Site Search
PwC Global Services Audit and assurance services Internal Audit PwC’s Guide for Implementing the IIA’s new Global Internal Audit Standards

Menu

Industries

Menu

Aerospace, defence & security

Menu

Capital projects & infrastructure

Menu

Energy, utilities & resources

Menu

Engineering & construction

Menu

Government & public services

Menu

Hospitality & leisure

Menu

Pharmaceuticals & life sciences

Menu

Technology, media & Telecommunications

Menu

Transportation & logistics

Featured

Move fast, think slow: How financial services can strike a balance with GenAI

Take on Tomorrow @ the World Economic Forum in Davos: Energy demand

2025 Outlook: Global M&A Industry Trends

Menu

Services

Featured

Climate risk, resilience and adaptation

Business transformation

Sustainability assurance

Loading Results

Explore

PwC - Implementing the IIA’s new Global Internal Audit Standards

Use the IIA’s new Global Internal Audit Standards™ to drive transformation and value from your Internal Audit function

Focusing on the future: Introducing the new Standards

The Institute of Internal Auditors (IIA) revised its Global Internal Audit Standards™ (“the Standards”) in 2023 to support the continued evolution of the profession and help organisations address today’s complex risk landscape. 

This represents a significant opportunity for Internal Audit (IA) functions to incorporate the latest developments in good practice and drive transformation to increase the value they can provide to their stakeholders.

All organisations will need to consider their response and implement changes for the new Standards in 2024, ready to conform in 2025. Find out below how PwC can help you.

An opportunity to transform: Key Changes in the Standards

The Standards, which can be found on the IIA’s global website, include additional focus on areas such as:

  • Board (or equivalent) involvement in IA

  • IA mandate, vision and strategic plan

  • An understanding of risks and coverage throughout the organisation

  • Planning, tracking and measuring performance (e.g., efficiency and quality)

  • IA reporting, evaluating findings and effective communication

There will also be new Topical Requirements and guidance that help IA functions focus on key risk areas. These include topics such as Cybersecurity, Information Technology Governance, Privacy Risk Management, Sustainability and ESG (Environmental, Social & Governance), and Third-party Management.

A unified approach: How leadership should respond

The new Standards are not just relevant to IA—they impact the whole organisation. This means the Board and each line need to work together to capture the opportunities the new Standards bring. This includes:

Board/Audit Committee and Senior Management

Second Line (e.g., Risk, Compliance)

IA Leaders (e.g., Chief Audit Executive)

Consider how a strong IA function can help the company achieve its vision by building resilience to protect value, and give the business confidence to transform to create value.

Questions to ask:

  1. Has leadership had sufficient input to the IA plan on strategic priorities?

  2. Can the new IIA Topical Requirements help us better focus on strategic risks?

  3. Can we coordinate investment and effort across teams to get the best return on investment from the changes?

Capture the opportunity to align and collaborate with IA to strengthen the company’s approach to risk and optimise assurance and monitoring activities.

Questions to ask:

  1. Can we use assurance mapping to reassess risk coverage?

  2. Where can joint training and upskilling enhance collective expertise on key risk areas?

  3. What opportunities are there to collaborate with IA on approach, tools, technology and data?

Use the new Standards to continue the IA transformation journey and engage differently with stakeholders.

 Questions to ask:

  1. Is there an opportunity to refresh our IA strategy and align with the organisation’s latest objectives?

  2. How can the new Standards help drive change in IA (people, processes and technology)?

  3. How can benefits from implementing the new standards be measured and monitored?

Benefits: Unlocking the potential of IA

Organisations will be at different levels of maturity in relation to corporate governance and risk management. Critical to this is having a modern IA function that can adapt to a changing risk landscape and incorporate the latest Standards and best practices. 

Based on the key areas of focus in the new Standards, benefits could include, for example:

  • Better stakeholder alignment - through additional Board and Senior Management engagement in the IA life-cycle, alignment on strategic priorities and coverage, and optimised IA reporting

  • More effective auditing of important risks - incorporating IIA Topical Requirements and guidance to help IA enhance its approach to addressing key risk areas

  • Increased efficiency and risk coverage - by further cooperation with second line and a clear understanding of assurance activity mapped to key risk areas

  • Additional insights and value to the business - as a result of IA training and upskilling, including knowledge of strategic/business risks, audit methodology, and technology and data

5 steps to drive change: How PwC can help

There are five key steps involved in implementing the new Standards. Please speak to your local PwC team on how they can help you maximise the value at every stage. Click on each to find out more:

1. Assess readiness and agree priorities

Confidence in your response to the new Standards

  • Perform an IA Readiness Assessment to identify what needs to change to conform with the new Standards

  • Discuss impact of changes with key stakeholders, including Board/Audit Committee, Senior Management, Risk and Compliance functions (e.g., in stakeholder workshops)

  • Agree actions and priorities that will have the best outcomes for the organisation

Contacts

Please contact the Internal Audit team of your local PwC firm to find out more about how we can help you implement the new IIA Standards and get the best out of this opportunity for your organisation.

Shaun Willcocks

Global Risk Markets Leader, Global Internal Audit Leader, Partner, PwC Japan

+81 (0)90 6478 6991

Email

Mike Maali

US Internal Audit Leader, Partner, PwC United States

+1 (630) 209 6384

Email

Richard Thomas

EMEA Internal Audit Leader, Partner, PwC Switzerland

+41 79 816 27 00

Email

Justin Martin

UK Internal Audit Leader, Partner, PwC United Kingdom

+44 (0) 7881 802 336

Email

Sophie Langshaw

Australia Internal Audit Leader, Partner, PwC Australia

+61 41 052 0548

Email

Eric Yeung

Chinese Mainland and Hong Kong Internal Audit Leader, Partner, PwC China

+852 2289 1953

Email

Kathrin Kersten

Germany Internal Audit Leader, Partner, PwC Germany

+49 69 9585 1201

Email

Carlie Persson

Canada Internal Audit Leader, Partner, PwC Canada

+1 780-441-6700

Email

Deborah Mack

US Internal Audit Partner, PwC United States

+1 646-592-0031

Email

Featured content

Discover more on creating a world class IA function and read other information from PwC on related areas:

Strategy + business, a PwC publication

Be a better decider

As reinvention pressure rises, CEOs need to rewire their decision-making.

See what's new
Follow us
Hide

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

PwC office locations Site map Contact us

© 2017 - 2025 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.