logo-newlogo-newlogo-newlogo-new
  • Home
  • Blog
  • Audit Trail Academy
  • Advisory Services
  • Books
✕
  • Home
  • Chambers on Internal Audit
  • Uncategorized
  • 5 Things That Should Spook Internal Auditors About the Future

5 Things That Should Spook Internal Auditors About the Future

When Auditing Compliance, Look to Health Care
October 23, 2017
Corporate Transparency Should Shine a Light on Internal Auditing
November 6, 2017
October 30, 2017

Halloween is celebrated this week across large parts of Europe and North America, bringing a quirky combination of costumed revelers and things that go bump in the night. While it’s safe to say most internal auditors won’t be scared by the ghosts and ghoulies who appear at their doorsteps, there are some aspects of the future that should make them tremble.

Technology has accelerated the pace of change to breakneck speed. We are in an era when a backlash to too much change in too short a period of time is affecting diverse areas of our lives, from our politics to how we communicate to the security of our jobs. Some of the current geopolitical upheaval and economic uncertainty, I believe, are repercussions of that pace of change. Our profession is particularly susceptible to these challenges.

Below are five issues driven by technology and the pace of change that should spook all internal auditors.

Artificial Intelligence In previous blog posts, I wrote that artificial intelligence (AI) won’t fully replace internal auditors. However, the caveat to that statement is that we must adapt as a profession to the monumental disruptions that AI promises to create.

The challenge is multi fold. First, we must be aware of how AI impacts how we do our work — where internal auditors could be replaced by technology. Second, we must understand how it will impact the kind of work we do. For example, I believe we are more susceptible to replacement by AI in providing hindsight and insight than we are in providing foresight. Finally, we must recognize that a world highly dependent on AI will present complex new risks that will necessarily drive our audit coverage.

The Information Technology Industry Council (ITI) recently published its AI Policy Principles. One of its top recommendations relates to responsible development and use of AI. In its executive summary, ITI acknowledges that principles must be integrated into the design of AI technologies. As internal auditors, we must be keenly attuned to how AI is integrated and implemented by the organizations we serve. The ITI policy principles identify design and deployment, safety and controllability, robust and representative data, interpretability, and liability of AI systems related to autonomy as key areas of focus. I encourage all internal auditors to, at a minimum, review the executive summary of ITI’s AI Policy Principles.

The Proliferation of the Second Line of Defense OK, for those who advocate “five lines of defense” or “no lines of defense” models, bear with me here. In the past, The IIA has examined the blurred line between the second and third lines of defense as described in the 3 Lines of Defense model. Those past examinations focused primarily on the dangers of internal audit straying too far into second-line tasks.

Today, the danger to internal audit relates to stakeholders thinking that second-line-of-defense functions, such as ​enterprise risk management and corporate compliance, provide all the assurance they need on the effectiveness of risk management and internal controls. In organizations burdened with burgeoning expenses for oversight functions and internal audit, they are becoming less persuaded by the distinctions we might draw about our objectivity when providing assurance. In this misguided view, it is easy to paint internal audit as an expensive and expendable luxury. Now, more than ever, internal audit must demonstrate the value of independent assurance to stakeholders and enhance communication and collaboration with second-line-of-defense functions in order to minimize duplication.

Restless Stakeholders This threat is closely linked to how stakeholders view the value internal audit provides. The accelerated pace of change is creating new challenges and pressures for stakeholders, making them more likely to seek short-term answers to complex problems.

Several key studies published earlier this year contained ominous warnings to the profession that the stakeholder–expectations gap is widening — particularly with management. These signals should always be a call to action for internal auditors to step up their game. Those who do not have plenty of reasons to be spooked about the future.

The Regulatory Repeal Environment The growing move toward legislative and regulatory repeal is widely viewed as a positive for business, promising to unshackle industry from rules viewed as unnecessary or overly burdensome. The danger to the organization and internal audit is the fallacy that fewer regulations mean fewer risks. Practitioners must not succumb to the temptation to dismiss the risks that led to creation of the regulations in the first place. They must convince stakeholders that, while regulations may go, the risks remain and internal audit is essential to managing those risks.

The profession saw extraordinary growth in the U.S. and other regions of the world in the post Enron and Sarbanes-Oxley era. Today, many of the related regulations, and even the legislation itself, are under fire. If repeal efforts are successful, will the old adage that what goes up (internal audit resources) must come down play out? Or have we leveraged those resources and demonstrated our potential in ways that will enable us to retain and grow them?

The Risk(s) We Don’t See Coming The five scariest words in the English language for me are, “Where were the internal auditors?” These words should strike fear in the hearts of all internal auditors. The pace of change is accelerating how risks emerge and mature, making it more important than ever for internal audit functions to be flexible, multifaceted, and agile. The annual audit plan, until recently the blueprint for internal audit’s work, is quickly becoming anachronistic. Audit plans must undergo constant review in today’s business environment. Those who fail to watch the horizon for emerging risks are doomed to be ambushed. Once that happens, the question, “Where were the internal auditors?” is quickly replaced with, “Where did the chief audit executive end up after he/she was let go?” Ouch!

The pressure to identify and mitigate risks quickly, efficiently, and effectively is a high as ever, and this will invariably put internal audit in the cross hairs whenever failures occur.

Regular readers of my blog will recognize the tone of this post is a departure for me. I typically am, and remain, optimistic about the profession and its future. But it is vital that we recognize and address these and other challenges head on if we are to succeed in elevating the profession and making it an indispensable part of good governance. I have always believed that the greatest fear shouldn’t be of various risks that could come to fruition, but that it should be of complacency.

As always, I look forward to your comments.

Share

Related posts

March 13, 2023

New IIA Report Is a Timely Benchmarking Resource for Internal Auditors


Read more
May 16, 2022

THE STAGGERING TOLL OF COVID RELIEF FRAUD: WHERE WERE THE THREE LINES?


Read more
February 3, 2022

To Live a Life in Color, You May Have to Change Channels


Read more

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

What’s Trending

03-20-23

New Report Reveals Surprising Insights from Internal Audit Executives


03-13-23

New IIA Report Is a Timely Benchmarking Resource for Internal Auditors


03-02-23

6 Things Audit Committee Members Often Won’t Say to Internal Audit


Read More

Archive

  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • April 2012
  • March 2012
  • February 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009

Contact Us

PO Box 1441
New Smyrna Beach, FL 32170

+1-407-463-9389
rchambers@richardchambers.com

About AuditBeacon.com

AuditBeacon.com is a resource center for internal auditors and risk professionals from around the world. In addition to more than 500 blogs authored by Richard Chambers, the site includes links to news and insights on internal audit and other information that illuminates the value of this important profession. AuditBeacon.com is provided as a service by Richard F. Chambers and Associates, LLC.

Copyright © 2023 Richard F. Chambers & Associates. All Rights Reserved.
  • Home
  • Blog
  • Audit Trail Academy
  • Advisory Services
  • Books