Potential occupational standard
Occupational standard in development
Approved occupational standard
Occupational standard without apprenticeship
Custom occupational card
Apprenticeship
T Level
Technical Qualification
Higher Technical Qualification
Career starter apprenticeship
Royal apprenticeship
Occupational progression
Technical education progression
Mid green occupation
Dark green occupation
Favourite occupation
View glossary of terms
home Legal, finance and accounting
Internal Audit Technician

Internal Audit Technician

Level 4 - Higher Technical Occupation

Supporting auditors in assessing and improving governance, risk management, and control processes in organisations

Print to PDF View occupation in map

Summary

This occupation is found in all organisations that require assurance of their governance, risk management, and internal control processes. Organisations that employ Internal Audit Technicians (IA Technicians) are mainly medium to large and may be found in the public, third, or private sectors. Accountancy and professional services firms employ internal auditors to perform audits on behalf of their clients. Organisations may also employ their own internal auditors to conduct in-house audits. In the public sector, an internal audit function will carry out in-house audits within structures such as central government departments, local authorities, regulators, and higher education providers.

The broad purpose of the occupation is to support internal auditors in providing an independent, objective assurance and consulting service. IA Technicians help internal auditors advise organisations on how to accomplish their objectives. They take a planned, disciplined approach to supporting the assessment and improvement of risk management, control, and governance processes. IA Technicians assess the effectiveness of various areas within the organisation, including risk management, compliance, human resources, customer services, assets, and finance functions. They must remain independent and objective while working alongside all areas of the organisation. IA Technicians undertake designated aspects of routine internal audit engagements, following assigned tasks from internal auditors. They may check records and procedures to ensure they are accurate and reliable. They also support engagement with stakeholders to understand the actions being audited and assist in assessing compliance and risk within governance frameworks.

In their daily work, an IA Technician interacts with an audit team of other internal auditors and support staff. They may be managed by the Internal Audit Professional (IAProf) or Head of Internal Audit. They may also interact with colleagues and peers outside the audit team when conducting or supporting audit engagements and feedback tasks. The internal audit team provides audit reports to senior managers, setting out findings. The IA Technician supports this task depending on the nature of the audit.

An employee in this occupation is responsible for their allocated personal workload. They receive work instructions from senior colleagues, such as internal auditors. Their work is managed and checked to ensure adherence to the International Standards for the Professional Practice of Internal Auditing and the guidance of the Chartered Institute of Internal Auditors (Chartered IIA).

Typical job titles include:

Internal audit assistant
Internal audit support officer
Internal audit technician
Junior internal auditor

Keywords:

Auditors
Consultancy
Governance
Internal Audit Technician
Risk Management

Knowledge, skills and behaviours (KSBs)

K1: The professional context of internal audit including the characteristics of the role of auditors, contribution of internal audit to the achievement of organisational objectives and the requirement to be independent and objective.
K2: The underpinning professional standards and principles of professional and ethical internal audit, including the Code of Ethics, principles of due professional care and internal audit charter.
K3: The concept and characteristics of governance, risk management and control.
K4: Principles of environmental, social, and governance standards.
K5: The different core types of controls, including preventative, directive and corrective controls.
K6: The purpose of a strategic internal audit plan, its development, structure, and how it aligns to an organisation’s strategy.
K7: Effective engagement planning, including communication, risk assessment, identifying objectives and scope, evaluation criteria, resources, and work programme.
K8: The stages and methodologies of an internal audit and the associated roles in the process, such as research, planning, fieldwork, testing, reporting, and follow-up of any recommendations.
K9: The function of the internal audit manual.
K10: Principles of research, including the identification and use of internal policy, processes, and standards relevant to the area being audited, and any external regulation or legislation which may impact the organisation being audited.
K11: The purpose of performing a risk assessment during engagement planning, and the steps involved.
K12: Types of misstatement, error, fraud, fraud risk, and red flags for fraud.
K13: The law, regulations, policies, and procedures related to confidentiality, privacy, and information security when using information gathered during internal audit work.
K14: Fundamental concepts of IT software packages and data analytics audit tools and techniques, such as spreadsheets, when conducting internal audit work.
K15: Key documents and communications that underpin internal audit interactions with an organisation's board and senior management.
K16: The role of performance measurement in enhancing quality in internal audit work.
K17: Key principles of communication in the audit process, including building relationships and trust, influencing, negotiating, different approaches to communicating, the key stages of engagement communications, dealing with significant errors or omissions in internal audit work, and the requirement to communicate any unacceptable levels of risk.
K18: The elements of an appropriate internal audit engagement conclusion, including the significance and priority of recommendations, any scope limitations, the overall conclusion, and applicable actions plans, as well as the importance of subsequently confirming that management has implemented the recommendations or actions plans.
K19: Principles of workload management to ensure deadlines are met, including planning and managing time effectively, prioritising tasks, and escalating problems where appropriate.

