The role of internal audit is to provide independent assurance that an organisation’s risk management, governance and internal control processes are operating effectively. A baseline definition of internal auditing provides a starting point for understanding the roles and responsibilities of internal audit function.

“Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.”

Major roles and responsibilities of internal audit function are summarised as below:

• evaluates and provides reasonable assurance that risk management, control, and governance systems are functioning as intended and will enable the organisation’s objectives and goals to be met
• reports risk management issues and internal controls deficiencies identified directly to the audit committee and provides recommendations for improving the organisation’s operations, in terms of both efficient and effective performance
• evaluates information security and associated risk exposures
• evaluates regulatory compliance program with consultation from legal counsel
• evaluates the organisation’s readiness in case of business interruption
• maintains open communication with management and the audit committee
• teams with other internal and external resources as appropriate
• engages in continuous education and staff development
• provides support to the company’s anti-fraud programs.

Source : http://www.deloitte.com/view/en_cn/cn/services/corgov/ic/iarr/index.htm