Keywords:
Corporate Governance, Enterprise Risk Management, Internal Audit, Risk-Based Internal Auditing, Systematic Literature ReviewAbstract
This article examines how the internal audit function strengthens enterprise risk management frameworks through a systematic review of peer-reviewed literature. The study synthesizes conceptual, empirical, and sector-specific research that links risk governance, internal audit practices, and enterprise risk management effectiveness. Structured searches in major academic databases, guided screening, and thematic coding are used to identify how internal audit contributes to risk identification, assessment, response, and monitoring. The findings show that internal audit enhances enterprise risk management when it adopts risk-based planning, coordinates closely with senior leadership and risk management units, and evaluates the alignment between risk practices, governance structures, and strategic objectives. Evidence from private and public organizations indicates that internal audit can transform enterprise risk management from a formal framework into an embedded governance mechanism that supports performance and resilience. However, the review also reveals fragmented scholarship and limited understanding of the mechanisms through which internal audit independence, authority, and methodological rigor translate into sustained improvements in enterprise risk management quality and corporate governance outcomes across different institutional contexts.
