Internal Audit & Risk Management
With the recent corporate failures, questioning of public sector procurement practices and a tougher regulatory compliance environment have renewed the interest in corporate governance, enterprise risk management and the quality of the internal control environment.
King IV states that the continual and rapid changes as well as the complexity of business, organisational dynamics and the regulatory environment require companies and the public sector to establish and maintain an effective internal audit function.
Our view is that the internal audit function should generate strategic value and contribute to better business performance.
We have a multidisciplinary team of professionals experienced in financial and operational internal auditing, IT, fraud analytics and risk assessment, shared services, finance management, treasury and financial instruments, and the supply chain to augment and enhance an organisation’s existing internal audit capabilities and/or to serve as an organisation’s internal audit function.
Our services include:
- Complete outsourcing and co-sourcing of the internal audit function.
- Assistance in assembling an audit committee.
- Preparation of audit committee charter.
- Preparation of an internal audit charter.
- Risk identification and management.
- Development and implementation of a three year strategic and annual operational plans, recommendations of controls.
- Training and capacity building.
- Special investigations.
- Information technology audits.
Our internal audit methodology is aligned with the requirements of National Treasury’s guidelines and complies with the requirements of the International Standards for the Professional Practice of Internal Auditing.
In addition, we have experience risk management practitioners and are therefore well positioned to give advice on risk management.
Risk Management Tool
We have an electronic risk management tool which assists with the Risk Assessment workshops that we conduct for clients and potential clients. The software is utilised to document the risks identified by management, to rate the identified risks in terms of likelihood and impact, to document the controls that currently exists to mitigate the risk identified, to rate the control in terms of adequacy, to document the action plans to further improve controls to mitigate the risk identified and to document the risk owner.
The tool is pre-configured with a number of reports that allow you to immediately gain the benefit of transparency and visibility, as well as the ability to do Risk Committee and Board reporting. The reporting suite allows you to create multiple types of reports and distribute these in PDF, Microsoft Word, Excel and graphical formats. Reports support pie charts, graphs, trends, history, text and other formats, as well as dashboards.