Some studies provide evidence that the provision of non-audit services may harm the external auditors’ independence, consequently, SOX regulation in the U.S. limited the scope of such services.
I think that there are quite a few differences between the nature of assurance provided by internal and external auditors. The actual auditing techniques (particularly when it comes to control tests) are going to be very similar, but the aim of the internal audit is to provide assurance about the sound functioning of the internal controls (whether financial or non-financial) for internal management purposes. When it comes to external audit, the aim to express an opinion on the financial statements. As a result, the scope of the external audit engagement will be quite different. The external auditor may be interested in some of the processes, systems and controls that have been tested by internal auditors and may even place reliance on some of their work. Nevertheless, there will be certain procedures performed by and focus areas for the external auditor that do not feature in a traditional internal audit plan.
As for the issue of auditor independence, there are indeed a number of papers that point to a relationship between rendering non-audit services and impaired independence of external auditors. That said, there are some papers that argue that this relationship is not statistically significant. As a result, I don’t think that the debate on the rendering of non-audit services has been completely resolved. Related to this, almost all of these papers are empirical in nature. I am not totally convinced that they prove that non-audit services can threaten auditor independence. For example, an auditor with a high level of moral cognition may be able to render non-audit services and still provide a high quality audit engagement characterized by high levels of professionalism , integrity and objectivity. On the other hand, an auditor at a pre-conventional level (or one who is implicitly unethical) may lack independence and fail to carry out the engagement with integrity and objectivity even though he has rendered only audit services. AS a result I don’t think that simply introducing additional restrictions in SOX (or any other legislation) is going to make a material difference to auditor independence.
I agree with Warren Maroun that this question embeds a lot of issues. But I take a different view on "the aim of the internal audit is to provide assurance about the sound functioning of the internal controls (whether financial or non-financial) for internal management purposes. When it comes to external audit, the aim to express an opinion on the financial statements."
Speaking from a practitioner viewpoint, internal audit might better serve its customer in providing assurance only as a last resort. A different aim is for internal audit to unsettle management through finding inefficiency and fraud. Assurance then becomes a work in progress as the problems unearthed by internal audit are solved over time. External audit's role has a different focus in that shareholders and other financial statement users need annually confirmed assurance that financials are materially correct.