The importance of the internal audit function (IAF) as a key component of good corporate governance practice has increased as a result of repeated financial scandals and the extensive focus by governance regulations worldwide on the concepts of internal control and risk management (Spira and Page, 2003; Gramling et al., 2004; Selim et al., 2009; Sarens, 2009). The lack of a sound internal control system is considered one of the major causes of corporate failure (Lewington, 1996), and corporate governance codes worldwide now explicitly require companies to disclose information about the effectiveness of their internal control systems (Hass et al., 2006). For instance, the UK corporate governance code requires companies to maintain a sound system of internal control and to review at least annually the effectiveness of their systems of internal controls (Financial Reporting Council, 2008). Consistent with these regulations, Sarens et al. (2009) found that IAF involvement in monitoring and improving internal controls provides a significant level of comfort to the audit committee. The IAF can provide reasonable assurance regarding the reliability of financial reporting, by detecting weaknesses in a company’s financial controls (AshbaughSkaife et al., 2008; Beasley et al., 2009) and by detecting earnings management (Prawitt et al., 2009). Therefore, as one of the steps taken to improve corporate governance and investor confidence, the New York Stock Exchange (NYSE) listing rules in the USA require all listed companies to have an IAF (NYSE, 2009). One of the key tasks of the board or its equivalent is to obtain assurance that the risk management process is working effectively and that key risks are adequately managed. The statement by the Institute of Internal Auditors (IIA) that the IAF, in both its assurance and consulting roles, contributes to the management of risk in a variety of ways is supported by various studies. For example, Sarens and De Beelde (2006) found that internal auditors in Belgium were playing a pioneering role in the creation of both greater awareness of risk and control and a more formalized risk management system. Other studies also argue that the detection of corporate fraud risk is one of the central roles that the IAF can perform (Sarens and De Beelde, 2006; Asare et al., 2008; Coram et al., 2008; The Institute of Internal Auditors, 2010b). The IAF can contribute to corporate governance through its relationships with the audit committee, the management and the external auditor (Gramling et al., 2004). The external auditor may rely on work already performed by the IAF and/or request direct assistance from it when performing the audit. Similarly, the IAF helps both the audit committee and management in assessing risks and evaluating the effectiveness of the company’s internal control system. Moreover, audit committees are increasingly relying on the IAF in discharging their responsibilities for overseeing the organization and ensuring high-quality corporate governance. This increased interaction between the audit committee and the IAF reduces the information asymmetry problem between the audit committee and executive managers (Sarens et al., 2009).