July 1, 2013

Five Red Flags That Your Internal Audit Department May Be Losing Stakeholder Support

Stakeholder support is vital to internal auditing’s ability to add value and contribute to the organizations we serve. When chief audit executives and their staff are not meeting stakeholder expectations, there are typically signs or early indications that the support we might have enjoyed in the past is starting to slip.

I saw this scenario play out many times during my years leading internal audit for the U.S. Army. I have likewise seen it occur in the corporate sector. Like many of my colleagues, I’ve also taken over internal audit functions where my predecessor had lost that connection with stakeholders. So I’ve seen the signs.…

June 25, 2013

When It Comes to Fraud, Internal Auditors Need to Get There Early

The Association of Certified Fraud Examiners’ (ACFE’s) 2012 Report to the Nations on Occupational Fraud and Abuse estimates the global cost of internal fraud at US $3.5 trillion, or 5 percent of total revenue. And, as we all know, internal fraud is only part of the picture.

Everything is moving faster these days, including fraudsters. Today, a rogue employee with a smartphone, given a weak enough control environment, could transfer significant sums of money offshore in the blink of an eye. According to the ACFE, the average fraudster takes US $160,000 out of a company before the fraud is detected. Little of that money is ever recovered.…

June 10, 2013

Five Words to Banish From the Internal Audit Dictionary

I recently spoke at a conference where one of the sessions was called “Four Most Dangerous Words in Finance.” It reminded me of a blog I wrote a few years ago called “Ten Things Not to Say in an Audit Report.” In that blog I wrote about types of things not to say. Beyond the categories of phrases or messages that I explored in that blog, however, lie a handful of words that are so useless or polarizing that they should be banished from the internal audit dictionary. 

Words have power. A well-written audit report is a call to action. A poorly written report can result in inappropriate action, or no action at all.…

June 3, 2013

NASDAQ Hesitates in Its Quest to Mandate Internal Audit

As we recently learned, NASDAQ has withdrawn a proposed new rule (PDF) requiring that companies listed on the exchange establish and maintain an internal audit function, citing push-back from issuers and others during the public comment period. Some companies and commenters didn’t see the value of an internal audit function. There weren’t a lot of comments, but there were enough that it was troubling to NASDAQ.

The Securities and Exchange Commission (SEC) received dozens of comments, both for and against the proposal, including an official endorsement from The IIA under my signature. I have never been an advocate for laws or regulations requiring an internal audit function because I believe that mandates diminish the perceived value of auditors as trusted advisers to senior management and audit committees.…

June 1, 2013

Cultivating Soft Skills

In an era of sophisticated data analytics, Larry Harrington, chief audit executive (CAE) of Massachusetts-based Raytheon Co., relies on a relatively old-school key performance indicator (KPI) to monitor how his internal auditors are helping the business become more successful: telephone calls from business partners asking for assistance.

Harrington references a call he recently received from the head of one of Raytheon’s larger business units. The general manager explained that an upcoming reorganization would eliminate several management positions, and he wanted to make sure the changes would not adversely affect internal controls and risk management processes. The general manager asked for internal audit’s help reviewing the plan before it was implemented, and Harrington obligingly dispatched a team to assist.…

May 29, 2013

Effective IGs Are Watchdogs, Not Lapdogs

This year marks the 35th anniversary of the U.S. Inspector General Act of 1978 — the landmark legislation that created the audit and investigative agencies that serve as the “watchdogs” in the U.S. federal government. Under the Act, inspectors general (IGs) are responsible for:

  • Conducting and supervising audits and investigations relating to the programs and operations of the various federal agencies.
  • Providing leadership and coordinating and recommending policies (1) to promote economy, efficiency, and effectiveness, and (2) to prevent and detect fraud and abuse in their agencies.
  • Providing a means for keeping the head of their agencies and the U.S.
May 24, 2013

Is Your Audit House Shatterproof?

You’ve heard the expression, “People who live in glass houses shouldn’t throw stones.” A corollary drawn from a presentation I share with government auditors, though applicable to all internal audit shops, is “If you’re going to throw stones, you’d better live in a shatterproof house.”

As internal audit professionals we do live in glass houses. People expect us to walk the talk. They expect us to be, perhaps, just a bit more ethical than everyone else. And if at some point in our careers we have had a lapse in good judgment, or someone in the internal audit department had transgressions that others in the company knew about, we can expect to be discredited by those we critique.…

May 13, 2013

​Do You Live Your Life in Color?

Last month, I lost two people who had an important influence on my life. One was a dear relative and the other a close personal friend from my college years. As I have reflected on these two remarkable women, I am struck by one thing they both had in common: They lived their lives in color. Unlike so many people who simply punch the clock on their personal and professional lives, both of these women lived their lives to the fullest, and pursued their passions (personal and professional) with zeal.

We have all encountered individuals in our professional lives who are living their lives in black and white.…

May 6, 2013

Small Rocks Can Cause the Biggest Waves

Some time back, I blogged about “big impact” audits, those career milestones we look back on with the satisfaction of knowing that our work, and profession, made a significant difference. Whether it’s in internal auditing or in life in general, we all aspire to make a difference. We want that feeling of accomplishment that comes with knowing we have changed the world, if even in a small way. But internal auditing is especially rewarding when we can make a big impact — when we can bring about major changes that improve operations and prompt senior management and the board to sit up and take notice.…

May 1, 2013

Five Probing Questions the Audit Committee Should Be Asking the CAE

No relationship for a chief audit executive (CAE) has been transformed more over the past decade than that with the audit committee. According to The IIA’s Audit Executive Center, more than 75 percent of internal audit departments in North America report functionally to the audit committee. And in many companies, the audit committee holds a discussion session with the CAE at every meeting.

 The audit committee’s success is tied to the effectiveness of the internal audit department. Accordingly, audit committee members must have complete confidence in the internal audit function and its CAE. This confidence can only be achieved with a strong, continuous, and open dialogue between the CAE and the audit committee. Of…