Attaining a Graduate Certificate in Internal Audit
April 13, 2017

Ben Hutchinson, Senior Manager


I recently completed the Graduate Certificate in Internal Audit (GradCert), issued by the Institute of Internal Auditors Australia (IIA). The IIA is the leading body representing Internal Auditors in Australia and globally.

The GradCert is a postgraduate professional education program for those seeking to establish or further develop a career in internal audit, governance and risk.

My role at Synergy in the last 18 months has transitioned to primarily being based in internal audit. Consequently, I thought it was a good time to find a course that could help solidify my understanding of key internal audit concepts, such as the IIA’s International Professional Practices Framework (IPPF) and application of risk in internal audit processes. I was also seeking a course that would complement my other qualifications – such as being a Chartered Accountant.

The course comprised four modules completed over two years. These were:

  • Module 1 – Risk Based Internal Auditing
  • Module 2 – Legal and Regulatory Environment
  • Module 3 – Organisational Systems and Processes
  • Module 4 – Professional in Practice.

There are a number of key concepts from the course which I now apply in my day-to-day work at Synergy. These include:

Understanding in detail the IPPF:

The IPPF provides internal audit professionals worldwide with authoritative guidance in undertaking internal audit activities.

Understanding and referring to specific standards in the IPPF recently allowed me to provide advice to the Executive at a client meeting regarding a proposal to merge the audit and risk branches together, including highlighting potential issues which may arise surrounding the independence and objectivity of the internal audit function.

Understanding the importance of risk:

The knowledge I gained from the course assisted me in the application and importance of risk across several engagements that I work on at Synergy, including:

  • Internal audit planning activities such as leading the development of the entity’s annual audit work program and individual engagement planning.
  • Internal audit fieldwork activities such as reviewing and providing value added observations and recommendations surrounding governance, risk management and operational control frameworks for client programs and major projects.
  • Providing advisory services to Australian Disability Enterprises (ADE), including undertaking a detailed risk assessment over the transition of the ADE existing premises to a new commercial premise, and identifying a number of key risks and current control activities over the creation of several new ADE business lines in the hospitality industry.

The course provided a solid introduction to understanding internal audit.

I would recommend it to anyone who is new to working in internal audit, risk or governance based roles.