Throughout my career of more than 30 years as an internal auditor, I’ve seen several recessions come and go, and the impacts on the internal audit profession have followed predictable patterns each time. I’ve seen operating environments shift and require internal auditors to reach into their skill toolbox and demonstrate their agility and versatility. The recessions we’ve experienced in the past, and the one we’re facing currently, also foster an environment much more conducive to fraud schemes, and the internal audit activity is in a perfect position to show its value during these times.
As a federal inspector general in the U.S. government, I learned a great deal about the motives and circumstances that lead to fraud. I became very cognizant that many virulent fraud schemes are actually perpetrated by individuals and business partners outside of the organization. The more financial duress that potential perpetrators are under, the more likely they will be to commit fraud.
Working with The IIA’s Global Board of Directors during the past year, it has been our objective to turn The IIA into an agile and responsive resource that provides timely and relevant guidance when the profession needs it most. Last week we issued two new pieces of guidance to help organizations deal with fraud risks. The first guide is Internal Auditing and Fraud, and is aimed at increasing internal auditors’ awareness of fraud and providing guidance on how to address fraud risks during internal audit engagements. It includes reference material, questions to consider, and a fraud risk assessment template, as well as: potential fraud indicators, fraud prevention and detection roles and responsibilities, tips for fraud investigations, and ways to form an opinion on internal controls related to fraud.
GTAG: Fraud Prevention and Detection in an Automated World focuses on IT-related frauds and how the use of technology can help internal auditors address fraud. It describes how using technology to implement real-time fraud prevention and detection programs can enable organizations to reduce the cost of fraud by lessening the time from which a fraud is committed to the time it is detected. A step-by-step process for auditing a fraud prevention program, an explanation of the various types of data analysis to use in detecting fraud, and a technology fraud risk assessment template are included.