
  • Changes and greater complexities of business
  • Demands and complexities in laws, rules, regulations and standards
  • Expectations for competencies and accountabilities
  • Use of, and reliance on, evolving technologies
  • Expectations relating to preventing and detecting fraud
  • Internal Objective Setting
  • Event Identification
  • Risk Assessment
  • Risk Response
  • Control Activities
  • Information and Communication
  • Monitoring