Internal Audit Services - Legend Fusions UK

Internal Audit Services in the UK

As organisations grow, boards require stronger oversight of internal controls, risk exposure, and governance processes. We conduct independent internal audit reviews that evaluate control effectiveness through risk-based control testing, document audit findings, and report remediation actions to management and the audit committee.

Legend Fusions is the UK advisory brand evolved from Legend Financial & Tax Advisers, unifying tax, compliance, and advisory services under one international group.

Serving clients in London, Bolton, Milton Keynes and throughout the UK.

Independent Internal Audit Expertise

Independent internal audit requires professional judgement, technical competence, and clear reporting to those charged with governance. Our team supports UK boards and audit committees through structured risk-based reviews of internal controls and control design.

Risk-based internal audit planning
Review of risk register alignment
Evaluation of control design
Walkthroughs of key operational processes
Sample testing of internal controls
Identification of control gaps
Remediation plan with defined accountability
Audit committee-ready reporting

years experience

13+ years of delivering internal audit reviews, led by Chartered Accountants operating under professional standards recognised by ICAEW.

Who Needs an Internal Audit

Boards and audit committees typically introduce internal audit when governance oversight expands, internal controls require independent evaluation, risk registers require validation, or operational complexity increases across business processes. These situations often arise as your organisation grows and governance responsibilities expand.

✓ Boards requiring independent governance oversight
✓ Audit committees seeking internal control assurance
✓ Organisations validating risk register accuracy
✓ Businesses formalising internal control frameworks
✓ SMEs without an independent internal audit function
✓ Organisations preparing for regulatory scrutiny
✓ Businesses managing increasing operational complexity

Where internal controls are not independently tested, control gaps remain undetected, increasing exposure to financial loss, reporting errors, and governance failures over time.

What Our Internal Audit Services Deliver

Our internal audit services evaluate internal controls, operational processes, and governance frameworks, producing documented audit findings that help boards and audit committees assess control effectiveness and monitor remediation actions across your organisation.

✓ Governance framework evaluation and board oversight reporting
✓ Risk register monitoring and validation
✓ Control design evaluation and approval structures
✓ Financial reporting and finance close controls
✓ Revenue and expenditure control testing
✓ Segregation of duties and access management
✓ Compliance-ready operational control procedures

Without structured internal audit review, weaknesses in control design and execution persist, limiting the board’s ability to rely on management reporting and internal control assurance.

Internal Audit vs External Audit

Internal audit and external audit perform different roles within UK governance frameworks. Internal audit evaluates operational processes and internal controls to support governance oversight, while external audit provides independent assurance on financial statements under the Companies Act 2006.

Internal Audit

Reviews operational processes and internal controls
Ongoing evaluation of internal control effectiveness
Risk-based audit planning aligned to risk register
Reports primarily to the audit committee
Evaluates control design and operational effectiveness
Issues audit findings with remediation tracking

External Audit

Provides assurance on financial statements
Annual statutory audit of financial statements
Compliance-driven financial reporting review
Reports primarily to shareholders
Provides independent audit opinion on accounts
Does not review operational processes

How Our Internal Audit Process Works

Internal audit engagements follow a structured, risk-based approach aligned to board oversight and governance expectations. Our process includes:

Risk-Based Scoping

We review the risk register and agree on priority areas with management and the audit committee.

Control Design Review

We assess whether control design appropriately addresses identified financial and operational risks.

Walkthroughs and Testing

We perform walkthroughs of key processes and undertake sample testing of internal controls.

Findings and Remediation Planning

We document control gaps, assign ratings, and develop a structured remediation plan with responsible owners.

Reporting and Follow-Up

We present findings to management and the audit committee and conduct follow-up testing where required.

30 / 60 / 90 Day Internal Audit Plan

A typical internal audit engagement follows a phased timeline covering risk-based scoping, control testing, reporting of audit findings, and remediation planning. The structure below illustrates how many internal audit reviews are organised.

