Training Module
Training Module
Internal Audit Foundations
Understand the purpose of internal audits, role responsibilities, independence expectations, and how audit results are used in governance and improvement
Understand
Implement
Manage
Audit
Training module overview
Many organisations treat internal audits as a compliance routine: schedule, checklist, report, file. When that happens, audits stop informing decisions, and the management system drifts away from operational reality.
This module is for managers and implementers who need a solid understanding of what internal audits are for, how they should be positioned in governance, and what “good” looks like in outputs and follow-up. It does not teach auditor craft (planning, sampling, interviewing, evidence techniques, reporting writing), which is covered in the dedicated auditor modules.
Many organisations treat internal audits as a compliance routine: schedule, checklist, report, file. When that happens, audits stop informing decisions, and the management system drifts away from operational reality.
This module is for managers and implementers who need a solid understanding of what internal audits are for, how they should be positioned in governance, and what “good” looks like in outputs and follow-up. It does not teach auditor craft (planning, sampling, interviewing, evidence techniques, reporting writing), which is covered in the dedicated auditor modules.
Target audience
Management system managers, implementers, and coordinators (quality, ISMS, EMS, etc.)
Process owners and operational managers who host or sponsor internal audits
Governance, risk, and compliance professionals who rely on audit results for assurance inputs
Small or less mature organisations where internal auditors may be appointed “by necessity” and need a manager-oriented baseline (those who will conduct audits should progress to the auditor craft modules)
Management system managers, implementers, and coordinators (quality, ISMS, EMS, etc.)
Process owners and operational managers who host or sponsor internal audits
Governance, risk, and compliance professionals who rely on audit results for assurance inputs
Small or less mature organisations where internal auditors may be appointed “by necessity” and need a manager-oriented baseline (those who will conduct audits should progress to the auditor craft modules)
Agenda
What internal audits are for (and what they are not)
Purpose: assurance and improvement insight as a governance input
Typical failure modes: compliance theatre, checklist comfort, “finding hunts”
Positioning internal audits within the management system
How audits relate to context, objectives, risk thinking, and management routines (at a conceptual level)
The audit–management review interface: what decision-makers should expect as input
Roles, independence, and practical boundaries
Sponsor vs auditee vs auditor: responsibilities and “do / don’t” rules
Independence in practice: avoiding influence while enabling access and clarity
Setting expectations for an audit (manager-side)
Agreeing audit intent and focus without prescribing methods
Readiness and cooperation: providing access, contacts, and operational reality
What “good” audit output looks like (for decision-makers)
Clarity of scope, criteria framing, and traceability from observation to conclusion
Distinguishing issues that need management attention from noise
Using audit results for governance and improvement decisions
Turning audit outputs into prioritised follow-up and accountability (without teaching corrective action mechanics)
Tracking commitments and escalation paths (including when programme-level decisions are required)
Workshop (case-based, Halderstone-provided case)
Diagnose an “unhelpful” audit situation and reset expectations, roles, and follow-up behaviours
Practise reviewing an example audit report extract as a management input (quality checks and decision prompts)
What internal audits are for (and what they are not)
Purpose: assurance and improvement insight as a governance input
Typical failure modes: compliance theatre, checklist comfort, “finding hunts”
Positioning internal audits within the management system
How audits relate to context, objectives, risk thinking, and management routines (at a conceptual level)
The audit–management review interface: what decision-makers should expect as input
Roles, independence, and practical boundaries
Sponsor vs auditee vs auditor: responsibilities and “do / don’t” rules
Independence in practice: avoiding influence while enabling access and clarity
Setting expectations for an audit (manager-side)
Agreeing audit intent and focus without prescribing methods
Readiness and cooperation: providing access, contacts, and operational reality
What “good” audit output looks like (for decision-makers)
Clarity of scope, criteria framing, and traceability from observation to conclusion
Distinguishing issues that need management attention from noise
Using audit results for governance and improvement decisions
Turning audit outputs into prioritised follow-up and accountability (without teaching corrective action mechanics)
Tracking commitments and escalation paths (including when programme-level decisions are required)
Workshop (case-based, Halderstone-provided case)
Diagnose an “unhelpful” audit situation and reset expectations, roles, and follow-up behaviours
Practise reviewing an example audit report extract as a management input (quality checks and decision prompts)
Course ID:
HAM-IAF-1
Audience:
Manager
Domain:
Agnostic
Available in:
English
Duration:
7 h
List price:
CHF 550
Excl. VAT. VAT may apply depending on customer location and status.
