Internal Audit | IJB Strategia

Delivering the audits that empower businesses

Audit Needs

YOUR AUDIT NEEDS

Seeking efficiencies? Facing scrutiny? Struggling with compliance? Preparing for ISO certification? Audits shouldn’t be a headache—they should drive confidence, improvement, and decision making. IJB Audit and Assurance delivers sharp, independent internal audits and ISO 9001 assessments to help businesses navigate a number of complex challenges by providing clarity, assurance, and real solutions.

Identify Issues. Eliminate Risks. Improve Performance.

When failures, inefficiencies, or non-compliance arise, businesses must act fast to prevent escalation. I conduct targeted internal audits to identify root causes of quality control failures, supply chain disruptions, workplace safety incidents, financial risks, and regulatory non-conformities. My audits diagnose recurring issues, drive corrective actions, and establish long-term improvements to prevent reoccurrence.

✔ Post-Failed External Audit Investigations – Identifying why a company failed an audit and ensuring corrective actions are in place.
✔ Quality Control & Process Compliance Audits – Investigating recurring defects or inefficiencies in manufacturing, production, or service delivery.
✔ Workplace Safety & Incident Investigations – Auditing failures in HSE compliance and legal requirements to enforce corrective measures.
✔ Financial Compliance & Fraud Audits – Assessing financial governance, internal controls, and fraud risks.
✔ Supply Chain & Vendor Compliance Audits – Ensuring suppliers meet performance, quality, and regulatory standards.

Identify Gaps. Meet Criteria. Achieve Certification

Whether you're an exciting new tech-start up looking to make yourself investment ready, or an established organisation looking to secure ISO 9001 certification, you need assurances that your systems are robust, well-documented, and fully compliant. Our audits help businesses identify gaps, verify compliance, and ensure readiness before an external audit, investor review, or client evaluation.

✔ Investment & Credit Readiness Audits – Evaluating risk management, governance structures, and operational effectiveness as part of 2nd and 3rd party audits by investors, suppliers, lenders and certifying bodies.

✔ Gap Audits – Pre-certification audits of ISO 9001 Quality Management Systems and PAS 2030/2035 EEM processes to identify non-conformities and prepare organisations for successful certification and TrustMark approval.

✔ Regulatory & Legal Compliance Audit – Ensuring business processes, documentation, and controls align with industry regulations, government requirements, and legal standards to mitigate non-compliance risks.

Manage Change. Minimise Disruption. Drive Improvement.

Business transitions—mergers, acquisitions, restructures, and system implementations—introduce risks that can impact efficiency, compliance, and governance. I audit these changes to ensure alignment with business objectives while embedding continuous improvement for long-term success.

✔ Post-Merger & Acquisition Audits – Ensuring smooth policy, governance, and risk management integration while identifying efficiency gains.
✔ Restructuring & Downsizing Audits – Assessing business continuity, operational efficiency, and process optimization.
✔ New System Implementation Audits – Verifying that software, ERP, or process changes drive performance and continuous improvement.
✔ Technology & Digital Transformation Audits – Evaluating automation, AI, and digitalization efforts for innovation and efficiency.

Retain Expertise. Build Leaders. Strengthen Workforce.

Organizations risk losing critical expertise due to leadership transitions, workforce turnover, or ineffective knowledge retention. I conduct audits to assess how well companies capture, store, and transfer institutional knowledge, ensuring leadership continuity, workforce readiness, and optimized training programs.

✔ Knowledge Management (KM) – Evaluating how effectively organizations retain and transfer critical expertise.
✔ Succession Planning & Workforce Readiness – Ensuring leadership continuity and knowledge retention strategies.
✔ Training & Competency Management – Assessing employee training programs for alignment with business needs and long-term capability building.

Enhance Efficiency. Strengthen Compliance. Mitigate Risks.

Management systems drive efficiency, compliance, and risk management—but without regular audits, they can become ineffective, outdated, or non-compliant. Our internal audits evaluate how well your existing policies, controls, and frameworks are functioning, ensuring businesses operate with clarity, accountability, and regulatory adherence.

