Discover how our Internal Audit solutions can support you
Services
Our progressive thinkers offer services to help create, protect and transform value today, so you have opportunity to thrive tomorrow.
-
Business Risk
Grant Thornton Gibraltar’s Business Risk Services team brings together a group of specialists with an unrivalled depth of industry experience. Our solutions support clients in growing and protecting the inherent value of their businesses with practical risk management systems.
-
Consulting
Our solutions focused team guarantees quick turnarounds, and with lower partner to staff ratio than most we can provide bespoke offerings tailored to your unique needs.
-
Deal Advisory
Our experienced Deal Advisory team has provided a range of transaction, valuation, deal advisory and restructuring services to clients for the past two decades.
-
Financial Accounting and Advisory Services (FAAS)
Our team of experts here at Grant Thornton is committed to providing best-in-class solutions to help our clients effectively overcome the hurdles associated with complex regulatory compliance requirements, especially when entering new markets.
-
Fintech
Grant Thornton’s cross-functional, dynamic team of specialists can help with your FinTech needs. Whether in supporting existing market participants looking to innovate in products and services, or new entrants seeking to upscale their FinTech businesses within the complex financial services environment, we have the solution for you.
-
Forensic Accounting
Organisations may undergo some type of dispute or internal investigation during their lifetime. Our Forensic and Investigation Services team can seek evidence that can make the difference between finding the truth or being left in the dark.
-
Insolvency
At Grant Thornton we offer solutions for all insolvency matters. We have a team of experts who deliver innovative and practical solutions and who have assisted a range of organisations and individuals return to prosperity.
-
Restructuring
Grant Thornton is a leading provider of insolvency and corporate recovery solutions.
-
Risk Advisory
Our Risk Advisory team delivers innovative solutions and strategic insights for the Financial Services sector, addressing disruptive forces, regulatory changes, and emerging trends to enhance risk management and foster competitive advantage.
-
Sustainability Advisory
Our Sustainability Advisory team works with clients to accelerate their sustainability journey through innovative and pragmatic solutions.
Our services can strengthen your business and stakeholders' confidence. You'll receive professionally verified results and insights that help you grow.
-
Accountancy Services
The Accountancy function is critical to any modern business. Our team of qualified accounting professionals at Grant Thornton Gibraltar can draw on their depth of experience and knowledge to ensure your accounts are expertly prepared to meet with all local and international standards.
-
Audit & Assurance
Grant Thornton is bringing a fresh approach to the audit process in Gibraltar by combining leading-edge technologies with a highly qualified team of audit professionals, all of whom are experts in key sectors of Gibraltar’s economy, and particularly in dealing with regulated entities.
Our tax solutions help you gain trust and stay ahead, enabling you to manage your tax transparently and ethically.
-
Company Tax
Our highly qualified and experienced team of tax professionals works closely with our clients to gain a deep understanding of their specific needs in order to ensure they are compliant in every aspect of their corporation tax requirements.
-
Employment and Payroll Services
Here at Grant Thornton, we can minimise the hassles associated with the HR function for companies in Gibraltar. By taking care of all your company’s Employment, Payroll and associated requirements to the highest standards, you can focus on what you do best with the peace of mind that your local compliance needs are being taken care of by professionals.
-
Global mobility Services
Our team of experts here at Grant Thornton provides a full range of professional services and advice to employers. Whether you require assistance in performing employment tax compliance reviews, or your business demands bespoke global mobility strategies tailored to your specific needs, we work closely with employers at every stage of the staff lifecycle thereby ensuring that all decisions are made giving consideration to both compliance and tax efficiency.
-
International Tax
In a world where disaggregating a company’s tax and operational presences is increasingly challenging, Grant Thornton’s approach to managing your international tax obligations can add value to your business.
-
Personal Tax Advisory
Our team of personal tax advisors have an unrivalled depth of knowledge and expertise in handling all your compliance requirements in a professional manner. Whether you need assistance with your CAT 2 status application as a High Net Worth Individual, or more general day-to-day tax preparation services and advice, we are here to help.
