With risk, control and compliance becoming increasingly important in today?s global marketplace, a new global survey of 695 chief audit executives (CAEs) and C-suite executives released by Ernst & Young reveals that 80 percent of organizations acknowledge that their internal audit function has room for improvement. The future of internal audit is now report highlights that 75 percent of respondents believe strong risk management has a positive impact on their long-term earnings performance and an equal percentage believe that their internal audit function has a positive impact on their overall risk management efforts.
Aligning internal audit strategy to the business. The survey identifies that the key priorities of both CAEs and stakeholders have clearly shifted from compliance and financial controls to risk coverage and business relevance. Future focus areas becoming more relevant to achieving business objectives cited by respondents include improving the risk assessment process and enhancing the ability to monitor emerging risks. Additionally, reducing overall internal audit function costs without compromising risk coverage and identifying opportunities for cost savings in the business were also cited.
In order to focus on risks that matter, create value and help the organization achieve its objectives, internal audit functions need to align their strategy to that of the overarching organizational strategy. However, 61 percent of respondents reported that they had no documented mandate that aligns internal audit to the organizational strategy.
Commenting on this approach, Randall Miller, Ernst & Young Advisory Global Risk Leader says,? Internal audit can use the organization?s overarching organizational strategy to identify the risks that matter most in the context of the organization?s risk appetite. Elements of the organizational strategy will vary by industry and are very specific to the business but to remain relevant, internal audit needs to use risk assessments based on the organization?s strategic objectives.?
Improve the risk management process. Internal audit risk assessments, regulatory requirements and enterprise risk assessments are the top three drivers of the audit plan, and internal audit is playing a more prominent role in organizational issues, such as major capital projects (49 percent), IT systems implementations (42 percent), mergers and acquisitions (37 percent) and material contracts (32 percent). Technology also remains a key area of focus for internal audit functions, comprising 18 percent of the current audit plan.
Improving the risk assessment process is the number one priority of CAEs and stakeholders alike. Identifying risks that are truly significant to the business is the first step to effective risk management and monitoring. Today?s internal audit functions are focused on enterprise-wide risk coverage, leadership engagement and direct linkage to strategy to increase the relevance of the risk assessment. As well, most leading organizations are incorporating a quantitative component.
Forty-six percent of respondents indicated that their internal audit functions perform annual updates, or none at all, leaving themselves unprepared for events that could crop up throughout the year including transactions, new product launch or retirement, new market entry, patent expiry and litigation.
Brian Schwartz, Ernst & Young Americas Internal Audit Leader comments, ?No longer an annual process, the audit plan must be refreshed regularly, with triggering events and leading functions are developing a ?three + nine? plan, a three-month frozen window and nine-month fluid plan.?
Assess skills and manage talent. Nearly one-fifth of respondents indicated that they would like to see improvements to internal audit reporting by putting issues into perspective relevant to the risk and identifying trends. Thematic audits are one way of doing this and are making resurgence as stakeholders increasingly want to know the implications, magnitudes and insights that audit findings convey.
As the role of the internal auditor evolves and stakeholder expectations rise, internal audit functions increasingly require competencies that exceed the more traditional technical skills, such as the ability to team with management and business units on relevant business issues.
When asked which areas of the respondent?s internal audit function had defined competency plans for staff development, 58 percent indicated a plan for technical internal audit skills, 54 percent have a plan for business or industry acumen and only 47 percent have a plan for business management and leadership. Surprisingly, 8 percent indicated no defined competency plan at all.
Two main approaches that internal audit functions can take to attract the right capabilities include an auditor rotation program across business units or functions in other parts of the organization and a guest auditor program for high-performing employees from other parts of the business to gain internal audit experience.
Miller summarizes, ?With the right internal audit-focused strategy in place, internal audit can add value to the business by becoming strategic advisors, identifying efficiencies across the enterprise, supporting key business initiatives and quantifying internal audit?s return on investment.?
Schwartz adds, ?The future of internal audit is not on the horizon. It?s here and internal audit functions need to act now to remain relevant to the business, or be left behind.?
Source: Ernst & Young; www.ey.com.
amare stoudemire tallest building in the world the pitch brandon inge freedom tower freedom tower eric church
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.