Alice Short

Associate Director – IAFA

Alice is an Associate Director in Protiviti’s London office. She has over ten years of risk consulting, internal controls assurance and internal audit experience across a variety of industry sectors. She manages a portfolio of clients anging from SMEs to multinational groups.

She is a qualified Chartered Information Systems Auditor (CISA) and a qualified Chartered Accountant (FCA).

Alice is a proficient project manager. For all client engagements she applies a structured project management approach to ensure compliance with project management processes, policies and methods. Each customised project management approach is designed to support her client’s culture and strategy with targeted goals and a focus on value delivery. 


  • Internal Audit: Manages a portfolio of internal audit clients across various industries. Reviews included a large variety of operational and financial internal audit reviews covering a variety of strategic and business risk areas. This has included leading audit teams, performing audit planning, conducting interviews, documenting processes, risks and controls, performing design and operating effectiveness testing, leading close out meetings, preparing the final audit reports and presenting to audit committees. Alice has a focused interest in the use of data analytics and technology toolings to support the internal audit process.
  • Internal Controls and SOX: Manages a portfolio of clients across numerous industries, leading and executing a variety of General Computing Controls and SOX assurance work.  She has led the implementation of internal control environments, both business process and IT, for a number of newly listed companies.  Starting with an entity wide risk assessment, worked embedding control activity within both manual business processes and building automated controls into the companies’ ERP systems. Managed the projects end to end to ensure an effectively designed and operating control environment.
  • Enterprise Risk Management: For several her clients she defined a risk management framework and agenda of suggested risk management activities to facilitate a process to identify, evaluate and report risks facing the organisation. The projects focused on areas of key risk and successfully developed a baseline for risk discussions and assessment, providing a risk scoring methodology to facilitate the risk assessment. She went on to perform the risk assessments and define top entity level risks and mitigation plans.


  • Internal Audit
  • IT Internal Audit
  • Business Process Improvement
  • Risk Assessment/Management
  • Sarbanes Oxley Compliance
  • General Computing Controls


  • Financial Services
  • Retail
  • Transport & Logistics
  • Telecoms, Media & Communications
  • Consumer Products


  • MSci. Geophysics, University of Durham


  • Institute of Chartered Accountants in England and Wales (ICAEW) – ACA
  • Information Systems Audit and Control Association (ISACA) – CISA
  • Certified Practitioner of Human-Centered Design – LUMA Institute