Internal Audit
Leverage industry-specialized internal audit services for organizational success.
Internal Audit
Proactively address emerging risks. Streamline your internal audit processes. Improve the efficiency and resiliency of your organization’s internal controls. Strengthen your internal audit function. That’s the goal — but where do you start?
To succeed, you cannot take the well-worn, expected path
Baker Tilly internal audit professionals help you embrace a forward-focused, industry-fluent approach — enabling your board of directors, audit committee and senior leadership to prioritize resiliency and growth efforts while minimizing disruption. As your organization faces diminishing resources and staffing challenges, Baker Tilly serves as a value-added extension of your internal audit capabilities. We help you identify and mitigate risks, optimize your business processes, ensure effective internal controls and help you perform quality assurance reviews.
How do you expand the focus of your internal auditors to include risks at the strategic, operational, financial, social and organizational levels? Should you adopt agile auditing principles and methods to enhance your organization’s current internal audit procedures? Do you need to augment your in-house internal audit team, or seek a solution through co-sourced/outsourced internal audit services?
When charting your path forward in the world of internal audit, questions abound. Fortunately, you don’t have to do it alone. Baker Tilly has successfully navigated this landscape with sound strategies, proven processes and effective recommendations designed to further your organization’s strategic objectives.
Internal audit hot topics
In today’s complex risk landscape, internal audit provides critical assurance and insights, helping organizations identify vulnerabilities and enhance their risk management strategies.
AI risks
Artificial intelligence (AI) offers significant opportunities for innovation and efficiency but also presents notable risks, including biases in decision-making, data privacy concerns and potential security vulnerabilities. It's crucial for organizations to implement robust governance and risk management practices and ethical guidelines — and stay ahead of regulatory requirements to mitigate these risks and ensure responsible AI deployment.
Data analytics
Maximizing the use of data analytics can be indispensable for an organization, allowing internal audit to be faster, more flexible and more strategic in its risk assessment practices. Effective use of data analytics incorporates emerging internal and external risks around which an organization may need to adjust its audit plans. Data analytics further supports internal audit to focus and refocus work as risk effects shift, so that an organization’s limited time and resources can be directed toward the biggest, most strategic risks.
Data governance
Data governance is essential to ensure the accuracy, security and proper use of data within an organization — which becomes even more critical with the integration of artificial intelligence (AI). In addition to establishing clear policies and procedures, organizations need robust data management practices, regular audits and continuous monitoring to ensure data quality and compliance. Effective data governance enables organizations to maintain data integrity, enhance decision-making and foster trust — ultimately driving better business outcomes and innovation.
Emerging risks and disruption
As organizations continue to grow, balancing efficiency, sustainability and scalability with controls has proven to be an important emerging risk. Excessive controls and policies can hinder growth, presenting internal auditors in expanding organizations with the challenge of balancing continuous risk monitoring with the pursuit of new processes, opportunities, and technologies to support and drive growth.
Co-sourcing/outsourcing
An organization’s internal audit function is key to ensuring that strategic risks are appropriately managed and mitigated. The combination of external forces (e.g., a complex regulatory environment, rapidly evolving technology and increasing cyber threats) and internal forces (e.g., increasing demands from organization leaders and skill gaps) should compel leaders to investigate working with a co-sourced or outsourced internal audit partner.
Third-party risk management
Effective third-party risk management (TPRM) requires close collaboration between risk management and business functions to identify, assess and mitigate risks associated with external vendors and partners. Well-executed TPRM helps business leaders understand how third parties can increase profitability while ensuring resilience against new and unexpected challenges and drive compliance.
IIA Standards
On Jan. 9, 2024, the Institute of Internal Auditors (IIA) released updated Global Internal Audit Standards that will go into effect in January 2025. The Standards will bring about significant changes — including increased focus on how internal audit serves the public interest, clarifications to the role of the board and new requirements for quality assurance and improvement programs.
With five domains, 15 principles and 52 standards in total, it’s no longer a question of if these changes will impact organizations — but rather how and when.
ESG auditing
The cross-functional nature and shared responsibility of managing environmental, social and governance (ESG) within an organization can be complex. Fortunately, internal audit is uniquely positioned to partner with various teams to support development of an ESG strategy based on data requests from key stakeholders. Internal audit’s experience with assessing risk, identifying processes, understanding reporting requirements, and a keen awareness of an organization’s goals and strategies will be beneficial to an organization as they embark on their ESG journey.
Guiding insights
Industry spotlight
Explore how Baker Tilly’s internal audit solutions can benefit organizations across industries. From proactive assurance, risk-based internal audit plans, data analytics support, internal control reviews, enterprise risk management and fraud investigations – let's go there, together.
Banking
The banking industry continues to deal with interest rate and liquidity challenges in addition to ongoing consolidation through mergers and acquisitions. Banks and credit unions are prioritizing digital transformation to enhance customer experience with better digital banking and payment capabilities. The growing use of data and models is driving the demand for modeling resources and validation processes. Additionally, maintaining cybersecurity maturity is crucial as banks and credit unions strive to stay ahead of the evolving cybersecurity landscape. In this complex environment, an internal audit partner is crucial. They provide independent assurance on risk management, governance and internal controls, helping to identify risks and inefficiencies early. An internal audit partner enhances customer trust and confidence by safeguarding data and ensuring regulatory compliance.
