End-of-year stories and blog posts can serve an important purpose: They allow us the opportunity to reflect on the past 12 months and put issues into perspective. Last year, I introduced my own end-of-year review by identifying my most-viewed blog posts of 2017 and speculating on what that reflected about internal auditors.
This year’s most-read list offers a similar look back. Before I reflect on the most popular subjects of 2018, however, I should note how much interest in my blog on internal audit has increased overall. Through November, “Chambers on the Profession” blog posts were viewed more than 215,000 times — more than double the number recorded in 2017.
I introduced the blog shortly after I began my tenure as president and CEO of The IIA, which will reach 10 years in January. It was my intent to share my observations and experiences, and occasionally impart some wisdom. We’ve come a long way since then. In June, “Chambers on the Profession” was listed as the top blog for current and future CIA professionals by Wiley Efficient Learning. I’m thrilled that, today, it is considered by some to be must-read material for practitioners.
Looking back on 2018, the most popular new blog posts reflected that internal audit practitioners remain hungry for practical advice. The most-read also included important lessons learned from current events, such as the Equifax data breach in the U.S. and the Carillion debacle in the U.K.
So, here are the top 10 blog posts of 2018:
Writing an Impactful Audit Report: 6 Tips for Being More Persuasive If you ask internal auditors why they write reports, you may get a variety of answers. But the ultimate objective of internal audit reporting is not to describe what auditors found or to make recommendations for improvement; it is to persuade readers to take action.
Five Internal Audit Resolutions for 2018 and Beyond Like never before, stakeholders are turning to internal audit to help the organization navigate risks and opportunities. This is clear evidence that the profession is making steady progress toward earning “a seat at the table” and becoming the trusted advisor in every organization. We must, therefore, focus on developing new skills to meet new demands and draw on the fortitude and courage needed to take difficult challenges head on.
Internal Auditors Can Audit Anything — but Not Everything Each time a major control breakdown makes headlines, someone inevitably asks, “Where were the internal auditors?” As we have seen too often in the past year, the internal auditors were engaged and, in fact, did raise red flags in advance of calamities. But the warnings were not addressed satisfactorily by management.
At best, the internal audit function can be only as effective as the resources, training, and talent that are available. Internal auditors are not infallible, and given the realities of budgets and cost justifications, we also cannot be omnipresent.
What the Equifax Settlement Signals About the Importance of Internal Audit Details of the settlement between Equifax and eight states were a bold statement about the importance of internal auditing: A strong system of risk management and internal controls must include an independent, well-resourced internal audit function that addresses the full portfolio of an organization’s risks.
5 Sure Signs You Are Well-suited for a Career in Internal Auditing Job growth for auditors has been very strong for much of the past decade. That has made internal auditing a great option for those entering the workforce or considering a career change. However, picking a job and flourishing in it is about more than opportunity alone. Is the position a right fit for you, and are you the right fit for the company or organization?
An Early Look at Internal Audit Priorities for 2019 Risk defines the world of the internal auditor. Ultimately, risk is what shapes our audit plans, directs our stakeholders, and determines our success or failure. That is why we spend so much time and effort helping our organizations identify, understand, and mitigate or leverage risks. Understanding the unique mix of risks our organizations face, and the risk appetites of our stakeholders, is crucial to internal audit adding value.
6 Signals That Your Last Internal Audit Hit a Home Run There are unmistakable signs that your last audit was a big success. Here are a few of my favorite indicators that an internal audit report hit a home run.
Fact or Myth: Internal Auditors Are All Accountants According to The IIA Audit Executive Center’s 2018 Pulse of Internal Audit survey, less than a quarter of internal audit efforts are allocated to financial-related risks. So, does that mean internal auditors aren’t accountants anymore? The answer is not as straightforward as it may seem.
Will Outsourced Internal Audit Become the Victim of Its Own Demise? The unraveling of the U.K.’s second-largest builder created a firestorm of controversy over warning signs that were missed or ignored. Few associated with the downfall of construction behemoth Carillion have escaped criticism, including its directors and auditors, as well as government overseers — from the Financial Reporting Council to The Pensions Regulator. As Parliament and others seek accountability for Carillion’s demise, their inquiries offer a sobering look into internal audit’s role in the disaster.
5 Future Developments That Could Elevate Internal Audit’s Stature I am often asked about the future of internal auditing, and what I see as keys to its continued ascendency as a vital component in an organization’s risk management and control structure. For too long, internal auditors around the world have been hamstrung by organizational constraints, including on independence, access, and resources. It’s time to state clearly and unapologetically what those impediments are, how they hamper internal audit’s effectiveness, and what can be done to remove them.
As in past years, the blog posts I authored in 2018 were primarily new works, but I did feature several old favorites that continue to resonate with practitioners. By far the most popular post of the year was the republished post, 10 Things Not to Say in an Internal Audit Report. This post makes the case that, “It’s not what you say, but how you say it that counts.” A well-written audit report should be a call to action, but a poorly written report can result in inappropriate action, or in no action at all. Choose your words wisely.
Thank you all for your continued support of the profession and for allowing me to offer my observations, perceptions, and advice. I also thank you for your comments and encourage you to continue to share your thoughts. I’m certain 2019 will offer many opportunities to continue our conversation.