What you get
Learning outcomes
Explain the purpose and value of internal audits as a governance and improvement input
Distinguish manager-side responsibilities from auditor craft, and protect audit independence in practice
Set clear, practical expectations for internal audits without prescribing methods or influencing conclusions
Recognise what “good” audit outputs look like (clarity, traceability, relevance) and challenge weak outputs constructively
Use audit results to support prioritisation, accountability, and escalation in management routines (including management review)
Align stakeholders on cooperation behaviours that enable operational reality to surface during audits
Explain the purpose and value of internal audits as a governance and improvement input
Distinguish manager-side responsibilities from auditor craft, and protect audit independence in practice
Set clear, practical expectations for internal audits without prescribing methods or influencing conclusions
Recognise what “good” audit outputs look like (clarity, traceability, relevance) and challenge weak outputs constructively
Use audit results to support prioritisation, accountability, and escalation in management routines (including management review)
Align stakeholders on cooperation behaviours that enable operational reality to surface during audits
Learning materials
Slide deck
Participant workbook
Certificate of completion
Slide deck
Participant workbook
Certificate of completion
Templates & tools
Audit sponsor brief (intent, boundaries, practical access expectations)
Independence and influence “do / don’t” checklist for managers and auditees
Audit output quality checklist (what to look for in reports and conclusions)
Audit results decision prompts (management questions to ask, escalation triggers)
Management review input helper: integrating audit results as a decision-ready input
Audit sponsor brief (intent, boundaries, practical access expectations)
Independence and influence “do / don’t” checklist for managers and auditees
Audit output quality checklist (what to look for in reports and conclusions)
Audit results decision prompts (management questions to ask, escalation triggers)
Management review input helper: integrating audit results as a decision-ready input
Prerequisites
This module assumes general familiarity with management system concepts and how organisational processes are managed. No prior audit training is required.
Helpful background includes:
Basic understanding of how work is governed through roles, processes, and routines
Familiarity with internal reporting and follow-up practices
This module assumes general familiarity with management system concepts and how organisational processes are managed. No prior audit training is required.
Helpful background includes:
Basic understanding of how work is governed through roles, processes, and routines
Familiarity with internal reporting and follow-up practices
Strongly recommended preparatory modules
System Foundations: Context, Stakeholders, and System Boundaries
Understand organisational context, stakeholders, and system boundaries
7 h
System Foundations: Context, Stakeholders, and System Boundaries
Understand organisational context, stakeholders, and system boundaries
7 h
System Foundations: Context, Stakeholders, and System Boundaries
Understand organisational context, stakeholders, and system boundaries
7 h
Continuous learning
Follow-up modules
Follow-up modules
After completion of this module, the following modules are ideal to further deepen the participant's competence.
After completion of this module, the following modules are ideal to further deepen the participant's competence.
Ready to achieve mastery?
Bring ISO requirements into everyday practice to reduce avoidable issues and strengthen the trust of your customers and stakeholders.
Ready to achieve mastery?
Bring ISO requirements into everyday practice to reduce avoidable issues and strengthen the trust of your customers and stakeholders.
Ready to achieve mastery?
Bring ISO requirements into everyday practice to reduce avoidable issues and strengthen the trust of your customers and stakeholders.