S1: Conduct all audit work in compliance with an organisation’s internal audit manual.
S2: Recognise and avoid or mitigate any potential, actual, or perceived impairments to an individual internal auditor’s objectivity in accordance with professional standards and organisational policy.
S3: Use appropriate systems and software in line with organisational policies and procedures.
S4: Communicate clearly and succinctly, both verbally and in writing, adapt communication style to suit different situations, promote open communication stakeholder engagement, and effectively contribute to meetings.
S5: Contribute to managing the internal audit engagement activity’s reputation and stakeholder expectations.
S6: Support the planning of effective engagements by gathering information to understand the organisation and activity under review, completing risk assessments and prioritising risks to determine engagement objectives, scope, and evaluation criteria.
S7: Support the completion of detailed risk and control assessments, and support the development of work and testing programmes or practices to conduct audits.
S8: During assigned audits, examine and evaluate the governance, risks, risk management, and controls related to the organisation by reference to published guidance.
S9: Assist in the utilisation of walk throughs and process mapping to document and understand business processes.
S10: Select and use tools and techniques, under guidance, to gather relevant, reliable, and sufficient information for audit assignments.
S11: Apply appropriate sampling, data analysis, and other analytical review techniques, as directed, to analyse information and develop potential engagement findings.
S12: Use data analytics and software tools, such as spreadsheets, to gather and analyse data as directed within an internal audit engagement.
S13: Evaluate the relevance, sufficiency, and reliability of the sources and information gathered.
S14: Support the analysis of the adequacy of criteria and methods used by management to determine whether the activity has accomplished its objectives and goals.
S15: Select and apply appropriate questioning and negotiating techniques during delivery of audit work to influence positive outcomes.
S16: Prepare internal audit workpapers and supporting documentation, ensuring it is accurate, relevant, and complete.
S17: Support the identification of engagement conclusions, including the development of recommendations, or collaborating with management to produce action plans that resolve findings, mitigate risks, address root causes, and enhance or improve the activity under review.
S18: Under supervision, prepare reports that are accurate, objective, clear, concise, constructive, and timely.
S19: Support the internal audit team in confirming that management subject to the audit engagement have implemented agreed action plans to address audit findings.
S20: Apply principles of workload management to support deadlines being met, including planning and managing time effectively, prioritising tasks, and escalating delivery problems to audit lead or manager where appropriate.

B1: Acts professionally, ethically, and with integrity, demonstrating organisational values in how they work, maintaining confidentiality, independence, and objectivity.
B2: Demonstrates drive and energy, with a willingness to get the job done.
B3: Supports audit activities with a questioning mind and being alert to conditions that may indicate possible misstatement of information due to error or fraud.
B4: Works collaboratively and as a team player.
B5: Works flexibly and adapts to changing circumstances and environments, approaching audit work with an open mindset.

Duties

Duty D1

Support research and collate background information and documentation under instruction for assigned internal audit engagements.

Duty D2

Support the planning and execution of audit engagements as directed, ensuring that engagement plans are achieved in accordance with agreed standards of quality, and within resource allocation.

Duty D3

Analyse and interpret quantitative and qualitative data under supervision, including financial information, to inform audit engagement activities.

Duty D4

Support standard, risk-based audit engagements as directed.

Duty D5

Document sufficient, reliable, relevant, and useful information to support audit engagement results and conclusions.

Duty D6

Support good working relationships with stakeholders to encourage engagement with the audit engagement process.

Duty D7

Support the internal audit team to produce accurate, objective, clear, concise, constructive, complete, and timely engagement reports.

Duty D8

Attend meetings and contribute to communications with stakeholders on matters relating to audit engagements.

Duty D9

Support the drafting of action plans for improvement in line with findings from audit engagements reviews.

Duty D10

Support routine follow-up reviews of standard audit activities.

Duty D11

Support the promotion of an organisational culture that is ethical and risk aware.

Duty D12

Manage own workload using agreed management systems, and undertake reviews of casework to ensure progression is maintained and problems identified and escalated.