Building an Effective Internal Audit Activity in the Public Sector

The Public Sector differs significantly from profit organizations in terms of its objectives and purpose. Thus, the work and structure of internal audit functions (IAFs) differ fundamentally between these types of organizations as well. To address the special needs of IAFs within the public sector a practice guide by the Institute of Internal Auditors (IIA) […]

Internal Audit in a Post-COVID World, Part 3: Redefining the Resilient Organization

In the last report “Redefining the Resilient Organization” of a three-part series on “Internal Audit in a Post-COVID World” by the Institute of Internal Auditors (IIA), the authors give internal auditors guidance on how to prepare organizations for potentially arising business transformations and disruptions. Part of this guidance is putting the internal auditor’s focus, especially […]

Global Perspectives & Insights: Cybersecurity in 2022, Parts 1-3

The collection on „Global Perspectives & Insights: Cybersecurity in 2022, Parts 1-3”, published by the Institute of Internal Auditors, discusses different issues within the contemporary evolving cybersecurity landscape. While part 1 focuses on the implications of regulatory changes on cyber reporting by the SEC, part 2 deals with the benefits of symbiotic relationships between Heads […]

Embedding ESG and sustainability considerations into the Three Lines Model

The report „Embedding ESG and sustainability considerations into the Three Lines Model“, co-written by the World Business Council for Sustainable Development  (WBCSD) and the Institute of Internal Auditors (IIA), provides suggestions and guidance, on how environmental, social, and governance (ESG)-related matter can be integrated into the key roles of the revised Three Lines Model – […]

Internal Audit in a Post-COVID World, Part 2: Supply Chain

In its second report on “Internal Audit in a Post-COVID World”, the Institute of Internal Auditors (IIA) deals with global supply chains, which were severely hit by pandemic challenges and uncertainties, being only 2% of global supply chains prepared for such an event according to surveys of the US branch of the consulting firm Ernst […]

Internal Audit in a Post-COVID World, Part 1: Talent Management

In its first report on “Internal Audit in a Post-COVID World”, the Institute of Internal Auditors investigates talent management within a post-pandemic setting. In the light of the pandemic-driven demand for flexibility and human-centricity of employees, the findings suggest difficulties of employers to offer the required individual employee’s flexibility while retaining internal audit functions with […]

EFRAG: consultation on the Draft European Sustainability reporting Standards (ESRS) Exposure Drafts

In its reaction to the European Financial Reporting Advisory Group (EFRAG) consultation on the Draft of European Sustainability Reporting Standards (ESRS), the European Confederation of Institutes of Internal Auditing (ECIIA) is strongly advocating that the EFRAG provides necessary clarity on the role of Internal Audit has in light of ESG matters. To be precise, since […]

European Commission: Sustainability-related disclosures in the financial service sector

The European Commission has adopted technical rules to be used by financial market participants when disclosing sustainability-related information under the Sustainable Finance Disclosures Regulation. Under these standards, financial market participants will provide information about how they reduce possible negative impacts that their investments may have on the environment and society in general. The rules are […]

What implications the new SEC proposals have for cybersecurity reporting, and how this affects internal audit

The IIA’s Global Knowledge Brief series on cybersecurity presents an overview of the new SEC proposals, including the implications they have for cybersecurity reporting regulation in the U.S. as well as abroad. It also explores how internal auditors can play an essentiel role in helping their organizations manage an altered compliance plan that new regulations […]

Engaging Third Parties for Internal Audit Activities: Strategies for Successful Relationships

One of the biggest challenges CAEs face is having enough personell obtaining the right abilities to complete their audit plans. To meet this challenge, many CAEs engage third parties for some of their internal audit activities. This report will help internal audit practitioners, managers and audit committees to more effectively manage these chalenges.

