Internal Auditors Urged to Sharpen Focus on Risk Management

To meet the ever-demanding needs of their stakeholders, today's internal auditors must move beyond traditional internal control and assurance activities and sharpen their focus on risk management, governance processes, and enhanced use of audit technology and automated tools. These are just a few of the findings uncovered by The Institute of Internal Auditors Research Foundation's (IIARF's) 2010 Global Internal Audit Survey, released from The IIA's General Audit Management Conference in Las Vegas.


According to the global survey, 80 percent of respondents foresee an increase in their risk management activities, and 23 percent project more corporate governance reviews in the next five years. A number of factors are contributing to the heightened focus, including: (1) the increasing frequency and complexity of major risk events, (2) the fact that internal audit activities have stepped up their coverage of many risks in response to serious control breakdowns in the financial services sector, (3) the rethinking of risk oversight by audit committees and boards, and (4) The IIA's International Standards for the Professional Practice of Internal Auditing (Standards) requirement that internal auditors evaluate governance and risk management capabilities.


The study also found that approximately half of participating organisations expect to recruit more staff during the next five years, and the two skills in greatest demand are: (1) understanding the business, and (2) knowledge of risk analysis and control assessment techniques. Moreover, researchers identified a growing need for specialized training in data collection and analysis, operational research, and new audit tools and technologies due to the changing nature of internal audit procedures and their increasing automation.


“This study represents the most comprehensive and valuable insight into the global practice of internal auditing that has ever been assembled. The researchers have done a terrific job in synthesizing the results and providing key data for a blueprint for The IIA in serving the profession,” says IIA President and CEO Richard Chambers, CIA, CGAP, CCSA. “It provides an empirical demonstration of the dramatic shift we’ve seen take place since the financial crisis. organisation are recognizing the harmful impact of inadequate corporate governance and the significant risk it poses to the effectiveness of the risk management function; internal auditors are naturally following the risks and aligning their coverage in response to their stakeholders’ changing expectations.”


The report highlights 10 imperatives and includes detailed action items to help CAEs address each imperative:


1. Sharpen your focus on risk management and governance
2. Conduct a more responsive and flexible risk-based audit plan
3. Develop a strategic vision for internal auditing
4. Focus, monitor, and report on internal auditing's value
5. Strengthen audit committee communications and relationships
6. View compliance with The IIA's Standards as mandatory, not optional
7. Acquire and develop top talent
8. Enhance training for internal audit activities
9. Take advantage of expanding service provider membership
10.  Step up your use of audit technology and tools





Suggested Articles

Some of you might have already been aware of the news that Questex—with the aim to focus on event business—will shut down permanently all media brands in Asia…

Some advice for transitioning into an advisory role

Global risks are intensifying but the collective will to tackle them appears to be lacking. Check out this report for areas of concern