Perspectives on Internal Audit
The flow of sessions during the first day of the General Audit Management Conference ran smoothly (like the big chocolate fountain in the Bellagio) in a predictable fashion: Driving Change, Finding and Keeping Good Auditors, Fraud Audits, Quality Assurance, Data Analytics, Transforming Internal Audit. All good stuff to help audit departments improve their operations and value proposition to their companies.
But then the second day started very differently - the first general session was on Ethics - ethics in the audit department. Now, I had been to a few professional conferences and audit seminars, but I had a hard time remembering even one event which included a topic on Ethics. So, before walking into the conference room, I filled up my cup of coffee all the way to the top thinking that this would be the most boring session of all.
Boy, was I wrong.
Within the first few minutes I realized that this is possibly the most important topic in the Conference. For ethics is a cornerstone in the foundation of any IA department. Without it none of the other building blocks - data analytics, risk assessment, etc. - matter much. Our ability as auditors to drive change in the company is largely dependent on our reputation. And our reputation is largely dependent on our integrity. And our integrity is largely dependent on how ethically we behave.
Most auditors rate themselves highly on the ethics scale. But is this always true? You can check for yourselves. Google “Forbes - Internal Audit: when internal auditors go bad” or Bing “Inside counsel - SEC targets execs, auditors in Biomet FCPA case”. And also ask yourselves a few simple questions such as:
“Will I hesitate to issue a red rated audit to an organization or function to which I want to rotate because it will jeopardize my rotation opportunity?”
“Will I issue a negative report or comment if that puts my personal friendship with the GM or VP of the business in jeopardy?”
“Am I familiar with the IIA Code of Ethics?”
“Have I taken the annual HP SBC training?”
By, Emil Tzanov
Shaping the Ideal 21st Century AuditorAs the demand for assurance shifts fundamentally from a retrospective view to a forward looking perspective, auditors are expected to adapt with a variety of technologies and methods for assessing risk. In response Richard Chambers , President and CEO of the IIA, presented research at the General Audit Management Conference to prioritize and develop the most important attributes needed in 21st century auditors. The top three attributes named are communication, integrity and relationship management:
Communication is presenting our message in context and on time to enact change. Proficiency in communication is critical in order to plan with others, work the assurance strategy and drive impact through audit results.
Integrity is the resolve to act in correspondence with our communication. Our reputation for integrity determines the extent the auditor is trusted. In turn, trust drives how well the auditor’s message is received and the timing of management’s action.
Relationship management is discerning and relying upon the actions of others. Strong relationships increase the velocity of planning, communication and change by connecting and leveraging governance, risk management and compliance functions. The key is to build genuine relationships before they are needed.
The IIA’s research describing the 21st Century auditor relates well to our own vision to advance emerging assurance technologies and practices to strengthen our capacity for communicating and enlarging impact. We plan to adapt the way the Department formally communicates from a direct-report, one-size-fits- all model to a succinct, purposeful summary specifically designed for the audit committee and senior governance.
Alternative media is being explored to centrally relate issues, action plans and remediation progress in a dashboard format enabling a kind of collaboration zone among auditors, FLB delegates and compliance functions.
By, Brad Ames.