Internal audit plays a key role in ensuring confidence in the effectiveness of a company's internal controls, especially given the rapid changes in business, increasing regulatory requirements, and technological challenges.
It enables the timely identification of risks, the strengthening of control systems, and the improvement of process efficiency, contributing to the company’s sustainable development and stability.
KPMG in Ukraine's modern approach combines professional expertise, industry knowledge, and technological solutions in accordance with Global Internal Audit Standards (GIAS).
This ensures effective risk management, regardless of whether the internal audit function is being established from scratch, transformed or operating in an outsourced or co-sourced format.
KPMG offers a range of support models, from performing specific tasks (such as auditing a particular process) and providing specialists with expertise in specific areas to the complete outsourcing of the internal audit function:
Outsourcing means that KPMG specialists perform the internal audit function for the client organisation, from strategy development and internal audit planning to the implementation of internal audit projects and the preparation and approval of reports.
As part of co-sourcing, the client's existing internal audit department engages KPMG specialists to perform specific tasks. Co-sourcing is typically suitable when there is a temporary shortage of expertise or resources. Key co-sourcing services include engaging KPMG experts at various stages of the client's internal audit activities, which may involve assistance with strategy development, budgeting, risk assessment, and internal audit planning as well as performing individual audit tasks – either with the project fully managed by KPMG or collaboratively with the client’s team.
KPMG provides independent external assessment services for internal audit functions for organisations, banks, and government agencies. The assessment includes analysing the internal audit function’s compliance with Global Internal Audit Standards (GIAS).
The assessment results in a report highlighting strengths and areas for improvement, enabling the client organisation to optimise the performance of its internal audit function. This, in turn, has a positive impact on the organisation’s risk management processes and overall control system.
Using international benchmarks, Global Internal Audit Standards (GIAS) and KPMG's international expertise, we help improve the internal audit approach, tailored to the organisation’s specifics, strategy, and risks.
Services may include developing/reviewing internal audit charters, mandates, strategies, function policies, risk assessment methodologies, and audit procedures (such as working papers, reports), as well as providing advice on specific issues related to audit tasks.
We provide training for internal audit functions on Global Standards (GIAS) and internal audit methodology, as well as sessions on internal control assessment and risk management.
We conduct a comprehensive assessment of the company's IT environment, considering both the business context and technological architecture. We analyse the maturity of IT processes using structured models, including the COBIT maturity model, and verify the effectiveness of IT controls as well as the compliance of systems with security, availability, integrity and confidentiality requirements.
In addition, we provide internal IT audit outsourcing services and conduct independent assessments of IT projects, including those related to the implementation of new systems or transformation initiatives.
We also conduct attestation audits of service organisations for the issuance of SOC 1, SOC 2, and SOC 3 reports.