-
Private Client
Grant Thornton’s experienced team of specialists can help to steer you successfully through a range of tax-related challenges. Whether you are establishing a business in Gibraltar, moving to or from the jurisdiction, transferring wealth, or need help with residence and domicile issues, we offer advice that can help you minimise the burden that taxes may have upon your personal wealth.
Quick summary
- The new Global Internal Audit Standards™, effective 9 January 2025, replace the previous IPPF and raise expectations for assurance and advisory work.
- Built around 15 principles across five domains, the standards emphasise ethics, governance, risk management, culture, communication and technology.
- Heads of Internal Audit should take seven key steps: from familiarising with the standards and self-assessing gaps, to updating strategy, engaging stakeholders, and planning for external quality assessments.
- The goal is to future-proof IA functions with stronger accountability, tech-enabled assurance and a focus on delivering value to organisations and stakeholders.
The new Global Internal Audit Standards became effective 9 January 2025. These Standards are principle-based, and serve as a basis for evaluating and elevating the quality of internal audit functions.
In Gibraltar the establishment and operation of an independent internal audit functions varies based upon regulatory requirements and proportionality. The structure of departments is heavily influenced by the size and complexity of the organisation. Lately we have seen greater expectation around the quality and sophistication of internal audit functions by boards and senior management, as governance requirements increase and there is a better understanding of the benefits that internal audit can offer.
For internal auditors, especially heads of internal audit (HOIAs), the stakes are high as value expectations shift. Internal Audit must continuously pre-empt business priorities and challenges and position itself as a true business partner and advisor to genuinely deliver on its mandate. Given that and the fact internal auditors operate within an ever-evolving, turbulent risk landscape, the clarity offered by the updated Global Internal Audit Standards™ is welcome and can only benefit internal audit (IA).
Developed by The International Internal Audit Standards Board with input from stakeholders, the performance-focused standards raise the bar for assurance. They replace the previous International Professional Practice Framework (IPPF) and officially came into force on January 9, 2025.
The new standards are already enabling internal auditors to provide objective, high-impact assurance and advice, to address real-world situations effectively. By doing so, they help their organisations realise their strategic goals and deliver value to shareholders.
It's vital, however, for HOIAs and their IA teams to understand what they need to do to conform with the standards and meet their obligations, while also rising to board demands for real-time risk insight and sharper internal-control assurance.
Structure of the new internal audit standards
The new standards offer clearer, more direct guidance than previous standards, and are built around a clear framework of 15 operating principles across five domains:
- Purpose of internal auditing
- Ethics and professionalism
- Governing internal audit function
- Managing internal audit function
- Performing internal audit services.
At Grant Thornton, we see the standards as clearly aligned to six key themes:
- Emphasis on risk management
- Defining objectives and methodology
- Technology-driven
- Culture and communication
- Operational and governance
- Conformance.
Understanding the basics
The new standards insist on a more holistic, collaborative approach to internal audit, in which auditors, management and the board work together to service the organisation and the broader public interest.
Anyone worldwide providing IA services must comply with the standards, including employees and contractors, although there are special considerations for small audit functions and those in the public sector. The Chief Audit Executive (or person in that role if their title is different) must ensure all IA work aligns with the standards.
While everyone on the team doesn’t have to be deeply knowledgeably about all aspects of the standards, at a minimum, IA staff should familiarise themselves with Domain II (Ethics) and Domain V (Performing Internal Audit Services).
Note that under the standards, an external quality assessment will look for at least one member of the team to hold an active certified internal auditor designation.
The seven steps to applying the standards
Familiarise yourself with the standards
If you haven’t already, ensure you understand the changes from the 2017 standards and develop a transition plan. This should include a plan outlining where specific actions or revisions of responsibilities are required, as well as an internal training programme for your team.
Bear in mind you may already be working in ways set out by the standards, such as by showing courage in difficult situations, but you will need to be able to show that compliance during an external quality assessment (EQA).