✔ Operational & Resource Efficiency – Auditing process optimization, cost control, waste reduction, and procurement oversight
✔ Risk, Governance & Compliance – Assessing corporate governance, risk frameworks, business continuity, and compliance with industry regulations
✔ Workforce & Leadership Audits – Evaluating HR policies, employee training systems, performance management, and workplace culture
✔ Financial Integrity & Fraud Prevention – Reviewing financial controls, fraud risk management, and reporting accuracy

About me

ABOUT US

My name is Imran Javaid Butt, Lead Auditor at IJB Audit & Assurance, and I specialise in Auditing 3.0—the next evolution of internal auditing that moves beyond compliance checks and risk identification to assess how effectively organisations manage risk and integrate controls into decision-making.

Audit 1.0 ensures compliance. Audit 2.0 identifies at-risk processes. Audit 3.0 takes it further—evaluating whether your risk management frameworks, governance structures, and controls are truly embedded, understood, and driving real business resilience.

But true assurance isn’t just about systems—it’s about the people behind them. That’s why we evaluate your organisation’s risk culture as part of every audit. We examine whether managers fully understand their roles in risk mitigation, risk appetite, and governance resilience—and, crucially, whether they act in alignment with your business’s risk objectives.

With over 20 years of experience and expertise spanning ISO 9001, ACCA, Corporate Psychology/UXD, Change Consulting, and Organisational Redesign, our team brings a people-centric, real-world approach to auditing. Every audit we conduct delivers not just insights, but understanding—revealing not just what is happening, but why.

Now that is what I call real Assurance.

Audit Process

THE AUDIT JOURNEY

A successful audit is more than a review—it is a structured, step-by-step process designed to uncover risks, enhance controls, and drive better decision-making. From our first meeting to delivering final recommendations, we ensure every stage is clear, efficient, and focused on delivering real value.

Here’s what to expect at each step and how we work with you to turn audit insights into business improvements.

Engagement

Work with you to define the audit's scope, objectives, and requirements, establishing a clear agreement on timeline, deliverables, resources and confidentiality.

Evaluate Findings & Evidence

Analyse findings to identify risks, inefficiencies, and gaps, assess non-conformities, and provide improvement recommendations based on objective evidence against the audit criteria.

Audit Planning

Develop a tailored audit plan, defining the criteria, methodology, and key focus areas while selecting auditors and coordinating with stakeholders.

Audit Reporting

Prepare a comprehensive report summarizing key observations, compliance gaps, and improvement opportunities, then discuss findings with leadership and stakeholders.

Conducting the Audit

Perform on-site or remote audits, gathering evidence through interviews, document reviews, and observations to evaluate processes against your criteria.

Follow-Up & Improvements

Support corrective actions, verify improvements through follow-up reviews, and provide ongoing guidance to maintain compliance, efficiency and enhance quality management.

Audit Services

WHAT WE AUDIT

Every organisation relies on strong financial, operational, and governance systems—but without regular audits, gaps can go unnoticed, risks can grow, and inefficiencies can hold you back. We assess the critical areas that drive your business, ensuring your processes are robust, compliant, and built for success.

Explore the key areas we audit and how they contribute to stronger decision-making, risk management, and business performance.

Gain control. Reduce risk. Maximise profits.

Weak financial controls, compliance failures, and fraud risks can expose businesses to regulatory penalties and financial instability. Our audits provide an independent assessment of your financial systems, internal controls, and regulatory adherence, ensuring policies are implemented effectively and risks are identified early.

✔ Financial Governance & Reporting – Verifying internal controls, fraud prevention, and financial reporting accuracy
✔ Payroll & Tax Compliance – Auditing salary processing, tax obligations, and employee benefit compliance
✔ Contract Compliance & Financial Risk – Assessing procurement contracts, vendor agreements, and fraud controls
✔ Budgeting & Cost Control – Evaluating financial forecasting, cost efficiency, and spending oversight

Enhance Oversight. Ensure Compliance. Build Accountability.

Effective governance, leadership oversight, and workforce policies are essential for minimising risk, preventing ethical violations, and maintaining regulatory compliance. Our audits provide an independent review of your governance structures, HR policies, and risk management frameworks to assess effectiveness, transparency, and adherence to best practices.

