Internal Audit Services

An effective internal audit service provides value by promoting sound governance, ensuring compliance, enhancing operational efficiency, and mitigating risks, all of which are essential for achieving the organization’s objectives and maintaining its competitive edge in the market. Johnson Lambert offers a flexible internal audit service model, including fully outsourced, co-sourced, or consulting services.


Optimizing Your

Internal Audit

What is the Model Audit Rule?

The Model Audit Rule (MAR) is a set of regulatory guidelines developed by the National Association of Insurance Commissioners (NAIC). It provides a framework for insurance companies to establish strong internal controls, corporate governance, and audit processes to ensure the accuracy and reliability of financial reporting within the insurance industry.

What is SOX Compliance?

Sarbanes – Oxley Act (SOX) Section 404 is a regulatory requirement passed by the U.S Congress in 2002. SOX 404 focuses on internal controls over financial reporting (ICFR) within publicly traded companies.

Whether you are looking to establish an internal audit function, attain or maintain compliance with Sarbanes-Oxley Section 404 (SOX 404) or the Model Audit Rule (MAR), mitigate fraud risk, or perform a general assessment of internal controls, you will benefit from Johnson Lambert’s engagement philosophy and approach. We deliver efficient, cost-effective services that are powered by our deep understanding of the industries we serve yet tailored to each specific organization.

Our industry expertise allows you to challenge your risk assessment process and control environment, provide best practices for compliance, focus on key areas of the business, and encourage a culture of continuous improvement.. With in-depth organizational insights, we execute high-value projects that have actionable deliverables for process optimization and effective corporate governance.

Are you ready to elevate your Internal Audit function?




Combining our internal audit methodology with deep industry experience, technologies, and tools, our internal audit team is poised to help improve your operational efficiency, support strong corporate governance, and potentially lower your overhead costs.. Our methodology is powered by the following:


At Johnson Lambert, there is continuous training at all levels to enable the professionals with the necessary knowledge, skills and competencies to effectively perform internal audits within an organization, and we believe in an approach that educates our clients along the way.

Risk and Control Matrices (RCMs) are tools used in risk management and internal control processes to effectively assess and manage risks within an organization. We can support in aligning risk management efforts with organizational objectives and compliance requirements by tailoring the RCMs based on our deep industry knowledge and expertise.

Internal Audit programs provide a structured approach for conducting internal audit engagements. Ours are designed to guide auditors through the audit process, ensuring consistency, thoroughness, compliance with auditing standards, and for efficient execution of projects. We continually challenge our programs to ensure the highest quality project deliverables.

Our team can offer a variety of data analytics, visualization and reporting tools to perform full population reviews and improve the quality of the audit by identifying anomalies or trends which can be investigated further to identify the underlying causes of problems or issues.

Stakeholders receive clear, concise and tailored reporting, providing a balanced view of the control environment, which facilitates actions for risk management.

Cornerstone to all Johnson Lambert engagements, our dedicated team ensures we meet and often exceed firm and professional requirements.


Ways to Leverage

Internal Audit

Utilize Internal audit’s organizational wide perspective to improve Financial, Operational, Information Technology and Cybersecurity aspects. Internal audit can provide insight into the most complex processes and help the organization anticipate and mitigate risks.

Tackle organizational challenges withthe use of analytics, continuous monitoring, and regulatory adherence practiceswith our team of highly trained auditors and advisors.


Risk Assessment


Education and Training


Plan Development and Execution


Data Analysis and Evaluation


Process Assessment and Rationalization


Reporting and Communication


Remediation and Validation


Support for Corporate Responsibility Efforts, including ESG and DEI



Model Options

Every organization’s needs are different, and as such, we offer various models.

Outsourced Model

Organizations can leverage specialized expertise, enhance efficiency and optimize cost by outsourcing internal audit services to Johnson Lambert.

We can provide an internal audit function based on your organization's complexity and needs.

Co-Sourced Model

The hybrid model of collaborating with an external audit firm while retaining some internal audit functions within the organization combines the strengths of both in-house and external expertise.
We can support you to quickly and efficiently scale your internal audit capabilities to meet internal and external demands.

Consulting Model

Consulting services can complement an organization’s internal audit function by providing expert advice, guidance and assistance in specific areas such as risk management, compliance, process improvement, information systems advisory, and other related domains.

Partnering with our clients, we explore solutions and to offer forward-looking ideas during times of change or growth.


Hot Topics

Know What’s Happening

Watch our webinar to get up-to-date on the latest GAAP accounting and auditing developments impacting the insurance industry, including best practices for implementing the credit loss standard, changes to audit requirements related to auditing the loss reserve estimate, and changes […]

Delve into the latest auditing standard updates regarding estimates and the use of specialists. During this webinar, our panel discusses Statements on Auditing Standards (SAS) 143 and 144, their impact on auditing insurance company loss reserves, and the use of […]




We proudly add value to our clients by specializing in providing these services to your industry, working with various entities similar in operations, size, or areas of opportunity.


Johnson Lambert has been working with insurance entities since our inception over 35 years ago. Our depth and breadth of knowledge and understanding of the industry, the requirements and regulations placed on insurers, and the quickly-evolving business environment ensures that our plan and approach to delivering your internal audit services is focused and delivers value. As the industry evolves, our team can assist in deploying data analytics, agile processes, or ESG/DEI/CSR monitoring and reporting.


Johnson Lambert serves many nonprofit organizations such as trade associations, community development financial institutions (CDFIs), political action committees (PACs), membership organizations, professional societies, private foundations, public charities, religious-affiliated organizations, cultural & arts organizations, community development groups, social service organizations, and higher education organizations on specialized internal audit projects and on an ongoing basis as an outsourced internal auditor.

With increasingly complex operating environments, external pressures, and more stakeholder requests for compliance and operational insights,. our understanding of the tax-exempt organization environment coupled with our proven internal audit methodology and tools are assets to our nonprofit internal audit clients.


Get the Right Guidance in a Rapidly Evolving Business Environment.

Our expert team is always ready to assist.