Thursday, February 25, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

State of Internal Audit 2018

by Manu Gopeendran
August 13, 2018
in Featured, Internal Audit
blue binders on white background

Impact and Opportunities

MetricStream’s latest survey on the state of internal audit finds auditors focused on delivering timely insights on key risks, aligning audit planning with business strategy and improving audit processes and operational effectiveness. Manu Gopeendran details the survey’s findings.

For years, internal auditors have been the eyes and ears of the enterprise, providing assurance around the efficacy of risk mitigation strategies and controls. But today they are being asked to do more – to go beyond simply protecting business value to actually creating value. Much of this shift is being driven by larger business changes. Traditional business models, for instance, are rapidly being disrupted. Technology is advancing faster than ever. Emerging risks around data privacy and geopolitics are coming to the fore. And global concerns around corporate ethics and integrity are on the rise.

Now more than ever, internal auditors are needed at the executive and boardroom tables, not just to deliver assurance, but also to provide strategic intelligence that can accelerate business performance and growth, highlight critical risks and opportunities and drive better informed business decisions. Stakeholders want to know if something is going wrong or can go wrong in their business well before it actually does. No other function is arguably as well-positioned as internal audit to deliver those insights in a timely manner.

Where Does Internal Audit Stand Today?

MetricStream Research conducted a survey in the first half of 2018 to better understand internal audit’s impact and opportunities. The respondents represented more than 600 organizations across 15 industries globally. The survey covered three primary areas of internal audit: challenges and priorities, program structure and the role of technology.

Here are the key highlights of the survey report:

Internal audit’s focus is on strengthening risk awareness and aligning with business strategy

Respondents reported that their top internal audit priorities for 2018 are to provide timely insights on key risks, align audit planning with business strategy and improve audit processes and operational effectiveness.

Adding value to the business is a key audit challenge

While internal auditors may be increasingly seen as strategic business advisors, it is still a big challenge for them to add value to the business – that’s according to respondents from large, mid-sized and small enterprises. Other internal audit challenges include aligning audit processes to changes in the business, ensuring effective risk management and performing cybersecurity audits.

Auditors are turning to emerging technologies for real-time data and analysis

As boards and executive management teams demand deeper insights into risks, internal auditors are looking to leverage more analytics and other emerging technologies. Seventy-seven percent of respondents reported an interest in data querying and analysis tools, 75 percent in continuous control monitoring tools, 60 percent in data visualization capabilities and 58 percent in modeling and predictive analysis tools.

Enterprise risk management (ERM) is not yet pervasive

Only 50 percent of respondents reported having a dedicated ERM team and program in place. Of the remaining respondents, 25 percent indicated not having an ERM program at all – a significant cause for concern. Meanwhile, 25 percent reported that their organizations’ ERM programs are maintained by their internal audit teams.

Auditors have embraced a risk-based approach

When it comes to audit planning and execution, 86 percent of respondents reported that they follow a risk-based approach.  Of them, the majority (75 percent) perform simple risk assessments (i.e., they assess the auditable entity directly based on risk factors, such as reputational risk or operational risk). Only 54 percent of respondents reported following a more comprehensive approach of assessing risks based on impact and likelihood prior to determining a rolled-up risk score.

Most auditors define their audit universe ahead of audit planning

Eighty percent of respondents indicated that their audit universe is defined before the audit planning stage. On the other hand, 39 percent of respondents define their audit universe during audit planning, while 20 percent define it during audit execution. The latter two groups are likely to have more flexibility when it comes to making changes to the audit universe during the audit cycle.

Balanced scorecards are not widely utilized to assess internal audit efficacy

Only 19 percent of respondents reported using a balanced scorecard approach to evaluate the effectiveness of internal audit programs. The majority still rely on qualitative, unstructured assessment approaches, like open dialogues between the senior management and auditors (63 percent) and self-assessments by the audit team (52 percent).


Tags: internal audit
Previous Post

Maternal Walls and Glass Ceilings in the #MeToo Era

Next Post

Lockpath Partners with RapidRatings to Increase Third-Party Risk Visibility

Manu Gopeendran

Manu Gopeendran is a Senior Director of Marketing at MetricStream, where he is responsible for providing leadership vision, strategy, and execution across a variety of marketing-related disciplines.  Manu is also responsible for developing and subsequently implementing marketing strategy with a focus on sales growth and revenue expansion.

Related Posts

woman looking at horizon from mountain top

What’s on the Horizon for Anti-Corruption Enforcement?

February 25, 2021
cannabis leaf on $100 bill

The Intersection of EDD and Banking Cannabis

February 24, 2021
gold cup award on red background with stars

Ethisphere Announces the 2021 World’s Most Ethical Companies

February 23, 2021
illustration of hand holding flashlight illuminating hidden stairs

The Corporate Transparency Act: Pulling Back the Veil

February 23, 2021
Next Post
Lockpath Partners with RapidRatings to Increase Third-Party Risk Visibility

Lockpath Partners with RapidRatings to Increase Third-Party Risk Visibility

Access realtime data
Addressing systemic racism in the workplace SAI Global
Dynamic Risk Assessments with Workiva
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights