Well into the 21st century, businesses worldwide are focusing more and more on managing risks, be they internal or external, financial, operational, strategic, involve technology or regulations, or related to reputation.
While organizations are raising the bar on effective risk management, executives face extraordinary headwinds spawned by a turbulent environment in which risks materialize virtually overnight. Just this year, global financial and business markets have been rocked by spectacular cybersecurity breaches, geopolitical instability in the Middle East and Eastern Europe, refugee crises, and more.
Internal auditors working from risk-based annual plans developed before March are increasingly finding themselves addressing yesterday’s challenges.
All of this reinforces my long-held belief that internal audit must take a more continuous approach to risk assessment.…
When I think about how the role of internal auditing is evolving, I am struck by the diversity of issues we address. Internal auditors deal with an ever-expanding portfolio of challenges that encompass operational risk, strategic decision-making, compliance, technology vulnerabilities, security threats, fraud prevention and detection, environmental risks, disaster preparedness . . . the list goes on and on.
Even once-unthinkable subjects like corporate culture are now subject to audit. This is as it should be. We can’t deliver fully effective risk-based audit services if we ignore critical issues, such as a toxic corporate culture.
But I wonder sometimes how comfortable we are when internal audit tackles a new challenge.…
At The IIA’s recent International Conference in London, I heard a colleague mention that he absolutely hated explaining internal auditing to non-auditors. “When I have to ‘sell’ people on the internal audit function,” he said, “it feels too much like what a used-car salesman does. It just doesn’t feel professional to me.”
His comments didn’t come as a surprise to me. I know there are many who don’t like the idea of having to “promote” their internal audit functions. But his words still concern me. Because my blog is intended primarily for internal auditors, I will skip past the issue of professionalism among those who routinely “sell” as part of their job and cut to the chase about our profession.…
As if we don’t have a tough enough time clarifying to stakeholders what exactly we bring to the table, I am seeing an increasing number of instances in which internal auditors are being asked to assume responsibilities related to corporate investigations.
In 2012, 71 percent of North American CAEs surveyed indicated that internal audit conducted confidential investigations on behalf of the audit committee alone. Even more internal audit departments conduct investigations on behalf of executive management. In some cases, internal auditors are called upon by the general counsel or CEO to assist with specific investigations, such as investigating allegations of fraud or other misconduct by a member of management or staff.…
Job growth for auditors is projected to outpace overall employment gains over the next decade, according to the U.S. Bureau of Labor Statistics. That makes internal auditing a great option for those entering the workforce or considering a career change. However, picking a job and flourishing in it is about more than opportunity alone. Is the position a right fit for you, and are you the right fit for the company or organization?
We all seek jobs that we will enjoy and that we will be good at, but one size doesn’t fit all. Based on my years in internal auditing and observing the experiences of others in our profession, I’ve developed a list of five signs that indicate you are likely to be a great fit for a career in internal auditing.…