✔ Enterprise Risk Management (ERM) Audits – Evaluating corporate risk frameworks, mitigation strategies, and control effectiveness
✔ Corporate Governance & Board Oversight – Assessing board accountability, leadership structures, and governance policies
✔ Corporate Oversight & Ethical Risk Audits – Reviewing how well governance controls prevent ethical risks, misconduct, and leadership fraud
✔ HR & Employee Benefits Compliance – Auditing performance-based compensation, pension schemes, and workforce policies
✔ Workplace Ethics & Culture Audits – Ensuring ethical standards, regulatory adherence, and a compliant workplace environment
✔ Knowledge Management – Assessing how well critical business knowledge is captured, stored, and shared

Optimise Efficiency. Reduce Costs. Improve Productivity.

Operational inefficiencies, supply chain failures, and weak process controls increase costs and expose businesses to risks. Our audits provide an independent review of your existing management systems, ensuring compliance, risk mitigation, and operational effectiveness.

✔ Supply Chain & Procurement Compliance – Auditing supplier performance, procurement policies, and contract adherence
✔ Production & Asset Management – Assessing manufacturing processes, equipment maintenance, and resource utilization
✔ Inventory & Distribution Controls – Evaluating stock management, logistics processes, and supply chain risk
✔ Sales & Customer Process Compliance – Reviewing sales policies, customer service frameworks, and after-sales processes
✔ Process Integrity & Benchmarking – Assessing organizational controls, process efficiency, and compliance with best practices

Secure Systems. Prevent Threats. Safeguard Data.

Technology underpins modern business, but weak IT governance, cybersecurity gaps, and compliance failures put organizations at serious risk. Our IT & Cybersecurity Audits provide an independent review of IT systems, security policies, and risk management frameworks, ensuring resilience against cyber threats and regulatory compliance.

✔ IT Governance & Policy Compliance – Assessing alignment with corporate governance, security frameworks, and IT policies
✔ Cybersecurity & Data Protection – Evaluating cybersecurity resilience, data privacy compliance, and threat mitigation
✔ IT Infrastructure & System Reliability – Reviewing system performance, network security, and operational continuity
✔ Disaster Recovery & Business Continuity – Ensuring preparedness for cyber incidents, IT failures, and system outages
✔ User Access & Identity Management – Auditing privileged access controls, authentication policies, and insider threat risks

Strengthen Sustainability. Prevent Risks. Ensure Stability.

Sustainability, risk management, and regulatory compliance are critical for businesses adapting to environmental laws, ESG requirements, and corporate transformations. Our independent audits assess whether your policies, risk controls, and governance frameworks align with compliance mandates, operational best practices, and long-term business sustainability.

✔ ESG & Environmental Compliance – Auditing corporate sustainability initiatives, environmental impact, and ESG policy effectiveness
✔ Governance & Strategic Risk Audits – Reviewing risk controls, business governance structures, and internal management effectiveness
✔ Operational Resilience & Security Audits – Assessing risk mitigation strategies, corporate security frameworks, and business continuity planning
✔ Workplace Health, Safety & Waste Management – Ensuring compliance with waste disposal laws, health & safety regulations, and sustainability targets

Audit Clients

WHO WE AUDIT

From construction and manufacturing to finance and healthcare, we provide audits that help businesses strengthen compliance, streamline operations, and manage risk effectively. Every industry faces unique challenges—we bring the expertise to ensure your systems are not just compliant, but built for success.

Fortify Systems. Streamline Production. Maximise Output.

Manufacturing demands more than compliance — it demands adaptive systems, robust governance, and the ability to anticipate failure before it strikes. Internal audit in this sector ensures that supply chain risk, plant-floor controls, and ERP governance are not only compliant, but aligned with strategic priorities and operational realities. From MES breakdowns and HSE incidents to traceability gaps and ESG reporting, our assurance approach empowers manufacturing groups to harden resilience, surface hidden risks, and turn audit into a driver of performance.

✔ Plant-Floor Controls & Risk Culture - Auditing production environments, control users, and process deviations to test not just the presence of controls — but their lived resilience and risk alignment.

✔ Supply Chain & Procurement Governance - Evaluating supplier oversight, procurement logic, contract compliance, and buffer stock strategies to detect volatility, misalignment, or embedded fragility.

✔ ERP & MES Systems Assurance - Auditing ERP/MES workflows and integration breakdowns to ensure data governance, reporting integrity, and post-transformation control resilience.

