Internal Audit: Myths, Facts and Reality

The Internal Audit (IA) function in many organisations has a mission to enhance and protect the control environment by providing risk-based and objective assurance, advice, and insight. IA assists the organisation to accomplish its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of governance, risk management and controls.

However, like any other function, IA is not without its share of misconceptions and myths. Majority of people have a notion of internal Audit function that is contrary to its role and mandate. This article aims to shed some light on these predominant myths, separating them from the facts and ultimately revealing the true reality of internal audit.

Myth 1: Internal Audit is only about finding fault and nit-picking.

Fact: While identifying and reporting on deviations from policies and procedures is an important aspect of IA, its role extends far beyond merely pointing fingers. The primary focus of IA is to provide independent and objective assurance on the adequacy and effectiveness of risk management processes, internal controls, and corporate governance practices and not a ‘Corporate Police function’. This involves proactively assessing potential risks, evaluating the adequacy of existing controls, and recommending improvements to strengthen the overall control environment.

Myth 2: Internal Auditors are not business-minded and lack understanding of the organisation’s operations.

Fact: To effectively contribute to the bank’s success, IA is equipped with a deep understanding of the financial services industry and the specific complexities of banking operations. IA prioritises stakeholders’ engagements to ensures that our assessments and recommendations are practical and value-adding to drive business toward her goals. Professionalism is our watchword, and we are continuously learning to deliver quality service to business.

Myth 3: Internal Audit findings are always negative and lead to disciplinary action.

Fact: While IA reports may identify areas for improvement, they are not inherently negative. The goal is to constructively highlight potential weaknesses and opportunities for enhancement, not to punish individuals. In fact, many internal audit findings lead to positive changes, such as improved controls, streamlined processes, and enhanced risk management practices. Furthermore, many organisations promote a culture of open communication and encourages dialogue between internal audit and management to collaboratively address any identified issues.

Myth 4: Internal Audit is a barrier to business operations and slows down progress.

Fact: Contrary to this perception, IA collaborates with business by identifying inefficiencies and recommending process improvements. By proactively addressing potential risks and ensuring compliance with regulations, IA helps to mitigate disruptions and safeguard the organisation’s reputation. Furthermore, by providing constructive feedback and promoting a culture of risk awareness, IA fosters a more efficient and effective way of doing business.

Myth 5: It’s best not to tell the auditors anything unless they specifically ask.

Fact: The purpose of internal auditing is to add value and improve an organization’s operations through providing independent and objective assurance on the effectiveness of risk management processes, internal controls, and corporate governance practices. Purposefully hiding information, whether by omission or commission, increases Professional Scepticism and defeats the purpose of Audit.

Reality: A Collaborative Pillar of Good Governance

The reality of Internal Audit function is that it serves as a crucial pillar of good governance, promoting transparency, accountability, and ethical conduct. It provides independent assurance to stakeholders, including regulators, shareholders, and customers, that the organisation is operating effectively and managing risks responsibly. Internal Audit is not a standalone function but rather an integral part of the organisation’s broader risk management framework, working in close collaboration with management and other departments to achieve the strategic objectives.

Looking Ahead: Continuous Improvement and Innovation

Many organisations recognize the evolving nature of the financial services industry and the ever-changing risk landscape. Consequently, the internal audit function continuously adapts and innovates to remain effective and relevant. This includes utilizing cutting-edge data analytics tools, embracing emerging technologies, and staying abreast of the latest internal audit methodologies and best practices. By proactively addressing challenges and capitalizing on opportunities, the Internal Audit function continues to play a vital role in safeguarding the organisation’s future and contributing to its long-term success.


Understanding the myths, facts, and reality of Internal Audit is crucial for appreciating its vital role within the organisation. It is not a function to be feared but rather embraced as a partner in progress. By dispelling misconceptions and promoting open communication, organisations today ensures that its Internal Audit function remains an effective and valuable asset in driving her strategic goals.


5 Myths That Cloud Awareness About Internal Audit – Audit Beacon

Analysis of the Myths and Realities of the Internal Checks and Balances In An Organisation

Classic Myths about Internal Auditing

Sinning: Debunking common myths about auditors, auditing

Stanbic IBTC

Top 3 Internal Audit Myths

Top 5 Misconceptions About Being an Auditor

By Sodeinde Jedidiah, Stanbic IBTC Bank

Leave A Comment

Subscribe to our newsletter

Sign up to receive latest news, updates, promotions, and special offers delivered directly to your inbox.
No, thanks