Proactively address emerging risks. Streamline your internal audit processes. Improve the efficiency and resiliency of your organization’s internal controls. Strengthen your internal audit function. That’s the goal — but where do you start?
To succeed, you cannot take the well-worn, expected path
Baker Tilly internal audit professionals help you embrace a forward-focused, industry-fluent approach — enabling your board of directors, audit committee and senior leadership to prioritize resiliency and growth efforts while minimizing disruption. As your organization faces diminishing resources and staffing challenges, Baker Tilly serves as a value-added extension of your internal audit capabilities. We help you identify and mitigate risks, optimize your business processes, ensure effective internal controls and help you perform quality assurance reviews.
How do you expand the focus of your internal auditors to include risks at the strategic, operational, financial, social and organizational levels? Should you adopt agile auditing principles and methods to enhance your organization’s current internal audit procedures? Do you need to augment your in-house internal audit team, or seek a solution through co-sourced/outsourced internal audit services?
When charting your path forward in the world of internal audit, questions abound. Fortunately, you don’t have to do it alone. Baker Tilly has successfully navigated this landscape with sound strategies, proven processes and effective recommendations designed to further your organization’s strategic objectives.
Hiring Baker Tilly for internal audit services was the best decision that we ever made.Chief financial officer of a large university
Chart a new course with Baker Tilly
At Baker Tilly, we help clients elevate their internal audit function, ensuring it adds strategic value beyond compliance. Whether you are looking to enhance existing capabilities or outsource your entire internal audit function, Baker Tilly offers flexible, tailored approaches to meet your needs. Explore how we can support you throughout every phase of the internal audit life cycle.
Implement a strategic internal audit function
Developing and aligning internal audit with your organization's strategic objectives
Whether you’re establishing a new internal audit function or transforming your existing one, Baker Tilly partners with you to create a strategic, value-adding internal audit function that aligns with your risk profile and organizational goals. We offer guidance on optimizing governance, risk management and control frameworks for long-term success.
Assess and prioritize risks
Identifying risks and developing a focused internal
audit plan
Through comprehensive risk assessments, we help you prioritize audit areas that align with business objectives and regulatory requirements. We customize our audit plans to focus on high-risk areas, emerging risks and opportunities for process improvements.
Execute comprehensive internal audits
Performing high-quality audits that drive value
Our team provides scalable solutions, from fully outsourced audits to co-sourcing arrangements. We bring deep industry knowledge and technical expertise to execute thorough audits across operational, financial and compliance areas, utilizing data analytics to uncover key insights.
Integrate technology and data analytics
Leveraging advanced tools to improve audit efficiency and insights
We help clients integrate data analytics and advanced technology into their audit processes, providing continuous monitoring and real-time insights. This increases audit efficiency, accuracy and depth of findings while reducing manual effort.
Conduct independent quality assurance reviews
Ensuring your internal audit function meets industry standards and best practices
We perform independent quality assurance reviews (QARs) to evaluate whether your internal audit activities comply with Institute of Internal Auditors (IIA) standards and add value to your organization. Our QARs offer insights into the efficiency, quality and relevance of your internal audit processes, ensuring continuous improvement.
Optimize processes and controls
Improving internal processes and controls for sustainable growth
After audit execution, we help clients address control gaps and inefficiencies. Baker Tilly’s team provides actionable recommendations for process improvements, control enhancements and strategies for ongoing risk mitigation to drive operational efficiency and compliance.
Deliver clear reporting and engage stakeholders
Providing actionable insights and fostering transparency
Our audit reporting focuses on delivering actionable insights that inform decision-making. We engage key stakeholders, including audit committees and senior management, to ensure transparent reporting and alignment with corporate governance expectations.
Foster continuous improvement and monitoring
Building a proactive, future-ready internal audit function
Baker Tilly helps clients establish continuous monitoring mechanisms to ensure their internal audit function evolves with emerging risks, regulatory changes and business transformations. Our continuous improvement approach keeps your internal audit function responsive and value-driven.
Explore an internal audit innovation session
Uncovering, defining and advancing innovative internal audit ideas to drive transformative change and create new opportunities for growth.
In this interactive innovation lab experience, together, we will identify target stakeholders and their needs, brainstorm solutions and assess their viability and impact. We will prioritize these solutions to create an actionable road map. Deliverables include a documented journey map and a prioritized road map for next steps.
They are more than consultants. The Baker Tilly team raised the quality of our internal audit and risk management functions and helped us through the change management required to ensure success.Chief administrative and risk officer of a large healthcare organization
Internal audit hot topics
In today’s complex risk landscape, internal audit provides critical assurance and insights, helping organizations identify vulnerabilities and enhance their risk management strategies.
AI risks
Artificial intelligence (AI) offers significant opportunities for innovation and efficiency but also presents notable risks, including biases in decision-making, data privacy concerns and potential security vulnerabilities. It's crucial for organizations to implement robust governance and risk management practices and ethical guidelines — and stay ahead of regulatory requirements to mitigate these risks and ensure responsible AI deployment.
Data analytics
Maximizing the use of data analytics can be indispensable for an organization, allowing internal audit to be faster, more flexible and more strategic in its risk assessment practices. Effective use of data analytics incorporates emerging internal and external risks around which an organization may need to adjust its audit plans. Data analytics further supports internal audit to focus and refocus work as risk effects shift, so that an organization’s limited time and resources can be directed toward the biggest, most strategic risks.
Data governance
Data governance is essential to ensure the accuracy, security and proper use of data within an organization — which becomes even more critical with the integration of artificial intelligence (AI). In addition to establishing clear policies and procedures, organizations need robust data management practices, regular audits and continuous monitoring to ensure data quality and compliance. Effective data governance enables organizations to maintain data integrity, enhance decision-making and foster trust — ultimately driving better business outcomes and innovation.
Co-sourcing/outsourcing
An organization’s internal audit function is key to ensuring that strategic risks are appropriately managed and mitigated. The combination of external forces (e.g., a complex regulatory environment, rapidly evolving technology and increasing cyber threats) and internal forces (e.g., increasing demands from organization leaders and skill gaps) should compel leaders to investigate working with a co-sourced or outsourced internal audit partner.
Emerging risks and disruption
As organizations continue to grow, balancing efficiency, sustainability and scalability with controls has proven to be an important emerging risk. Excessive controls and policies can hinder growth, presenting internal auditors in expanding organizations with the challenge of balancing continuous risk monitoring with the pursuit of new processes, opportunities, and technologies to support and drive growth.
Third-party risk management
Effective third-party risk management (TPRM) requires close collaboration between risk management and business functions to identify, assess and mitigate risks associated with external vendors and partners. Well-executed TPRM helps business leaders understand how third parties can increase profitability while ensuring resilience against new and unexpected challenges and drive compliance.
IIA Standards
On Jan. 9, 2024, the Institute of Internal Auditors (IIA) released updated Global Internal Audit Standards that will go into effect in January 2025. The Standards will bring about significant changes — including increased focus on how internal audit serves the public interest, clarifications to the role of the board and new requirements for quality assurance and improvement programs.
With five domains, 15 principles and 52 standards in total, it’s no longer a question of if these changes will impact organizations — but rather how and when.
ESG auditing
The cross-functional nature and shared responsibility of managing environmental, social and governance (ESG) within an organization can be complex. Fortunately, internal audit is uniquely positioned to partner with various teams to support development of an ESG strategy based on data requests from key stakeholders. Internal audit’s experience with assessing risk, identifying processes, understanding reporting requirements, and a keen awareness of an organization’s goals and strategies will be beneficial to an organization as they embark on their ESG journey.
Segregation of duties
Safeguard your organization from reputational and financial harm by establishing strong checks and balances. Strengthening risk management and internal controls helps reduce exposure to fraud and supports compliance.
The principle of segregation of duties is to divide key responsibilities so that critical tasks are handled by more than one person or department. Baker Tilly offers guidance to enhance your risk management and control environment, helping reduce fraud, errors and other control failures. We also support compliance with regulations such as the Sarbanes‑Oxley Act, J‑SOX and Basel II.
Guiding insights
With such a global reach as our company has, it made sense to find a firm that had a local presence in all the countries we serve to function as our internal audit team.Chief financial officer at a global manufacturer
Industry spotlight
Explore how Baker Tilly’s internal audit solutions can benefit organizations across industries. From proactive assurance, risk-based internal audit plans, data analytics support, internal control reviews, enterprise risk management and fraud investigations – let's go there, together.