✔ HSE & Operational Incident Analysis - Conducting post-failure audits of health, safety, and environmental controls to identify root causes, behavioural patterns, and mitigation failures.

✔ ESG, Compliance & Traceability - Testing compliance with REACH, trade laws, GDPR, and sustainability frameworks. Tracing material flows, data exposures, and reporting risks across multi-site operations.

Improve Quality. Enhance Care. Exceed Standards.

Healthcare demands more than clinical excellence — it demands governance that protects patients, stabilises operations, and aligns regulatory integrity with human outcomes. Our internal audits move fluently between clinical risk, data privacy, safety assurance, and funding accountability. Whether auditing public health bodies, private providers, or healthtech platforms, the goal remains constant: protecting care through control clarity.

✔ Clinical Governance & Patient Safety – Auditing care quality frameworks, incident reporting systems, and duty-of-candour governance. Testing how safety culture, escalation protocols, and RCA processes operate in practice.

✔ Regulatory Compliance & CQC Readiness – Evaluating readiness for Care Quality Commission reviews, NHS assurance cycles, and clinical risk oversight. Auditing evidence trails, self-assessment structures, and remedial action planning.

✔ Healthtech & Digital Transformation – Auditing EPR rollouts, telehealth platforms, and health app governance. Testing GDPR compliance, interoperability controls, and patient data accuracy across digital care journeys.

✔ Workforce & Culture Audits – Auditing whistleblowing frameworks, burnout indicators, and management accountability under the Workforce Race Equality Standard (WRES) and NHS People Plan guidance.

✔ Sustainability & Healthcare ESG – Validating carbon reporting under NHS Net Zero commitments and ICS ESG frameworks. Auditing sustainability controls across estate management, procurement, and waste governance.

✔ Finance, Funding & Fraud Controls – Auditing financial governance across NHS and private funding structures. Testing controls over billing, grant usage, procurement integrity, and cross-entity recharge arrangements.

Optimise Supply. Accelerate Delivery. Prevent Disruptions

Logistics demands more than throughput — it demands control frameworks capable of governing movement across networks, modes, and partners. Our internal audits anticipate exposure, contract failures, cross-border liabilities, embedded ESG risks, and tech platform blind spots. Our audit approach empowers logistics and distribution groups to govern complexity, trace accountability, and align operational controls with customer promises, regulatory demands, and commercial risk

✔ Operational Resilience & Network Continuity – Auditing route, depot, and fleet operations for systemic weaknesses, redundancy planning, and control response under pressure — from fuel volatility to border delays.

✔ Third-Party Risk & Contract Assurance – Auditing 3PL/4PL partner governance, service-level oversight, and subcontractor exposure. Testing how liability, performance, and brand risk are controlled across layered networks.

✔ Cross-Border Compliance & Trade Controls – Evaluating customs and trade compliance across jurisdictions. Auditing sanctions controls, bonded warehousing, and dual-use goods governance to prevent breach exposure.

✔ Inventory & Order Traceability – Auditing stock movement, order integrity, and WMS platform controls across multi-site and omni-channel networks. Detecting phantom stock, reconciliation issues, and data latency.

✔ ESG, Emissions & Ethical Sourcing – Validating carbon reporting under logistics-specific ESG frameworks. Auditing emissions tracking (Scope 1, 2, 3), ethical sourcing claims, and human rights due diligence across supply chains.

✔ Data, Platform & Automation Risk – Auditing TMS/WMS platforms, last-mile automation, and AI-powered routing tools. Testing control logic, data lineage, override governance, and cyber resilience of critical logistics tech.

Ensure Safety. Control Budgets. Deliver on Time.

Construction and engineering projects demand more than project tracking — they require audit frameworks that govern complexity, expose contractor risk, and safeguard delivery outcomes under real-world constraints. Our Internal audit operate across capital programmes, contractor ecosystems, and regulatory pressure points — from HSE compliance and CDM coordination to project overruns and procurement failures to help construction groups stabilise oversight, contain cascading failures, and mature their project governance.

✔ Project Governance & Capital Delivery – Auditing programme assurance plans, stage gate governance, and capital cost tracking to test alignment between board expectations and site realities.

✔ EEM Retrofit Audits – Auditing installation works against PAS 2030/2035, Regulatory Frameworks e.g. BS 5250, BS 7913 and Building Regulations (documents A–L) to ensure technical accuracy, regulatory compliance, and whole-house retrofit integrity.

