Internal Audit and Risk Culture

Stephen Gregory

Internal audit functions have a critical role to play in assessing the risk governance framework, including the risk culture of the organisation, and informing executive management and boards of directors of the results of their work. For many internal audit functions, this role represents a major change to their mandate and to the nature of work they have traditionally carried out. Delivering on the new mandate carries with it important implications for the skills and capabilities of the internal audit function itself.

This chapter looks more closely at the role that internal audit functions should play in assessing, reporting upon and improving risk culture within a complex firm, drawing on practical experience with firms across the financial services sector. It explains the unique position that internal audit occupies, and how performing such a role is a fundamental part of delivering on the internal audit function remit. The chapter examines the expectations of regulators globally regarding the role of internal audit in assessing risk governance in financial firms, and how internal audit functions are increasingly assessing risk culture across the firm as well as in particular

To continue reading...

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an indvidual account here: