Acumon
Blog · · manager

Internal Audit Services in Aberdeen: Companies and Services Guide

Choosing an internal audit provider in Aberdeen is rarely just a compliance decision. For many organisations, it forms part of a wider effort to strengthen governance, improve oversight and ensure internal processes continue to operate effectively as regulatory and operational demands evolve.

Aberdeen’s business environment includes energy companies, international groups, financial services firms, charities and growing mid-sized businesses, all facing different reporting, risk and control requirements. As a result, internal audit firms in the region often provide support that extends beyond traditional assurance work, covering areas such as risk management, governance reviews, regulatory compliance and operational controls.

This guide highlights a selection of internal audit services companies operating in and around Aberdeen. Rather than ranking providers, the aim is to provide practical context around the firms active in the market, the types of organisations they typically support, and the areas where their internal audit and advisory experience is most relevant.

Acumon

Acumon is a UK firm of chartered accountants and advisors providing internal audit services to companies and organisations across Aberdeen and the wider UK market.

The firm works with organisations ranging from owner-managed businesses and charities through to regulated entities, public sector organisations and international corporate groups. Internal audit engagements are designed to strengthen internal controls, oversight frameworks and regulatory compliance, while supporting operational resilience.

Acumon provides internal audit and risk assurance services across compliance, operational and reporting environments, including control reviews, risk assessments, process evaluation and governance reporting. Work is delivered using a structured risk-based methodology tailored to the size, complexity and regulatory environment of each organisation.

Acumon holds a Public Interest Entity (PIE) audit licence, enabling the firm to support listed companies and other organisations subject to enhanced regulatory oversight in the United Kingdom. In addition to its UK audit registration, the firm also holds audit licences in the Cayman Islands, British Virgin Islands (BVI), Jersey and Isle of Man, supporting organisations operating across multiple jurisdictions.

The firm also provides broader support across IT risk, anti-fraud controls, business transformation and compliance oversight. Internal audit work is often delivered alongside discussions with boards, finance teams and senior management regarding reporting structures, operational controls and organisational risk exposure.

Acumon’s internal audit services are supported by senior professionals with experience across regulated, corporate and public sector environments, including financial services, energy, utilities, charities and international group structures.

Internal Audit Capabilities

Acumon provides internal audit services across a wide range of organisational structures and sectors.

These include:

  • UK limited companies and corporate groups
  • regulated organisations and Public Interest Entities (PIEs)
  • UK subsidiaries of international groups
  • charities and not-for-profit organisations
  • owner-managed businesses strengthening governance frameworks
  • organisations operating within multi-entity structures

Internal audit engagements are typically led by senior professionals with direct involvement throughout the engagement.

Regulatory Licences and Registrations

Acumon operates within UK regulatory and professional frameworks and maintains audit registrations that support its work across multiple jurisdictions.

These include:

  • UK statutory audit registration
  • Public Interest Entity (PIE) audit licence
  • Jersey audit licence
  • Isle of Man audit licence
  • Cayman Islands audit licence
  • British Virgin Islands audit licence

These registrations support the delivery of services for organisations operating within both domestic and international regulatory environments.

Core Services

In addition to internal audit, Acumon provides a range of services that support governance, compliance and operational oversight.

These include:

  • governance and internal control reviews
  • risk management and compliance support
  • internal audit and assurance services
  • business transformation and process reviews
  • IT risk and cybersecurity support
  • anti-fraud and risk mitigation services
  • regulatory and governance advisory support

Internal audit work is often delivered alongside discussions with management and boards regarding governance structures, operational controls and risk management frameworks.

Many organisations strengthen internal audit and governance processes as they grow, expand operationally or encounter increasing regulatory obligations.

Acumon works with organisations that are:

  • strengthening governance and internal control frameworks
  • preparing for investment or organisational change
  • operating across multiple business units or entities
  • managing regulatory and compliance responsibilities
  • seeking independent assurance over internal processes

Early engagement can help organisations improve governance visibility, strengthen control environments and align reporting processes with operational and regulatory requirements.

Contact Information:

QHSE Aberdeen

QHSE Aberdeen focuses on management system auditing and compliance support, with internal audit forming part of its wider QHSE advisory work. Their approach is closely connected to ISO standards and operational compliance, particularly for organisations that need structured audit programmes across quality, health and safety, environmental or information security systems.

