top of page

Internal Audits


PRA Canada provides both out-sourced and co-sourced Internal Audits. PRA has provided full out-sourced Internal Audit since 1985 for organizations across Canada including full reporting to the Audit Committee. This allows for a cost-effective Internal Audit function for those organizations that cannot staff a full Internal Audit department with all the skills required to assess all areas in the audit universe. PRA also provides co-sourced Internal Audits to supplement your IA function with skills and experience that may not be available within your department.


Operational audits focus on areas throughout your organization that have an impact on risk as well as operational efficiency. These audits assess the design and operational effectiveness of controls also considering operational efficiency as well as the risk of fraud.

Regulatory Readiness

Assess governance oversight of significant activities based on the Regulator’s Supervisory framework. Supervisory framework significant activities include Information Technology, Retail Credit, Commercial Credit and Treasury.  We develop a gap assessment and facilitate remediation.


The Office of the Superintendent of Financial Institutions (OSFI) Guideline E-13 Regulatory Compliance Management (RCM) sets out expectations for Financial Institutions regarding controls through which they manage the regulatory risk inherent in their activities.  Non-compliance with regulatory requirements can have a critical impact on an institution’s reputation as well as soundness.  OSFI’s key expectation with respect to RCM is that the Financial Institution will establish and maintain an enterprise-wide regulatory framework of regulatory risk management controls including oversight by functions that are independent of the activities they oversee.


The guideline was revised in November 2014 and implemented in May 2015, to more effectively align with updated OSFI Guidelines and complement OSFI’s Supervisory Framework and Assessment Criteria. The revised Guideline does not create new regulatory requirements. Rather, it communicates OSFI’s key expectations in respect of the need for FRFIs to establish and maintain an enterprise-wide framework of regulatory risk management controls.

Strategic Audits

Strategic audits have a different focus from Operational audits and look to provide value at a Governance level rather than an Operational one. The objective is not to assess strategy but to consider the decision-making process, key inputs, assumptions and reporting. While the focus can be on strategy, it can also focus on many other areas of strategic value.

Let's Work Together

Have an Internal Audit need?

bottom of page