Insurance
Insurance organizations are faced with fast-paced changes in digital technology, customer experience improvements, climate change effects, cybersecurity, artificial intelligence and organizational restructuring. On top of this, they must manage complex and constantly evolving regulatory compliance. Internal audit is crucial to provide assurance in this landscape. By partnering with an internal audit provider with insurance expertise, you can adapt to shifting priorities and adjust resource levels as needed, ensuring that both mandatory, emerging, operational and strategic audits are conducted efficiently and effectively.
Government contractors
Government contractors must understand traditional risk areas and grasp the nuances of contract-specific technical requirements, remaining agile to address emerging industry and regulatory demands. The rigorous nature of contract compliance and the constantly changing regulatory landscape makes it challenging for contractors to stay updated on technical requirements like cybersecurity risk, Cybersecurity Maturity Model Certification (CMMC), artificial intelligence, ESG and International Organization for Standardization (ISO) certifications. Partnering with a dedicated internal audit provider offers government contractors the flexibility to allocate, shift or focus resources in these critical areas.
Healthcare
As healthcare organizations face stricter regulations, cybersecurity threats and financial constraints, the need for effective internal controls has never been greater. Successful leaders in the industry are turning to specialized professionals who can assess risk, provide compliance support and optimize internal control frameworks. By accessing expertise in areas such as healthcare regulations, patient data protection and revenue cycle management, organizations can proactively address vulnerabilities while ensuring continuous improvement and innovation.
Higher education
Colleges and universities function like small cities – facing heightened public scrutiny, fiscal challenges related to enrollment, extensive regulatory demands and various reputational risks. By partnering with an internal audit provider, institutions gain access to specialized knowledge and industry-leading practices in emerging risk areas such as cybersecurity, sponsored research, student safety and well-being.
Life sciences
Life sciences companies face pressures and challenges that are unique from other industries, including commercial, medical, safety, quality, regulatory, government pricing and contracting activities. Implementing a comprehensive internal audit plan can help alleviate these anxieties and concerns that affect management’s decision-making skills, and most notably, strengthen the internal controls necessary to allow life sciences companies to meet their strategic objectives and goals.
Not-for-profits
Not-for-profit organizations face both internal and external pressures, including managing and stewarding funds from various sources, optimizing resources and maintaining compliance — all while effectively fulfilling their mission. Partnering with an internal audit provider can offer not-for-profits objective insights and oversight, helping to prioritize risks cost-effectively, leverage peer and industry-leading practices for efficiency and maintain a reputation as a responsible steward of funds. A strategic internal audit partner provides expertise in financial, information technology, compliance and operational areas, enabling the organization to focus on serving its community.
Manufacturing
Manufacturing organizations operate in a complex global environment, facing supply chain disruptions, regulatory compliance challenges and operational inefficiencies. By partnering with a firm that offers global internal audit services, manufacturers can benefit from specialized expertise in risk management, regulatory compliance and process optimization. This global reach ensures that audits not only align with local regulations and business practices but also address industry-specific risks such as environmental sustainability, product safety and operational resilience.
Private equity
Private equity firms are challenged with rising investor demands, intense competition for portfolio companies and heightened regulatory scrutiny. Partnering with an internal audit provider gives them the flexibility to effectively address emerging risk areas and evolving compliance issues. Through a variable resource model and real-time access to subject matter specialists, they can gain industry insights and actionable solutions to manage organizational risks and tackle business challenges.
Public sector
Having an internal audit partner can increase the appearance of independence with audit functions, steer clear of political or policy issues that might be beyond their scope and enhance the audit committee or governing body's confidence in audit results, as they may be more inclined to trust an external perspective.
Our strategic alliances
AuditBoard
Together, Baker Tilly and AuditBoard provide clients with a solution that augments the transformation and optimization of their financial management, risk and compliance functions. The pairing combines deep advisory experience and insight with advanced audit technology to enhance GRC management. Read the press release.
In this episode of Agents of Change, Heather Acker, risk advisory managing partner, and Richard Chambers, senior internal audit advisor at AuditBoard, share their perspectives on internal audit and the future of the profession.
Workiva
Baker Tilly and Workiva create value-driven offerings to transform and optimize an organization’s governance, risk and compliance (GRC) functions and support their ESG journeys with enhanced reporting insights. Through our alliance, Baker Tilly and Workiva can help organizations streamline risk management processes and compliance reporting within a cloud-based platform. Read the press release.
Solutions
Leverage industry-specialized IT audit professionals to enhance and protect organizational value.
Environmental, Social & Governance Services
Let’s build a sustainable future now, for tomorrow. Learn more about our industry-focused ESG program advisory and assurance capabilities.
Agile internal audit
What does it mean to be "agile" in internal audit?
It’s about adopting agile principles in internal audit, and nurturing a people-centric culture that operates in rapid learning, flexible planning and execution, and fast decision cycles enabled by technology and common purpose to create and add value to stakeholders.
Case studies
Our professionals