The company outlines internal audits as a mechanism for identifying weaknesses in management systems, reviewing how controls operate in practice and helping organisations maintain alignment with regulatory and certification requirements. Their work also extends into supplier and vendor audits where external assurance over third-party processes is required.

Key Highlights:

  • Aberdeen-based QHSE and compliance consultancy
  • Internal audits linked to ISO management systems
  • Focus on risk-based audit planning and control reviews
  • Experience with supplier and vendor audit processes
  • Support for organisations operating under certification standards
  • Independent auditing approach aligned with management system oversight

Services:

  • Internal audits and management system reviews
  • ISO compliance auditing
  • Vendor and supplier audits
  • Risk-based audit planning
  • Certification preparation support
  • QHSE systems assurance
  • Second-party and third-party audit support

Contact Information:

  • Website: www.qhseaberdeen.com
  • Email: info@qhseaberdeen.com
  • Facebook: www.facebook.com/qhse-aberdeen
  • Twitter: x.com/qhseaberdeen
  • LinkedIn: www.linkedin.com/company/qhse-aberdeen
  • Address: Westpoint House, Prospect Rd, Aberdeen, AB32 6FJ
  • Phone: 01224 737277

Henderson Loggie

Henderson Loggie delivers internal audit and risk advisory services across public, private and third sector organisations from several offices across Scotland, including Aberdeen. Internal audit sits within a broader governance and assurance offering, with a strong focus on organisational controls, risk management and operational oversight.

The firm’s internal audit work covers both outsourced and co-sourced models, depending on how organisations structure their assurance functions internally. Alongside core audit reviews, their service areas include fraud assurance, information governance, digital risk, process optimisation and third-party assurance reporting. Much of the language around their approach centres on helping organisations improve decision-making, strengthen assurance frameworks and identify gaps across governance processes.

Key Highlights:

  • Aberdeen office supporting organisations across Scotland and the UK
  • Internal audit services for public, private and third sector clients
  • Co-sourced and outsourced audit support models
  • Governance, fraud and digital assurance capabilities
  • Experience with assurance frameworks and control reviews
  • Focus on operational efficiency and risk oversight

Services:

  • Internal audit outsourcing and co-sourcing
  • Governance and controls assurance
  • Enterprise risk management consulting
  • Fraud investigations and forensic reviews
  • Information governance assurance
  • Third-party assurance and SOC reporting
  • Business process and performance reviews
  • Compliance and control environment assessments

Contact Information:

  • Website: hlca.co.uk
  • Email: info@hlca.co.uk
  • Facebook: www.facebook.com/HendersonLoggie
  • LinkedIn: www.linkedin.com/company/hendersonloggie
  • Instagram: www.instagram.com/hendersonloggie
  • Address: 1 Marischal Square, Broad Street, Aberdeen, AB10 1BL
  • Phone: 01382 200055

AAB

AAB provides internal auditing and assurance services to organisations across sectors including public sector, education, social housing and international business. Their audit work is positioned around governance, operational controls and risk management, with reviews shaped around the specific risks and structures of each organisation.

The firm places noticeable emphasis on risk-based audit planning and board-level reporting. Alongside annual internal audit programmes, they carry out targeted reviews focused on operational weaknesses, contract assurance and process improvement. Their service structure also covers co-sourced and outsourced audit arrangements for organisations that need additional specialist support or a fully managed internal audit function.

Key Highlights:

  • Internal audit and assurance practice with Aberdeen presence
  • Risk-focused audit planning and governance reviews
  • Experience across public sector and regulated environments
  • Co-sourced and outsourced audit support models
  • Contract compliance and forensic audit capability
  • Board and audit committee reporting experience

Services:

  • Internal audit programmes
  • Governance and control reviews
  • Risk management advisory
  • Contract audits and compliance reviews
  • Forensic audit support
  • Assurance mapping and risk workshops
  • Operational process reviews
  • Co-sourced internal audit support

Contact Information:

  • Website: aab.uk
  • Facebook: www.facebook.com/AABLLP
  • Twitter: x.com/AABGroup_
  • LinkedIn: www.linkedin.com/company/aab-accountants
  • Instagram: www.instagram.com/_aabgroup
  • Address: Kingshill View, Prime Four Business Park, Kingswells, Aberdeen, AB15 8PU
  • Phone: +44 (0) 1224 625111

RSM UK

RSM UK approaches internal audit through the lens of controls, governance and organisational resilience. Their work is centred on assessing whether internal controls are functioning effectively in practice and identifying areas where operational processes or oversight frameworks may need strengthening.

