PricewaterhouseCoopers' sixth annual Global State of the Internal Audit Profession survey found that with global industries, economies and regulatory environments forever altered by the recent financial crisis, strategic risk management has become a key issue for business leaders.
According to the 2010 survey of more than 2,000 executives from more than 50 territories, internal audit professionals have the company-wide visibility and mandate to lead their organizations in enhancing this capability.
This year’s survey also demonstrated that, to remain relevant and meet stakeholder demands, internal audit must evolve to an enhanced “Internal Audit 2.0” state that provides business leaders with actionable business risk intelligence.
“The financial crisis caused a heightened scrutiny of companies’ risk management practices, as many have blamed the crisis on poor risk management,” says Brian Brown, principal and Internal Audit Advisory Services leader at PwC. “CEOs across all industries are looking to upgrade their enterprise-wide risk management capability to better prepare for success in what is expected to continue to be a very challenging business environment.
Needs and expectations for internal audit have never been higher, so the key question is whether internal audit is delivering. There is also a challenge in building consensus for an expanded and more strategic role for internal audit,” notes Brown.
The 2010 State of the Internal Audit Profession study identifies three critical focus areas for internal audit departments:
• Critical risks and issues;
• Aligning internal audit's value position with its stakeholder's expectations; and
• Matching the staffing model with that value proposition
However, these are also the three areas where internal audit leaders believe they have the most room to improve.
“What senior executives should take away from this survey is that, for an internal audit team to assume the role of strategic partner, members must employ highly experienced and skilled professionals who can pinpoint trouble spots, synthesize a lot of data, better utilize technology and help the organization be more successful in a very challenging business environment,” Brown comments.
With these new challenges in mind, PwC believes internal audit must take a more radical approach to change than it has in the past, and rethink and redefine the way it works. The survey outlines several important steps that should be taken:
• Start with a plan
• Rethink risk assessment practices
• Fill the skills and capabilities gap
• Align with other assurance functions
• Focus on obtaining ROI from technology
“In this year's survey, we introduced the concept of "Internal Audit 2.0" to start organizations thinking about dramatic change,” says Brown. “As internal audit confronts new and continually changing needs and expectations, it must take the initiative to redefine its role. That means expanding its skill sets and preparing to take a leadership role as a more powerful resource for senior leadership, directors and boards in aligning strategy and risk identification, control and mitigation.”