November 2015

As internal auditors, it’s quite natural to assess and advise our organizations on effective risk management. With greater frequency, we provide assurance to management and the board that the enterprise is adequately assessing risks, and that risk mitigation strategies are being developed and implemented.

But what about our own risks? Can we say with any degree of certainty that we are identifying risks to our internal audit departments? And are we taking adequate measures to mitigate those risks?

All too often, the answer is “no.” We are frequently missing important topics when crafting our annual plans and we don’t always address inadequate resources or expertise on our staff.…

In a recent conversation, a seasoned CAE recruiter shared his frustration that a number of high-profile companies are offering below-market salaries for their CAE positions. I responded to him that I wasn’t surprised. In fact, I shared my long-held view that some companies don’t want a strong CAE, so they price the role accordingly. After all, “You get what you pay for.”

On the surface these look like companies simply being shortsighted in trying to save money at the price of maintaining a well-run internal audit function. At worse, we’re talking about benign neglect, right? Wrong. The truth is there is a much more treacherous side to this equation.…

Are you one of the best and brightest internal auditors in the profession? Are you dedicated, determined, and detail-oriented? Are you knowledgeable and self-reliant, and so you almost always have the correct recommendations for complex internal audit findings? Great! But be warned: Your professional assets can become liabilities.

These leading qualities would normally serve you well in the internal audit profession. But all of us are fallible, and far too often our “blind spots” are closely linked to our strengths. I have identified several characteristics that successful internal auditors normally possess. However, I also have noted circumstances I have observed in professionals when these attributes became albatrosses:

Are you the most dedicated auditor in your department?…

I am often asked by those within the internal audit profession, “What keeps you up at night?” My answer often surprises. One of the things I worry most about is a high-profile ethical lapse by a member of our profession that tarnishes us all.

We have been fortunate for the most part, but occasional lapses by wayward internal auditors do sometimes make the press. On those rare occasions, someone in the media may wonder aloud, “Who is watching the internal auditors?” None of the cases in recent years has been devastating to our reputation. However, a recent example of a wayward internal auditor illustrates just how easy it is for a bad apple to tarnish the whole profession.…

Great internal auditors understand the value of perspective. When grown and nurtured through exposure to all areas of the organization, it is the driver of insight. This definition sums up exactly how perspective works for internal audit:

The faculty of seeing all the relevant data in a meaningful relationship.

Indeed, developing an informed perspective of the organizations we serve is at the heart of establishing, demonstrating, and maintaining internal audit’s value. It is this holistic knowledge that helps internal audit steer the organization clear of the problems that keep the C-suite and board up at night.

My thoughts turned to the value of perspective during The IIA’s recent All Star Conference. As many of you know, the annual conference brings together the best of the best – those speakers from the past year’s IIA conferences who received the highest rating from attendees.…