Home > Training, Events and Conferences > Training Overview > Internal Auditor/Senior Internal Auditor Job Role

Internal Auditor/Senior Internal Auditor Job Role

Internal Auditor profile           

 Click on any of the below competency area to view the relevant courses


Competency Area The abilities I need to demonstrate in my role: The knowledge I need to attain to perform my role:
Business Acumen
• Assess the relevance of global developments on business processes
• Assess the relevance of regulatory and legal requirements to business processes
• Identify risks associated with Infocomm Technology 
• Industry specific knowledge relevant to the organisation
• Markets, competitors and business models in the industry
• Regulatory and legal environment in which the organisation operates
• Latest global developments, regulatory and legal requirements
Business Process Analysis

• Document the business processes using narrative and flowcharts
• Identify gaps in design of the business processes
• Communicate gaps
to business process owner and provide suggestions for       improvements

• Risks and controls analysis
• Industry knowledge
• Working paper documentation
Business Innovation and Improvement • Apply solution-focused methodologies to solve problems
• Apply design principles in the organisation
• Draw on logic, imagination and systematic reasoning to explore possibilities to transform and grow businesses
• Identify problems, and plan targeted improvements and innovation 
• Seek and justify opportunities for continuous improvement and innovation
• Apply agile methodology in projects
• Updates on available, applicable and appropriate technologies
• Design frameworks and models
• Tools for continuous innovation and process improvement 
• Concepts, competencies for continuous innovation and process improvement
• Agile methodology 

IA Engagement Execution • Apply audit procedures according to the audit engagement plan
• Apply audit methodologies and carry out audit procedures 
• Apply due professional care in execution of audit procedures
• Ensure that engagement deadlines and objectives are met
• Select and apply the appropriate tools and techniques to information gathering and analysis
• Obtain reliable, relevant and sufficient evidence
• Develop working papers that truly reflect all activities performed during the audit engagement
• Identify preliminary key observations, findings, risk responses and recommendations in clear and concise manner
• Internal Audit Framework or International Professional Practices Framework
• Types of controls and controls assessment techniques
• Risks and risks responses to mitigate risks
• Internal control and risk management frameworks such as Committee of Sponsoring Organisations of the Treadway Commission (COSO) Internal Control, COSO Enterprise Risk Management (ERM) Frameworks and ISO31000
• Industry knowledge specific to the engagement or organisation
• Organisation, design and content of engagement working papers
• Root cause analysis 
• Good control practices and industry best practices
IA Engagement Planning • Conduct preliminary survey and risk assessment to understand the audit environment, including key business risks and controls
• Determine audit areas to address the risks identified 
• Develop work programmes
• Revise audit programmes based on risks identified 
• International Professional Practices Framework (IPPF) comprising definitions of Internal Auditing, Code of Ethics, core principles and International Standards for the Professional Practice of Internal Auditing 
• Organisation's significant risks, objectives, resources, operations, businesses and structure
• Internal audit methodology and procedures of the organisation
• Risk identification and assessment techniques
Information Gathering and Analysis • Use data analysis in the planning process to provide insights to better design tests to address risks in the process
• Use analytics to identify trends, exceptions and insight
• Interpret findings to obtain business insights
• Present insights of business performance and trends for business considerations
• Data mining and analytics
• Data Governance
• Statistical analysis 
• Business intelligence tools
• Organisation's business and environment 
• Risk and control environment
Project Execution and Control
• Apply appropriate costing methods to the projects
• Prepare analyses and reports to manage costs and inform decision-making
• Prepare analyses and reports to aid in risk management
• Organisation's business
• Costing methods
• Risk assessment and management
Due Professional Care • Apply due professional care in conduct of audit
• Identify the extent of work needed to achieve the engagement’s objectives, including consideration of the relative complexity, materiality and significance of the matters concerned
• Apply professional scepticism in the conduct of audits 
• Identify conditions and circumstances that may indicate possible fraud 
• Identify conditions and circumstances that may suggest the need for additional procedures
• International Professional Practices Framework (IPPF)
• Due professional care considerations and requirements
• Extent of work needed to achieve engagement's objectives
• Probability of significant errors, irregularities, or non-compliance
• Relative complexity, materiality or significance of matters to which assurance procedures are applied
• Professional scepticism 
Enterprise Risk Management • Identify risks that the organisation is exposed on aspects of governance, operations and information systems
• Obtain information on business strategies, risk management philosophy and methodology, appetite for risk, and acceptance of risks
• Conduct interviews with management to determine business unit objectives, related risks, risk mitigation and control monitoring activities
• Identify the reporting lines for risk monitoring activities and timeliness of reporting of risk management results
• Organisational objectives and mission
• Risk management framework, such as COSO ERM Framework or ISO30001