Banking
The banking industry continues to deal with interest rate and liquidity challenges in addition to ongoing consolidation through mergers and acquisitions. Banks and credit unions are prioritizing digital transformation to enhance customer experience with better digital banking and payment capabilities. The growing use of data and models is driving the demand for modeling resources and validation processes. Additionally, maintaining cybersecurity maturity is crucial as banks and credit unions strive to stay ahead of the evolving cybersecurity landscape. In this complex environment, an internal audit partner is crucial. They provide independent assurance on risk management, governance and internal controls, helping to identify risks and inefficiencies early. An internal audit partner enhances customer trust and confidence by safeguarding data and ensuring regulatory compliance.

Insurance
Insurance organizations are faced with fast-paced changes in digital technology, customer experience improvements, climate change effects, cybersecurity, artificial intelligence and organizational restructuring. On top of this, they must manage complex and constantly evolving regulatory compliance. Internal audit is crucial to provide assurance in this landscape. By partnering with an internal audit provider with insurance expertise, you can adapt to shifting priorities and adjust resource levels as needed, ensuring that both mandatory, emerging, operational and strategic audits are conducted efficiently and effectively.

Government
Having an internal audit partner can increase the appearance of independence with audit functions, steer clear of political or policy issues that might be beyond their scope and enhance the audit committee or governing body's confidence in audit results, as they may be more inclined to trust an external perspective.

