We examine factors associated with internal audit function (IAF) size in U.S. government and nonprofit (GNP) entities. Our results, based on responses from 345 GNP participants, indicate several factors related to organizational characteristics, IAF characteristics, IAF responsibilities, and information technology (IT) tools and audit activities that are associated with IAF size. Specifically, we find IAF size is positively associated with: (1) mandated IAFs, (2) activity related to audits of general IT risks, (3) use of a rotational staffing model, (4) degree of fraud detection responsibility, (5) conduct of performance audits, (6) extent of sophisticated audit technologies, (7) organization size, (8) opportunity to receive a bonus, and (9) age of the IAF. IAF size is negatively related to (1) extent of access to records and property appropriate for the performance of audits, (2) nonprofit organizations, (3) healthcare institutions, and (4) educational institutions. Additional analysis reveals variation between large and small organizations.