Professional Documents
Culture Documents
Transformation of Internal Auditing
Transformation of Internal Auditing
auditing
By Gaurav Kapoor and selves several related questions: Is our tors, they are generally accountable first
Michael Brozzetti internal audit department designed to add to their company’s audit committee. The
value? Are our internal audit processes sys- following sections present some of the key
T
he field of internal auditing has tematic and disciplined enough to sustain concerns of audit committees that internal
transformed significantly over the that value? Are we willing to change areas auditors should keep in mind.
past decade. Several factors have that need change? Risk assurance and governance.
contributed to this change, including the To truly add value to an organization’s Although the focus on risk management has,
increased complexity of a globalized mar- operations, internal auditing has to remain for some time, been a key trend in the field
ketplace, high-profile fraud and corrup- relevant to stakeholders, such as manage- of internal auditing, audit committees con-
tion scandals, new laws and regulations,
and increased demand from stakeholders
for greater assurance. (See Exhibit 1 for
some specific shifts that have occurred with
respect to internal auditing.) Within the pro-
fession, internal auditing serves as a cor-
porate conscience and guiding force that
helps to ensure that business decisions and
management operations remain consistent
with an organization’s mission, strategies,
and goals.
Given the continually changing cli-
mate, auditors must take on additional
responsibility to aid organizations in man-
aging risk. Exhibit 2 highlights key quali-
ties that internal auditors should possess.
Although internal auditing presents certain
challenges, businesses should strive to
implement an enterprise-wide internal audit
system that takes advantage of the advice
provided below.
Adding Value
The Institute of Internal Auditors (IIA) ment and the board of directors. Internal tinue to consider it a major area of concern.
defines internal auditing as “an indepen- auditors are the eyes and ears of the orga- The IIA has issued guidance on how to
dent, objective assurance and consulting nization, and they can constructively provide internal audit opinions regarding the
activity designed to add value and improve improve the entity’s risk management and risk management, internal control, and gov-
an organization’s operations. It helps an internal control processes, while also pro- ernance activities of an organization by
organization accomplish its objectives by viding assurances as to the effectiveness updating standards within its International
bringing a systematic, disciplined approach and efficiency of these processes and man- Professional Practices Framework.
to evaluate and improve the effectiveness agement operations. When properly Enterprise risk management. With enter-
of risk management, control and gover- designed, internal audit activities can sig- prise risk management (ERM) becoming a
nance processes” (http://www.theiia.org/ nificantly improve the business as a whole. top organizational priority, organizations’ inter-
theiia/about-the-profession/internal-audit- nal audit plans are being aligned with key
faqs/?i=1077). Emerging Concerns enterprise risk areas to provide assurance
Internal auditors would do well to fre- Although internal auditors often report that these risks are being managed effective-
quently revisit this definition and ask them- to management and the board of direc- ly and kept in check by management.