First 30 Days
Risk-based scoping, review of the risk register, and agreement of audit focus areas with management and the audit committee.

By 60 Days
Control design evaluation, walkthroughs of operational processes, and sample testing of internal controls.

By 90 Days
Audit findings presented to the audit committee, remediation actions agreed, and follow-up testing schedule defined.

Feedback From Clients

“The capital allowances review was thorough and clearly explained. Qualifying expenditure was identified accurately, and the claim was prepared in line with HMRC requirements.”

Commercial Property Owner, UK

“The process was handled professionally from start to finish. The figures were clear, the documentation was well prepared, and HMRC queries were managed without disruption.”

Finance Director, UK

“Clear advice, no overstatements, and strong technical knowledge. The allowances were integrated correctly into our tax computations, giving us confidence in the final submission.”

Company Director, UK

Related Assurance & Audit Services

Audit Hub

Explore our UK audit and assurance services supporting governance, compliance, and oversight requirements.

Due Diligence

We assess independent financial and operational review supporting acquisitions, investment decisions, and risk exposure.

Agreed-Upon Procedures

We offer targeted testing of specific controls or transactions with factual findings reported without opinion.

Independent Examination (Charities)

Independent examination services aligned to Charity Commission guidance for eligible UK charities.

ISRE 2400 Review

Limited assurance review engagements under ISRE 2400 for historical financial statements.

Common Internal Audit Issues Organisations Encounter

Many organisations encounter control weaknesses as operations expand, systems evolve, and governance structures change. Internal audit reviews help identify where your control environment may require strengthening.

Outdated or incomplete risk register
Limited visibility for the audit committee
Lack of documented control ownership
Delayed remediation of prior findings
Control changes implemented without documentation

Weak controls over revenue recognition
Inconsistent finance close procedures
Payroll processing without independent checks
Procurement approvals outside delegated authority
Insufficient monitoring of expenditure trends

Inconsistent approval controls
Management reporting without control validation
Absence of structured follow-up testing
Rapid scaling without control reassessment
Expansion into new operations without risk review

Areas Of Service

We work with clients across London and the South East, with offices in Hounslow, Stratford, and Bolton for in-person meetings.

View All Areas

Internal Audit Helpful Resources

Identifying control breakdown in a multi-site procurement process

Strengthening payroll oversight following segregation of duties failure

Rebuilding risk register oversight after rapid operational expansion

Frequently asked questions

What is internal audit?

Internal audit is an independent review of governance, risk management, and internal controls to confirm whether processes operate effectively and oversight responsibilities are being met.

Is internal audit required under the Companies Act 2006?

The Companies Act 2006 does not mandate internal audit for most companies, but boards often implement it to strengthen governance and internal control oversight.

How is internal audit different from external audit?

Internal audit evaluates operational processes and internal controls throughout the year, while external audit provides independent assurance on financial statements.

Do SMEs in the UK need internal audit?

SMEs often require internal audit where segregation of duties is limited or governance structures are expanding without independent control review.

What is a risk-based internal audit?

A risk-based internal audit prioritises review areas based on the organisation’s risk register, focusing attention on higher exposure processes.

What are common internal control weaknesses?

Typical weaknesses include poor segregation of duties, weak approval controls, unrestricted system access, and incomplete risk register monitoring.

How often should internal audit be performed?

Most businesses conduct internal audit annually, though higher-risk or regulated environments may require more frequent review.

What does the audit committee receive from internal audit?

The audit committee receives a structured report outlining audit findings, control ratings, remediation actions, and follow-up testing results.

Do you provide internal audit services in London?

Yes, we deliver internal audit engagements in London and support boards across the wider United Kingdom.

Are your internal audit services available across the UK?

Yes, we are assisting organisations across the United Kingdom, delivering internal audit engagements both on-site and remotely.

Arrange Your Internal Audit Review

Our Chartered Accountants review your processes, identify control deficiencies, and provide clear steps to strengthen oversight so you can rely on the effectiveness of your internal controls.

Request Audit Plan