Much of the firm’s messaging focuses on risk-based audit planning and practical recommendations tied to operational performance. Audit work is supported by board and audit committee reporting, with reviews covering control testing, governance oversight and process efficiency. The broader consulting structure around the service also connects internal audit with forensic, risk and governance advisory functions.

Key Highlights:

  • Internal audit and controls advisory practice
  • Risk-based audit planning approach
  • Focus on governance and operational resilience
  • Audit committee and board reporting support
  • Control effectiveness and process testing
  • Integrated consulting and forensic capabilities

Services:

  • Internal audit and controls reviews
  • Risk-based audit planning
  • Control design and effectiveness testing
  • Governance assurance
  • Operational improvement reviews
  • Audit committee reporting support
  • Process and control gap assessments
  • Risk and governance advisory

Contact Information:

  • Website: www.rsmuk.com
  • LinkedIn: www.linkedin.com/company/rsm-uk
  • Instagram: www.instagram.com/rsm.uk
  • Address: 4th Floor, The Capitol, 431 Union Street, Aberdeen, AB11 6DA
  • Phone: +44 (0)1224 321133

PwC

PwC provides internal audit services as part of its wider risk and assurance practice, working with organisations facing changing regulatory, operational and technology-related risks. Their internal audit offering covers outsourced, co-sourced and advisory models, with support tailored around the structure and maturity of an organisation’s existing assurance function.

A large part of the firm’s approach is tied to transformation, governance integration and the use of internal audit as a broader risk oversight function. Their work spans internal audit planning, function assessments, technology assurance and governance alignment across different business areas. There is also a strong focus on helping organisations respond to evolving audit standards, data challenges and cross-functional risk management requirements.

Key Highlights:

  • Internal audit practice operating within a wider risk advisory structure
  • Support for outsourced, co-sourced and managed audit functions
  • Focus on governance, resilience and organisational risk
  • Experience with internal audit transformation projects
  • Technology and data assurance capabilities
  • Internal audit maturity and benchmarking support

Services:

  • Internal audit outsourcing
  • Co-sourced internal audit support
  • Internal audit transformation reviews
  • Governance and risk assurance
  • Internal audit planning and strategy
  • Technology and IT audit support
  • Internal audit maturity assessments
  • Compliance and control reviews

Contact Information:

  • Website: www.pwc.co.uk
  • Facebook: www.facebook.com/PwCUK
  • LinkedIn: www.linkedin.com/company/pwc-uk
  • Instagram: www.instagram.com/pwc_uk
  • Address: The Capitol, 431 Union Street, Aberdeen, AB11 6DA
  • Phone: +44 (0)1224 210100

Candy Management Consultants

Candy Management Consultants works mainly with organisations implementing and maintaining ISO management systems, with internal audits forming part of their broader compliance and operational assurance support. Their audit work is closely tied to certification readiness, management system performance and ongoing compliance monitoring across areas such as quality, information security, environmental management and business continuity.

A practical theme runs through much of their approach. Internal audits are positioned as part of day-to-day operational improvement, not only as a requirement before certification visits. The company also places emphasis on helping organisations build systems that can be maintained internally over time, with reviews focused on identifying process gaps, documentation issues and areas where controls may not align fully with ISO requirements.

