The Third Side of the Coin

In the realm of corporate governance, the metaphor of a coin typically represents two sides: management and the board. Management is tasked with implementing strategy and running the day-to-day operations, while the board provides oversight and strategic direction. However, this binary perspective omits a vital perspective — the internal auditor — often seen as the “third side of the coin.” This side doesn’t oppose either party but connects and balances both, ensuring alignment, accountability, and assurance.

The Institute of Internal Auditors (IIA) defines internal auditing as “an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations” (IIA Standard 1000 – Purpose, Authority, and Responsibility). Internal auditors are uniquely positioned to assess the effectiveness of risk management, internal controls, and governance processes. Their independence, as mandated by IIA Attribute Standard 1100, allows them to provide unbiased insight and objective assurance.

Rather than being passive observers or compliance enforcers, modern internal auditors are strategic partners who offer risk-based, forward-looking evaluations. As outlined in the IIA’s Three Lines Model (2020), internal audit operates independently of management (first and second lines), with direct accountability to the board or audit committee. This distinct positioning enables internal auditors to evaluate whether management’s risk responses align with organizational objectives and whether governance structures are effective.

The COSO Internal Control – Integrated Framework (2013) further supports this role, emphasizing five components of effective internal control: Control Environment, Risk Assessment, Control Activities, Information & Communication, and Monitoring. Internal auditors evaluate these components to ensure that controls are not only present but also effective and responsive to emerging risks.

In addition to assurance, internal auditors offer value-added services such as advisory engagements, fraud risk assessments, operational efficiency reviews, and ESG audits. Their recommendations help management improve performance while giving the board confidence in governance structures. According to the IIA’s Mission of Internal Audit, they are charged with enhancing and protecting organizational value through objective insight and foresight.

In today’s volatile and complex business environment, the internal auditor as the “third side of the coin” is not just a metaphor—it is a strategic imperative. By staying grounded in professional standards and remaining attuned to organizational strategy, internal auditors strengthen accountability, support governance, and ensure long-term resilience.

Omoniyi Mafikuyomi, –Practices Internal Audit in Nigeria