top of page

The UK regulators, PRA and FCA both see control over outsourcing as a key part of operational resilience. As a result, many Internal Auditors are now more routinely including outsourcing as part of their audit plans but they need some help in understanding the regulatory regime to conduct their audit.​​


​Our Outsourcing Guide for Internal Audit brings together best practice, relevant regulations and roles and responsibilities in a practical framework that you can use to carry out your own audit of outsourcing in-house without having to co-source or go external.​ We have done the hard work for you by explaining the relevant standards that apply to Internal Auditors of financial services firms such as the ISO and of course the FS Code. We also take you through and explain both the PRA and the FCA rules on outsourcing including the relevant FCA and PRA publications (including on operational resilience).​


​When implementing any regulation, a certain tolerance has to be set for regulatory risk. In this Guide that regulatory risk tolerance is set for businesses wanting to show they are taking outsourcing seriously and doing the right thing in their firm based on real regulatory and compliance advisory experience of what other firms are actually doing as best practice, and what both the PRA and FCA have said they expect.​​


Contained with your digital download:​​

  • Internal Audit standards​​

  • Avoidance of regulatory jargon and legal terminology​

  • Definitions of key terms​

  • A list of documents to sample and questions to ask as part of your audit​


We also provide a separate outsourcing training pack as a digital download that supports use of this Guide.​

Outsourcing: A Guide for Internal Audit

Excluding VAT
  • This product is in Microsoft Word (*.docx)

bottom of page