Article 26 Internal audit function
Member States shall require IORPs in a manner that is proportionate to their size and internal organisation, as well as to the size, nature, scale and complexity of their activities, to provide for an effective internal audit function. The internal audit function shall include an evaluation of the adequacy and effectiveness of the internal control system and other elements of the system of governance, including, where applicable, outsourced activities.