Financial Statement Analysis • Review characteristics of financial statements
• Calculate key ratios from a company’s financial statements
• Understand implications of key ratios from a company’s financial statements
• Appreciate major components of a financial balance sheet
• Relevant accounting terminology, treatment and standards
• How key business processes relate to financial statements

Fraud Risk Management • Identify red flags indicating that fraud may have been committed • Red flags indicating fraud
• Types of fraud and common concealment activities
Governance • Identify the governance processes, i.e. processes and structures implemented by the board to inform, direct, manage and monitor the activities of the organisation
• Identify the relationships among governance, risk, and control
• Regulatory requirements and guidelines, including code of corporate governance
• Governance framework
• Best corporate governance practices
Internal Controls • Obtain sufficient evidence about major control processes operating across the organisation
• Identify key controls and conduct tests for operating effectiveness of key controls within the processes under review
• Identify control gaps and significant discrepancies or weaknesses not addressed
• Concepts of risks and internal controls
• Organisation’s business and processes
• Financial and operational information
• Objectives of individual control steps
Cybersecurity • Identify potential risks and threats associated with cyber security, such as viruses, hacking, and identity theft
• Protect personal and business information from cyber security threats
• Interpret cyber security threats that require escalation to relevant team members
• Cyber security threats
• Areas prone to cyber security threats
• Best practices to safeguard against threats

Data Analytics • Generate reports on trends to aid management decision making
• Generate reports on risks to aid management decision making
• Distil data to determine patterns, provide information and anticipate future outcomes
• Support data-driven tactical and strategic decision-making
• Align the outputs or reports of corporate information systems with the changing needs of those reading and using the reports, to improve support of activities such as benchmarking, decision-making and planning
• Use business intelligence tools
• Define research objectives for data analytic activities
• Review data to ensure that planning parameter are captured in extracted datasets
• Data management cycle 
• Data governance
• Data sources and extraction methods
• Data analytics and business intelligence tools
• Data interpretation tools and trend analysis techniques
• Gaps between needs and existing data models
Infocomm Security and Data Privacy • Identify potential risks and threats associated with IT systems, information security and data privacy
• Identify and conduct testing of IT general controls
• Identify tasks with conflict of interest that need to be segregated
• Review organisation structure to highlight weakness
• Concepts of IT security and data privacy
• Linkage between IT risks and controls
• Objectives of general and application controls.
• Organisation’s data protection policies and frameworks
• IT, information security and data privacy threats
• Areas prone to IT, information security and data privacy threats
• Best practices to safeguard against threats
Risk Management • Analyse risks and uncertainties contributing to risk assessment
• Define, develop and implement proportionate risk management policies, guidelines, and procedures
• Identify potential risks arising from social and digital platforms including social media reputational risks  
• Organisation’s risk management policies
• Organisation’s risk management guidelines
• Organisation’s risk management procedures
• Social and digital platforms
Auditor Independence • Identify risk of threats which may impair independence
• Apply the conceptual framework approach to maintain independence
• Relevant ethics pronouncements or code of professional conduct and ethics
• Conceptual framework approach to independence
• Ethical threats 
Professional and Business Ethics • Uphold and comply with relevant ethics pronouncements or code of professional conduct and ethics during performance of individual duties and responsibilities
• Identify threats to compliance with the principles of the relevant code of professional conduct and ethics
• Resolve ethical dilemmas through understanding of ethical principles when engaging clients
• Demonstrate sound judgment in applying and upholding high ethical standards expected of accountancy practitioners
• Ethics frameworks
• Ethical principles
• Relevant ethics pronouncements 
• Relevant code of professional conduct and ethics
Professional Standards • Identify professional standards relevant to scope of work
• Comply with the relevant professional standards during performance of individual duties and responsibilities
• Department and organisational policies governing professional standards
• Current developments in practice and legislation
• Emerging trends and developments of the profession

Comply with the relevant professional standards during performance of individual duties and responsibilities

Digital Literacy Use available software features to create and edit documents, customise  templates and reports and evaluate online information.  
Interpersonal Skills

Detect and decipher emotions of others to manage interpersonal relationships in social situations.

Sense Making Identify relationships and linkages within different components of data.  
Teamwork Contribute to a positive and cooperative working environment by fulfilling own responsibilities and providing support to co-workers to achieve team goals.  


Back to Training Overview