The Internal Audit and Risk Agenda

2025 looks to be a landmark year for the Internal Audit profession. New Global Internal Audit Standards and Internal Audit Code come into force in January providing a clearer structure to the professional guidance and raising expectations of Internal Auditors and the Audit Committees that they report to.

For UK listed companies, the new Corporate Governance Code needs to be to be addressed with implementation of the main provisions required from 1 January 2025.  The UK election brought a change of Government but no change in the direction of travel for corporate governance reform. Further legislation is expected over the coming years which is likely to extend the scope and rigour of corporate governance requirements. The publication of guidance by the Home Office in relation to the failure to prevent fraud offence only adds to the pressure. This gives organisations only nine months to develop and implement the required fraud prevention procedures.

More generally, technological, economic, political and social changes are driving shifts to business models with considerable investment being made to transform delivery and operating models. Cyber, privacy and digital transformation risks are understandably high on the Audit Committee agenda. Artificial Intelligence presents opportunities for significant efficiencies and changes to working practices. This comes with heightened risks such data loss, fraud and organisations need to ensure that the widespread deployment of AI is mitigated by sound governance and control frameworks.

Internal Audit has a key role to play in supporting organisations as they grapple with these challenges. 

This document sets out some of the key issues on the horizon that Heads of Internal Audit should be considering when thinking about the wider risks relevant to their organisations and the technical skills required to deliver meaningful assurance. 

DOWNLOAD