Key Highlights:

  • Internal audit support linked to ISO management systems
  • Focus on compliance, audit readiness and operational controls
  • Experience across multiple ISO standards
  • Support for SMEs and mid-sized organisations
  • Governance and documentation review capability
  • Ongoing maintenance and surveillance audit support

Services:

  • Internal audits for ISO management systems
  • Audit readiness assessments
  • Compliance gap reviews
  • ISO maintenance support
  • Information security management reviews
  • Business continuity compliance support
  • Environmental and health & safety system audits
  • Management system process reviews

Contact Information:

  • Website: candymc.co.uk
  • Email: info@candymc.co.uk
  • Facebook: www.facebook.com/CandyManagementConsultants
  • Twitter: x.com/CandyMngmntCns
  • LinkedIn: www.linkedin.com/company/candy-management-consultants-ltd
  • Address: Merseyway Innovation Centre, 21-23 Merseyway, Stockport SK1 1PN
  • Phone: 0161 470 7929

KPMG

KPMG provides internal audit services through its wider risk consulting and governance advisory practice. Their work covers outsourced and co-sourced audit models, alongside advisory support for organisations reviewing or developing internal audit functions in response to operational, regulatory or technology-related risks.

The firm’s approach combines governance oversight with process efficiency and risk management. Audit reviews are supported by assessments of internal controls, compliance structures and IT environments, with additional focus placed on alignment with Global Internal Audit Standards. Alongside core internal audit work, the practice also carries out external quality assessments, anti-fraud reviews and technology-focused assurance projects.

Key Highlights:

  • Internal audit practice within broader risk consulting services
  • Support for outsourced and co-sourced audit functions
  • Governance, compliance and control assessment capability
  • Experience with Global Internal Audit Standards
  • IT audit and digital assurance expertise
  • External quality assessment services for internal audit functions

Services:

  • Internal audit outsourcing
  • Co-sourced internal audit support
  • Internal audit function assessments
  • Governance and compliance reviews
  • IT audit and technology assurance
  • Risk management advisory
  • Anti-fraud and control reviews
  • Internal audit methodology consulting

Contact Information:

  • Website: kpmg.com
  • Twitter: x.com/kpmguk
  • LinkedIn: www.linkedin.com/company/kpmg-uk
  • Address: 1 Marischal Square, Broad Street, AB10 1DD
  • Phone: +44 (0)1224 591 000

Grant Thornton

Grant Thornton approaches internal audit through a combination of assurance, governance oversight and operational risk review. The firm supports organisations that need either a fully outsourced audit function, additional audit resource or specialist reviews linked to emerging business and regulatory risks.

A noticeable part of their internal audit model is the integration of subject matter specialists into audit engagements. This allows reviews to cover areas beyond standard financial controls, particularly where businesses are dealing with changing operating models, evolving compliance requirements or technology-related risks. External quality assessments and internal audit effectiveness reviews are another established area within their assurance offering.

Key Highlights:

  • Internal audit support across outsourced and co-sourced models
  • Focus on governance, controls and operational risk
  • Internal audit effectiveness and quality assessment capability
  • Access to specialist risk and assurance expertise
  • Support for resource gaps within internal audit teams
  • Risk-focused audit approach aligned with business operations

Services:

  • Internal audit outsourcing
  • Co-sourced internal audit support
  • External quality assessments
  • Governance and controls reviews
  • Risk assurance reviews
  • Internal audit effectiveness assessments
  • Operational process assurance
  • Emerging risk audit support

Contact Information:

  • Website: www.grantthornton.co.uk
  • LinkedIn: www.linkedin.com/company/grant-thornton-uk
  • Instagram: www.instagram.com/gt_trainees
  • Address: Neo House, Riverside Drive, Aberdeen, AB11 7LH
  • Phone: +44 (0)1224 925 986

Moore UK

Moore UK provides governance, risk and internal audit services to organisations operating in regulated and operationally complex environments. Their audit work is connected closely to governance frameworks, accountability structures and control effectiveness across corporate, public sector, education and not-for-profit organisations.

Internal audit engagements are built around risk-based planning and independent assurance over operational, compliance and strategic controls. The firm also carries out governance reviews linked to board structures, reporting lines and regulatory expectations, alongside broader enterprise risk management support. Cyber assurance and risk workshops are included within the wider governance and assurance offering.