✔ HSE & CDM Compliance Audits – Auditing site safety, RAMS documentation, design risk coordination, and CDM governance to prevent regulatory breaches and reputational exposure.

✔ Change Management & Delay Claims – Auditing project change control, delay claims, and valuation events to detect manipulation risks, weak governance thresholds, and contractual misalignments.

✔ Environmental & ESG Assurance – Auditing sustainability reporting under construction-specific ESG frameworks. Validating Scope 3 emissions tracking, waste management processes, and social value reporting.

✔ Systems & Data Integrity – Auditing construction tech platforms (CDEs, project finance systems, digital twins) for data reliability, reporting integrity, and real-time governance capability.

Fortify Trust. Anticipate Exposure. Shape Governance.

Financial services demand more than regulatory compliance — they demand audit functions that translate risk into insight, expose governance fragility before it manifests, and support scale without loss of control. Our audit approach supports fintech start-ups, investment firms, and wealth managers as they navigate volatility, regulatory scrutiny, and digital transformation. We turn your audit function into a tool for shaping governance maturity — embedding resilience, clarifying risk appetite, and ensuring control frameworks grow with complexity.

✔ AI & Digital Systems Assurance – Auditing algorithmic decisioning (bias, drift, override logic), model explainability, and cloud-based infrastructure (GDPR, SOC 2, and hybrid cloud controls) to ensure governance aligns with innovation.

✔ Capital, Liquidity & Risk Appetite Audits – Reviewing internal capital models, wind-down plans, and operational resilience frameworks under SYSC, IFPR, and Basel-informed stress assumptions. Auditing not just thresholds — but lived risk appetite.

✔ Sanctions, AML & Fraud Controls – Testing the logic of automation: classifier thresholds, false negative rates, escalation protocols, and synthetic ID detection across financial crime and fraud prevention platforms.

✔ Client Money & Conduct Risk – Evaluating client asset safeguarding under CASS, mapping conflicts of interest in advisory services, and auditing governance structures under SMCR for culture, accountability, and reputational risk.

✔ ESG & Regulatory Disclosure Readiness – Auditing non-financial risk reporting against CSRD, TCFD, and green asset frameworks. Validating Scope 3 data traceability and assessing ESG controls for auditability under evolving standards.

✔ Data Governance & Cross-Border Controls – Translating BCBS 239, MiFID II, and GDPR into enforceable audit structures. Auditing data lineage, transaction traceability, and SOX 404 readiness to ensure data truthfulness and reporting resilience.

Strengthen Service. Secure Experience. Elevate Standards.

Hospitality depends on seamless service, guest trust, and rigorous standards. Internal auditing in this sector ensures that operational controls, brand consistency, and risk governance align with both guest expectations and regulatory obligations.From heritage property preservation to data privacy and event delivery, our audit process empowers hospitality groups to enhance performance, secure compliance, and deliver extraordinary guest experiences at scale.

✔ Guest Experience & Brand Consistency – Auditing service quality, complaint handling, and brand delivery across multi-site, multi-brand operations.

✔ Revenue Protection & Financial Controls – Identifying gaps in financial processes, loss prevention, and revenue leakage across hotels, bars, and F&B operations.

✔ Meetings, Events & Venue Compliance – Ensuring operational readiness, health & safety, and contractual compliance for large-scale and international events.

✔ Heritage & ESG Assurance – Balancing modern operations with historic preservation and environmental responsibility, ensuring compliance with heritage and ESG frameworks.

✔ Data Privacy & Technology Risk – Auditing PMS, CSA and IoT systems, guest data flows, and digital booking platforms for GDPR compliance and cyber resilience.

Audit Impact

IMPACT METRICS

These metrics demonstrate how our audits drive real results—helping clients achieve strategic alignment, strengthen governance, reduce risks, and enhance operational efficiency.*

Gemini_Generated_Image_vs27zxvs27zxvs27-removebg-preview_edited.png

83%

of audits found misalignments between processes & business strategy

Gemini_Generated_Image_hah8thhah8thhah8-removebg-preview.png

30%

of inefficiencies were reduced after implementing audit findings

Gemini_Generated_Image_ilhrvqilhrvqilhr-

80%

of audits found gaps within management system reducing their effectiveness

65%

of businesses strengthened governance structures within 12 months

Gemini_Generated_Image_7gqjr7gqjr7gqjr7-removebg-preview_edited_edited_edited.png

77%

of audits found managers exceed their company’s risk tolerance levels

40%

of business disruptions were reduced by correcting non-compliance

* The data presented is based on findings from 38 audits, providing a representative insight into the impact of our work.

