Outsourcing your internal audit function to an independent third party provider can have numerous benefits for your business, especially if you aren’t able to set up and maintain your own internal teams to achieve the level of assurance you need.
What is outsourced internal audit?
Fully outsourced internal audit is when a firm employs another firm to provide its internal audit service. This is different to our co-sourced internal audit service, where our specialists work side-by-side with your teams to fulfil your internal audit obligations.
In line with the Chartered Institute of Internal Auditors methodology, we review and evaluate your risk management, control and governance arrangements to see how effectively they’re helping you achieve your key objectives for:
- cost control;
- risk management;
- operational process and controls;
- regulatory adherence;
- IT security and more.
The benefits of outsourcing internal audit with RSM
Our financial services internal audit team has extensive experience in taking on and managing clients’ internal audit functions. Your organisation can benefit from our experience and expertise in several areas, including:
- Significant relevant skills and experience – a fully outsourced service will provide highly skilled and experienced internal auditors who have significant experience, allowing you to complete audits across your operations, technology and regulatory functions.
- Compliance – by outsourcing internal audit, your organisation can benefit from a detailed analysis and review of your operations and their compliance with required industry set standards.
- Benchmarking – you will receive benchmarking against industry best practice, ensuring your business is getting the best advice and solutions possible.
- Receive more knowledge – our specialist team has built up an extensive knowledge base through training and experience, which will be used to help your business achieve its objectives.
- Cost reduction – outsourcing is a lower-cost alternative to building and maintaining an internal team with the same level of experience and capability.
- Unbiased advice – as an independent third-party provider, we are well placed to provide honest and constructive feedback that will help your business achieve its objectives.
Reducing your workload
Outsourcing your internal audit function to RSM can help reduce the pressure on your internal teams, give you piece of mind that your internal audit function is in safe hands, and ensure your organisation benefits from a well-executed, quality internal audit function.
If you don’t have an in-house internal audit team or your team is at full capacity, outsourcing your internal audit function to RSM can provide you with the business assurance you are looking for.
Case Study - Specialist Fund Manager – Internal Audit Services
Our client is a specialist asset manager based in London since the 1950s, managing over £20bn of assets in third party and proprietary capital funds.
We provided fully outsourced internal audit services and were appointed several years ago to set up the internal audit function in the UK.
We completed a full business risk assessment with executive management through interviews and developed a risk register and initial 4-year audit plan for review and agreement with the executive team before being reviewed and approved with the audit committee.
The audit plan covered key funds, business operations, risk, regulatory and IT audit areas including reviews of:
- Corporate Governance;
- Risk Management;
- Fund / Investment management;
- Dealing Desk;
- Fund Operations, Middle Office and Settlement;
- Key Regulatory Areas – Client Money, Outsourcing, Conduct and Culture. Prudential, Financial Crime, and Financial Promotions and Marketing;
- IT Management and Strategy;
- IT System/Applications Development and Change Control;
- IT Security/Cyber Security;
- IT Operations including resilience; and
- IT BCP/DRP.
Over the years we have executed the IA plan and have reported upon several areas of improvement in processes, controls and management to manage and mitigate key business, operations, IT and regulatory risks.