Government contractors
Government contractors must understand traditional risk areas and grasp the nuances of contract-specific technical requirements, remaining agile to address emerging industry and regulatory demands. The rigorous nature of contract compliance and the constantly changing regulatory landscape makes it challenging for contractors to stay updated on technical requirements like cybersecurity risk, Cybersecurity Maturity Model Certification (CMMC), artificial intelligence, ESG and International Organization for Standardization (ISO) certifications. Partnering with a dedicated internal audit provider offers government contractors the flexibility to allocate, shift or focus resources in these critical areas.

Healthcare
As healthcare organizations face stricter regulations, cybersecurity threats and financial constraints, the need for effective internal controls has never been greater. Successful leaders in the industry are turning to specialized professionals who can assess risk, provide compliance support and optimize internal control frameworks. By accessing expertise in areas such as healthcare regulations, patient data protection and revenue cycle management, organizations can proactively address vulnerabilities while ensuring continuous improvement and innovation.

Higher education
Colleges and universities function like small cities – facing heightened public scrutiny, fiscal challenges related to enrollment, extensive regulatory demands and various reputational risks. By partnering with an internal audit provider, institutions gain access to specialized knowledge and industry-leading practices in emerging risk areas such as cybersecurity, sponsored research, student safety and well-being.

Life sciences
Life sciences companies face pressures and challenges that are unique from other industries, including commercial, medical, safety, quality, regulatory, government pricing and contracting activities. Implementing a comprehensive internal audit plan can help alleviate these anxieties and concerns that affect management’s decision-making skills, and most notably, strengthen the internal controls necessary to allow life sciences companies to meet their strategic objectives and goals.

Not-for-profits
Not-for-profit organizations face both internal and external pressures, including managing and stewarding funds from various sources, optimizing resources and maintaining compliance — all while effectively fulfilling their mission. Partnering with an internal audit provider can offer not-for-profits objective insights and oversight, helping to prioritize risks cost-effectively, leverage peer and industry-leading practices for efficiency and maintain a reputation as a responsible steward of funds. A strategic internal audit partner provides expertise in financial, information technology, compliance and operational areas, enabling the organization to focus on serving its community.

Manufacturing
Manufacturing organizations operate in a complex global environment, facing supply chain disruptions, regulatory compliance challenges and operational inefficiencies. By partnering with a firm that offers global internal audit services, manufacturers can benefit from specialized expertise in risk management, regulatory compliance and process optimization. This global reach ensures that audits not only align with local regulations and business practices but also address industry-specific risks such as environmental sustainability, product safety and operational resilience.

Private equity
Private equity firms are challenged with rising investor demands, intense competition for portfolio companies and heightened regulatory scrutiny. Partnering with an internal audit provider gives them the flexibility to effectively address emerging risk areas and evolving compliance issues. Through a variable resource model and real-time access to subject matter specialists, they can gain industry insights and actionable solutions to manage organizational risks and tackle business challenges.
Our strategic alliances
AuditBoard
Together, Baker Tilly and AuditBoard provide clients with a solution that augments the transformation and optimization of their financial management, risk and compliance functions. The pairing combines deep advisory experience and insight with advanced audit technology to enhance GRC management. Read the press release.
In this episode of Agents of Change, Heather Acker, risk advisory managing partner, and Richard Chambers, senior internal audit advisor at AuditBoard, share their perspectives on internal audit and the future of the profession.
Workiva
Baker Tilly and Workiva create value-driven offerings to transform and optimize an organization’s governance, risk and compliance (GRC) functions and support their ESG journeys with enhanced reporting insights. Through our alliance, Baker Tilly and Workiva can help organizations streamline risk management processes and compliance reporting within a cloud-based platform.
Fieldguide
Fieldguide supports Baker Tilly’s risk advisory services by embedding AI-enabled workflows across engagements. Fieldguide’s platform embeds AI capabilities across the engagement lifecycle, from planning through reporting, with structured workflows, transparency and human oversight. Baker Tilly’s implementation emphasizes alignment with firm methodologies and professional standards, helping ensure consistency and transparency throughout the engagement process. Read the press release.
Real life results
What does it take to scale a real estate investment firm? Watch the video to hear from Big Sky CEO Jason Signor and Managing Director, Blake Woodall as they discuss how Baker Tilly's comprehensive support and industry expertise helped transform the company into an institutional-quality investment manager.

Whitepaper
Collaboration without compromise: Practitioner perspectives on internal audit, risk management and governance practices
Using global survey data, Baker Tilly teamed up with the Internal Audit Foundation and Wolters Kluwer TeamMate® to explore how evolving risk management practices are reshaping second- and third-line roles and boosting collaboration.


Solutions
IT audit solutions
Leverage industry-specialized IT audit professionals to enhance and protect organizational value.
What does it mean to be "agile" in internal audit?
It’s about adopting agile principles in internal audit, and nurturing a people-centric culture that operates in rapid learning, flexible planning and execution, and fast decision cycles enabled by technology and common purpose to create and add value to stakeholders.
Case studies
Our professionals
























