Audit Blog

INSIGHTS

Great audits go beyond compliance—they shape stronger businesses. Through thought leadership, industry analysis, and practical guides, we provide the insights companies and internal auditors need to navigate challenges, refine best practices, and get more value from their audits.

Explore expert perspectives, ISO 9001 strategies, and tools designed to elevate your audit approach.

Audit 3.0: The Evolution of Assurance

How to Prepare for an ISO Certification Audit: A Practical Guide for Businesses

Why Businesses Fail ISO Audits—And How to Make Sure You Don’t

Audit FAQs

What kind of information will I need to provide for an audit?

To ensure a thorough and effective audit, we'll need access to certain information about your business. The specific details will depend on the type of audit being conducted, but generally, you can expect to provide: Documentation: This includes policies, procedures, organizational charts, process maps, and any relevant records (e.g., financial, operational, compliance). Access to Personnel: We'll need to speak with key employees to understand their roles, responsibilities, and how processes are implemented in practice. System Access: Depending on the audit scope, we may need temporary access to relevant systems, such as accounting software, inventory management systems, or IT systems. Historical Data: For certain audits, past performance data may be required to identify trends and assess effectiveness. Information about Objectives and Risks: Understanding your business goals and the risks you face is crucial for tailoring the audit to your specific needs. Cooperation and Open Communication: Perhaps the most important thing is your willingness to engage with us openly and honestly. The more transparent you are, the more effective the audit will be. Don't worry, we'll guide you on exactly what information is needed for your specific audit. We aim to make the process as straightforward as possible and will work with you to minimise any disruption to your day-to-day operations. Our goal is to work collaboratively to gain a clear understanding of your business and provide valuable insights.
How much does an audit cost and how long does it take?

The honest answer is that the cost and length of an independent internal audit or an ISO 9001 audit varies depending on the specific needs and complexity of your business. Unlike buying a product with a fixed price, an internal audit is a bespoke service. Several factors influence the cost, including: The type of audit: As you can see from our services, we offer a range of audits, from certification support and management system reviews to specialized investigations and tax assessments. Each type has different requirements. The size and complexity of your business: Larger, more complex organisations naturally require more time and resources to audit effectively. The scope of the audit: Are we looking at a specific department, process, or the entire organisation? A narrower scope will generally mean a lower cost. The level of risk and complexity of the areas being audited: Some areas, like finance or IT, might require more in-depth analysis. Based in London and serving businesses throughout the UK, we tailor our approach to each client. The best way to get an accurate idea of the cost for your specific needs is to get in touch. We offer a free consultation to discuss your requirements and provide a transparent, no-obligation proposal.
What geographical areas do you cover?

We cover all corners of the UK, offering both on-site and virtual audit preparation services. Regardless of your location within the United Kingdom or your preferred audit format, we're here to help.
How do you ensure the confidentiality of our information?

Confidentiality is paramount to our work. We treat all client information with the utmost discretion and adhere to strict professional standards. Our processes include: Non-Disclosure Agreements (NDAs): We routinely sign NDAs to formalise our commitment to confidentiality. Secure Data Handling: We employ secure methods for storing and transmitting your data, both physically and digitally. Limited Access: Only authorised personnel involved in your audit have access to your information. Professional Ethics: We are bound by professional codes of conduct that mandate the protection of client information. 1. Code of ethics - the five fundamental principles - ICAEW www.icaew.com Data Protection Compliance: We comply with relevant data protection regulations (like GDPR in the UK) to ensure your data is handled responsibly. You can be confident that your sensitive information is safe with us.

Audit Contact

LET'S TALK

Whether you need an internal audit, an ISO 9001 gap assessment, or a trusted audit partner for corporate engagements, we provide audits that deliver clarity, assurance, and real business value.

Get in touch today to discuss how we can support your audit needs.

0330 043 7114

info@ijbstrategia.com