Internal Audit

Global consulting firm Protiviti has released its 2021 Next-Generation Internal Audit Survey, finding that most chief audit executives (CAEs) and senior internal audit leaders and their teams are still in the early stages of, or have yet to embark on, their next-gen internal audit journeys. The benchmarking survey polled 874 executives in Q1 2021, including CAEs and audit managers and directors across industries globally. Highlights from the findings include: 66 percent of survey respondents report plans to increase their focus on innovation and...

As Well As Reducing Budgets, The COVID-19 Pandemic Has Heightened Organizational Risks and the Need for Audit Oversight Stamford, CT (March 24, 2021) – A September 2020 study of 299 internal audit organizations showed that the function faced both declining budgets and a significantly expanded workload in 2020, according to Gartner, Inc. “For many heads of audit, it’s not clear where the extra capacity is going to come from,” said Margaret Moore Porter, Managing Vice President in the Gartner Audit...

The American Institute of CPAs (AICPA) today issued a new whitepaper to help auditors providing SOC for Service Organization (SOC) reports on organizations that have incorporated blockchain into their service delivery systems. The paper examines the skills and competencies auditors need to perform such engagements, the unique features of blockchain, the risks associated with using blockchain, and how the use of blockchain by service organizations may affect their SOC examinations. Highlights include: An overview of blockchain, including a discussion of the different...

Global consulting firm Protiviti recently released the findings from its latest study, “IT Audit Perspectives: Top Technology Risks in 2021,” which reveals that concerns around security, privacy, cloud and other advanced technologies are being further fueled by the pandemic-induced remote work environment and accelerated deployment of new technologies. The study, conducted in partnership with ISACA, surveyed over 7,400 IT audit leaders across a wide range of industries worldwide. The report identifies the top 10 IT Audit risks for 2021 and examines how digital leaders weigh...

Banks have long outsourced certain audits, but banking-fintech relationships are new ground. Brandi Reynolds discusses a persistent problem in bank internal audit departments and offers a path forward. Co-sourcing or outsourcing certain internal audits is nothing new to bank internal audit departments. In the 1980s, IT/MIS (management information systems) functions started growing in sophistication, and all but the largest banks outsourced their IT audits. In the early 2000s, Bank Secrecy Act functions also grew in sophistication and outgrew the capabilities...

As COVID-19 rages on, companies continue to go digital. Riskonnect CEO Jim Wetekamp offers guidance on how to conduct successful audits in a remote work environment. As the COVID-19 pandemic magnifies existing threats and constantly creates new risks for organizations to assess, business leaders are seeking added assurance that appropriate oversight, capabilities and controls are in place – and they are looking to internal audit for help. With remote work and travel restrictions limiting mobility in many parts of the...

COVID-19 has revealed the importance of having an effective business continuity plan. Protiviti’s Matthew Watson discusses the role internal audit should play in escalating and prioritizing business continuity audits given the realities and uncertainties in today’s business environment. With so many uncertainties as we head into 2021 – the wait for an effective COVID-19 vaccine, macroeconomic and geopolitical concerns, increased technology outages and cybersecurity risks to name a few – business continuity programs have taken on new urgency. Business leaders,...

Auditors need a complete understanding of the standard and how it affects their clients’ financial statements. AICPA’s Deana Thorps suggests four considerations auditors need to keep in mind when performing high-quality audits based on common challenges with accounting estimates. One of the most significant changes to U.S. GAAP is FASB’s revenue recognition standard, FASB ASC Topic 606, Revenue from Contracts with Customers. The standard requires an entity to apply a five-step approach, including estimating the revenue recognized for the accounting...

Ron Kral offers an analysis of the SEC’s recent order against BorgWarner, charged for making material misstatements by failing to account for certain asbestos liabilities. “Hindsight is 20/20” can be a profound statement when it comes to loss contingencies, as it is easy to precisely define them once they are settled over time. The statement can also be interpreted as the company should have known something would happen, or the company made a bad decision in hindsight. In applying this...

Ellen McCarthy, Head of Compliance at Computershare, opines on the IIA’s recent updates to its three lines of defense model, positing that they fail to recognize the importance of the independence of the compliance function. The Institute of Internal Auditors (IIA) last month issued a new three lines model, updating its “Three Lines of Defense” model to set forth the IIA’s “latest understanding of governance and risk management.” Below, I have set out my personal view along that, while the...

With digitization fueling innovation and change, two questions arise: Is internal audit adjusting quickly enough to innovate and embrace underlying technologies, and should executive management and the board care? Protiviti’s Jim DeLoach discusses. In a world of rapid change on almost every front, in which organizations must adapt and grow – or risk decline and ultimate demise – everybody faces the same reality: either raise the game to contribute sustainable value or be left at the station. These words could...

Compliance doesn't appear to figure prominently in the update to the Institute of Internal Auditors' 2013 Three Lines of Defense Model. Compliance consultant Nicole Di Schino takes a look here, providing original reporting for CCI as she shares analysis and opinions from compliance pros and IIA CEO Richard Chambers. All images courtesy of Institute of Internal Auditors; used with permission Recent updates to the Institute of Internal Auditors’ (IIA) three lines of defense model offer a refreshing take on corporate...