Consider performing a self-assessment
To know where you need to introduce or change processes and procedures, it’s vital to carry out a gap analysis on where you stand compared with the new standards. Think of this as a mini self-assessment with independent validation (SAIV), without that external validation.
Rank your opportunities for improvement as ‘critical’, ‘important’ and so on, and work out where you need to fill policy, procedural or talent gaps, or introduce new templates supported by enhanced technology.
Develop or update your internal audit strategy
Based on the results of your self-assessment, draw up a timeline for implementing the changes needed, including the introduction or amendment of IA KPIs to help with monitoring and accountability.
At the same time, examine if and how you might need to update your IA strategy and your charter. Discuss your IA mandate with your board and consider if you should carry out a risk assurance mapping exercise.
Connect with your stakeholders and customers
Managing change as part of implementing new requirements under the standards presents an ideal opportunity to communicate more around IA and work to build strong, respectful relationships with stakeholders.
This will not only increase the perceived value of IA, it will also encourage others internally to approach rather than avoid IA and help to improve overall organisational risk management.
Develop a plan to stay informed on new topical requirements
Make sure you review your plans to account for topical requirements, which are mandatory under the new standards. They’re designed to improve IA services for specific audit subjects.
IAs must conform with these requirements if one of the topics falls within the scope of an engagement, and they will be a basis for measurement for an EQA if relevant.
Discuss new IA obligations with the board and senior management
Under Domain III of the new standards, your board and senior management are subject to essential conditions, meaning they must carry out specific actions to enable the IA function. These include acting as IA champions across the organisation and having to approve the HOIA’s role and responsibilities, among other tasks.
Rather than racing to the board to say it has new obligations, flag the new standards are in place and advise you will share a plan to address them. Once you have completed the self-assessment, the strategic review and other preparatory work, you can meet the board and senior management to discuss how they can support compliance.
Re-assess your quality assurance strategy
While needing to carry out an EQA at least every five years is not a new requirement under the standards, there is a new preference for an EQA over an SAIV. Discuss your EQA plan with the board and ensure it understands the changes.
At the same time, update your QAIP process to incorporate changes in the standards, paying particular attention to standard 12 (Enhance Quality) within Domain IV (Managing the IA Function).
Future-proofing the IA function
While new standards can sometimes seem onerous, the new Global Internal Audit Standards™ have been designed to focus on ethics, improve organisational culture around IA, to focus on beneficial outcomes and to encourage tech-enabled assurance, with more extensive use of AI, data automation and data analytics.
How we can help
Internal audit services
At Grant Thornton, we provide outsourced and co-sourced internal audit services. Our global internal audit framework aligns with the IIA’s new Global Internal Audit Standards. Spanning risk assessment and planning, audit execution and reporting and remediation, it allows us to focus continuously on your business objectives, risks and operating environment.
We audit efficiently and effectively, using advanced audit techniques. Once done, we provide useful, well aligned balanced reporting and recommendations – all of which ensures no surprises for you along the way.
We can match your global footprint, with internal audit specialists on the ground in Gibraltar, supported by experts globally (including locations such as the UK and Malta, where Gibraltar firms often have other offices). In addition we have the support of a team of subject matter experts that we use to assist in our audit work, including areas such as financial crime, cyber, actuarial and regulation. We have developed a reputation of tailoring out internal audit services to clients needs in order to add maximum value to their organisations.
External quality assessments
For companies with an existing in-house internal audit function, we can conduct a full evaluation and benchmarking of your internal audit processes. This can include an assessment of adherence to the new Global Internal Audit Standards. Our internal auditing expertise is built on a combination of local knowledge and global expertise and resources, and our experts can help to identify opportunities for improvement and cost reduction in your internal audit processes.
To discuss how we can help your organisation align with the new standards, get in touch with us today.
Authors
-
Craig Doyle Craig is director in our Business Risk Services team. He is a chartered accountant and a highly accomplished internal audit and risk professional with over 20 years national and international experience.View Profile
Subscribe to our mailing list
Receive the latest insights, news and more direct to your inbox.