Key Highlights:

  • Governance, risk and internal audit advisory services
  • Experience across regulated and public interest sectors
  • Risk-based internal audit planning
  • Governance framework and board review capability
  • Enterprise risk management support
  • IT and cyber assurance services

Services:

  • Internal audit programmes
  • Governance and control reviews
  • Enterprise risk management support
  • Board and committee assessments
  • Compliance assurance reviews
  • IT and cyber assurance
  • Follow-up audit reviews
  • Risk workshops and governance training

Contact Information:

  • Website: www.moore.co.uk
  • Email: david.wilson@jcca.co.uk
  • Twitter: x.com/MooreUKNetwork
  • LinkedIn: www.linkedin.com/company/moore-uk
  • Address: Bishop’s Court, 29 Albyn Place, Aberdeen, AB10 1YL
  • Phone: +44 (0) 1224 212222

Deloitte

Deloitte positions internal audit as part of a wider risk advisory and governance framework, supporting organisations facing operational, regulatory and technology-driven change. Their services cover outsourced internal audit, co-sourced support and advisory work linked to internal audit transformation and assurance improvement.

A strong focus is placed on helping organisations assess emerging risks and adapt assurance processes to changing business conditions. Audit reviews are carried out in line with recognised professional standards and often connect governance oversight with technology, operational resilience and enterprise risk management. Benchmarking and internal audit maturity assessments form part of the broader advisory structure.

Key Highlights:

  • Internal audit practice within wider risk advisory services
  • Outsourced and co-sourced audit support
  • Governance and enterprise risk focus
  • Internal audit transformation capability
  • Alignment with recognised internal audit standards
  • Technology and operational risk oversight experience

Services:

  • Internal audit outsourcing
  • Co-sourced internal audit support
  • Internal audit advisory
  • Governance assurance reviews
  • Enterprise risk assessments
  • Internal audit benchmarking
  • Audit function improvement reviews
  • Operational and technology risk assurance

Contact Information:

  • Website: www.deloitte.com
  • Facebook: www.facebook.com/deloitteuk
  • Twitter: x.com/deloitteuk
  • LinkedIn: www.linkedin.com/company/deloitte
  • Address: 8th Floor, The Silver Fin Building, 455 Union Street, Aberdeen, AB11 6DB, United Kingdom
  • Phone: +44 (0)1224 625888

Johnston Carmichael

Johnston Carmichael provides audit and assurance services to businesses operating in changing regulatory and reporting environments, including internal audit support linked to governance, controls and operational risk management. Their approach combines financial assurance with wider reviews of systems, procedures and control effectiveness.

Technology assurance forms a noticeable part of the firm’s broader audit offering, particularly in areas connected to cyber security and system reliability. Internal audit reviews focus on identifying key controls, testing how effectively they operate and supporting organisations with governance oversight across financial and operational processes.

Key Highlights:

  • Aberdeen-connected audit and assurance practice
  • Internal audit linked to governance and risk oversight
  • Focus on systems, controls and operational procedures
  • IT audit and cyber assurance capability
  • Experience supporting regulated businesses
  • Governance and compliance review support

Services:

  • Internal audit reviews
  • Governance and controls assessments
  • IT audit and assurance
  • Risk assurance support
  • Operational control testing
  • Compliance reviews
  • Cyber-related assurance reviews
  • Financial systems and process assessments

Contact Information:

  • Website: johnstoncarmichael.com
  • Instagram: www.instagram.com/johnston_carmichael
  • LinkedIn: www.linkedin.com/company/johnston-carmichael-chartered-accountants-and-business-advisers
  • Twitter: x.com/JC_Accountants
  • Facebook: www.facebook.com/JohnstonCarmichael
  • Address: Bishop’s Court, 29 Albyn Place, Aberdeen, AB10 1YL
  • Phone: 01224 212222

Conclusion

Selecting an internal audit provider in Aberdeen is often linked to the wider governance and risk needs of the organisation. Some businesses require ongoing audit support across controls, compliance and reporting, while others are looking for targeted reviews around operational risks, systems or regulatory expectations.

The firms included in this guide reflect the range of internal audit support available across the Aberdeen market. Some provide large-scale assurance and governance advisory services, while others focus on specialist areas such as ISO compliance, technology assurance, contract auditing or sector-specific risk reviews.

This guide is intended to provide practical context around the companies operating in this space, the types of organisations they support and the internal audit services most commonly offered. As expectations around governance and oversight continue to increase, many organisations are looking for audit providers that can deliver clear reporting, independent assurance and a practical understanding of how controls operate in day-to-day business environments.