The results of the ninth annual Global State of the Internal Audit Profession survey were announced a few days ago by PwC US. Representing 18 industries and 60 countries (including Greece), nearly 1,100 chief audit executives and more than 630 stakeholders, including CEOs, audit committee chairs, other board members and senior finance and risk managers, took part in this year’s survey.
As companies have come to accept that market volatility, complexity, political and regulatory changes are here to stay, internal audit functions have more opportunities to contribute to businesses in a truly meaningful way. However, according to survey respondents, before internal audit reaches for new heights, it must keep pace and continue to evolve its focus. Internal audit must also significantly improve its performance or risk losing relevance as other internal risk functions become more vital contributors in the risk management area.
“Audit committees and management expect more from internal audit, providing a huge opportunity for internal audit functions to be relevant contributors to protecting the business from the most critical risks,” said Kostas Perris, head of the Internal Audit Services Department of PwC in Greece. “However, for internal audit functions to maximise their value to the organisation, they must ensure alignment on multiple levels. There must be clear understanding and alignment of stakeholder expectations, alignment of internal audit focus on the highest risk areas, and alignment of audit capabilities to the needs of today and emerging needs of tomorrow.”
PwC’s survey indicates that high performing internal audit functions have excelled in four important areas: (a) They demonstrate significantly stronger foundational capabilities; (b) They coordinate with their organisation’s risk and compliance activities; (c) They more effectively incorporate emerging risk into audit areas; and (d) They partner with those they serve by providing proactive advice in initiatives such as new product introductions and mergers and acquisitions.
PwC outlines the key steps audit committees, management and chief audit executives can take to enhance the value internal audit can and should deliver to organisations:
Audit Committee: Ask More Questions
Most audit committees consider oversight of risk management to be a primary responsibility. However, they should ask if internal audit’s actions align with critical business risks and if internal audit has established a clear, strategic plan to raise capabilities and deliver value.
Management: Expect More
Management teams should require their organisations to have a strong enterprise-wide risk assessment process, enabling management, internal audit and the board to have a productive and transparent discussion about risk management. Management should expect internal audit to have the skills necessary to contribute value in key risk areas.
Chief Audit Executives: Deliver More
Chief audit executives should have a strategic vision that aligns to stakeholder expectations, including an investment strategy such as investing in the right resources. They must also be prepared to respond
For greek, click here