Our Services

We believe internal audit works best when it’s practical, independent, and rooted in a clear understanding of your organisation.

Internal Audit Services

Internal audit strengthens governance, improves controls, and gives leaders confidence that key risks are understood and managed.

We provide a full range of internal audit services, tailored to meet the requirements of each client organisation.

  • Compliance and Regulatory Change
  • Governance
  • Risk Management
  • IT and Cyber Security
  • Programmes and Projects
  • Supply Chains and Third Party
  • Grants
  • Operations
  • Data Privacy
  • Information Systems

Internal audit is a way to improve how an organisation runs. We keep our work proportionate, evidence-based, and action-focused, so findings translate into meaningful change.

Compliance Reviews
Regulatory and policy requirements can be complex, but compliance doesn’t have to be a burden. We provide assurance that your obligations are being met and, where possible, we help you streamline processes for greater efficiency. Our reviews cover everything from sector-specific standards to broader governance and policy frameworks.
A team of business professionals collaborating on a risk assessment report, highlighting Tickbox's business assurance services.
Specialist & One-off Reviews
Some risks need focused attention. We carry out targeted reviews in high-risk or emerging areas, from procurement and cyber security to new system implementations, giving you practical, evidence-based recommendations you can act on immediately. Our aim is to get to the heart of the issue quickly, without unnecessary disruption.
A consultant advising a client on governance strategies in a boardroom, representing Tickbox's advisory services.
Surplus Capacity Support
Workloads don’t arrive evenly. We can help you handle peaks without sacrificing quality, independence, or timelines. Our flexible approach means we can quickly get up to speed, take on agreed parts of your plan, and deliver to the same standard your stakeholders expect from your in-house team.
A secure server room with blinking lights, representing Tickbox's expertise in IT and cyber security audits.
IT & Cyber Security Audits
We bring deep expertise across IT and cyber security, ensuring your systems are secure and compliant with the latest industry standards and regulations.

Risk management service

Done well, risk management protects people, services, and reputation, and helps leaders make better decisions with confidence.

  • Risk maturity review: a clear view of where you are now, and what “good” looks like for your organisation.
  • Risk health check: we assess your current framework, reporting, and practical day-to-day operation.
  • Training & workshops: tailored sessions for all levels, from operational teams to senior leadership and Board.
  • Facilitation & mentoring: we support your risk leads to strengthen ownership, embed consistency, and improve decision making.

Risk management isn’t a one-off project, it’s an ongoing discipline. We focus on making it useful, proportionate, and embedded, so risks are visible, owned, and acted on.

DSP Toolkit support (DSPT)

The NHS Data Security and Protection Toolkit (DSPT) is an annual online self-assessment used to measure and publish how well an organisation meets the National Data Guardian’s 10 data security standards. It’s required for organisations with access to NHS patient data and/or NHS systems, and is also used for incident and data breach reporting.

We’re here to help you with:

  • DSPT readiness & gap review against your organisation type’s requirements
  • Evidence pack + policy/process support to get you to Standards Met
  • Submission support (including keeping you aligned to the annual deadline)
Read more >>

Need Assistance?

Contact us today to discuss your internal audit and advisory needs.
Contact Us >>