Prioritizing Environmental, Social and Governance Issues

Environmental, social and governance (ESG) issues are a hotly debated topic globally and across all industries and organizations. The pressure on organizations to address ESG issues continues to grow, making it paramount. Internal audit functions are invaluable to companies and should be more involved in their organization’s ESG efforts. The new report „Prioritizing ESG: Exploring […]

Using Evolving Technologies to Improve Collaboration

To remain relevant in the current business environment, internal audit must maintain an innovative mindset, challenge and update existing audit methodologies, and leverage emerging technologies such as governance, risk, and control (GRC) to improve business collaboration. The report „Using Evolving Technologies to Improve Collaboration: How GRC Software Can Support Risk Management and Internal Audit“ by […]

Internal audit and compliance

What is the relationship between internal audit and compliance? This is the subject of a new report from the IIA entitled „GLOBAL PERSPECTIVES AND INSIGHTS: Internal audit and compliance: Clarity and collaboration for stronger governance“. To explain the relationship between internal audit and compliance, the report uses the three-line model and is a tool for […]

Time for Internal Audit to Focus on Resilience

Internal audit is well positioned to assess resilience risk and embed resilience in organizations. This is demonstrated in the new white paper „Are We Ready? It’s Time for Internal Audit to Focus on Resilience Amid Extreme Change“ from the IIA in collaboration with Protiviti. The paper helps chief audit executives better understand the importance of […]

The right Length of Audit Reports

How long should an audit report be? Does are most internal audit reports the right length? For many stakeholders of audit reports in the executive suite and boardroom, the answer is probably that they are “too long!” So, is the answer ten or twenty pages? Is it two or three? This article from Internal Audit […]

​The Alternate Reality of REM

In times of the COVID-19 pandemic, the risk of workplace fraud has increased significantly in many companies and industries. For example, lost revenue has caused companies to reduce their operating expenses. The risk of accounting fraud is increasing. One type of accounting fraud is real earnings management (REM). In this process, managers intentionally create an […]

Assessing Internal Audit Competency

The Internal Audit Foundation and Deloitte released a joint Premier Global Research Study, “Assessing Internal Audit Competency: Minding the Gaps to Maximize Insights.” The two organizations collaborated to complement the launch of The IIA’s Internal Audit Competency Framework. The resulting comprehensive report outlines five key findings that help identify areas where there are gaps in […]

Auditing the Data Protection Organization

At the latest since the EU General Data Protection Regulation (GDPR) came into force in May 2018, data protection compliance has been on the risk map for internal auditing. The significant liability/sanction risks as well as the increased accountability requirements have led to the implementation of data protection management systems in companies and in the […]

Guidance on remote auditing

Supported by ECIIA, Specialists from the Internal Audit Service at the European Commission have described the way to implement remote auditing by using the new Guide on Remote Auditing for the use of Internal Auditors. This guide describes, what a remote audit is, how to assess whether an audit can be conducted remotely, what tools […]

Digitalization – Changing the Way Internal Audit Works

Technologies offer enormous potential to change and improve working methods. The topic of automating tasks and processes, for example, is also playing an increasingly important role in auditing. Among other things, the use of Robotic Process Automation (RPA), Predictive Analysis (PA) and Artificial Intelligence (AI) in internal auditing is being discussed. A new study by […]

Getting to the bottom of it

Why is root cause analysis so important? When you go to a doctor, do you want him to tell you what is wrong with you so that you can begin treating the disease? Or are you satisfied that the doctor only treats the symptoms and does not diagnose the actual disease? Of course not. Well, […]

Remote Auditing

The corona pandemic turned the standard model of office work on its head. Companies were put into crisis management mode and employees were increasingly working from home. The rapid outbreak of the pandemic accelerated the trend towards teleworking in internal auditing as well. This is the subject of the latest report of the IIA’s Global […]

Role of Internal Audit in Business Resilience

The COVID 19 pandemic also confronted internal auditors with major challenges. For example, auditors had to completely abandon or quickly revise well-thought-out plans and familiar checklists and procedures. To ensure the effectiveness of their organization’s risk management, governance, and internal control processes, internal auditors had to reorient themselves. The importance of agility and flexibility increased. […]

Upskilling Today for the Profession of Tomorrow

As various technologies converge and mature over the next few years, internal auditors must ask themselves how disruptive innovations can transform their organizations, stakeholder expectations, and the profession itself. If the work of internal auditing is to really enrich and protect, the function must be ready to adapt to new risks and the new requirements […]

Continuous Auditing

The high speed of economic change, digitalization and automation have an impact on the internal audit function. The internal audit function must plan ahead and at the same time react promptly. There is a shift from static, timeframe-based risk assessment and audit planning to a direct situationally reactive analysis of risks. Continuous auditing plays a […]

Cyber Risk & Internal Audit

An essential topic for companies is cyber security. In this context, companies must take into account that cyber risks are constantly evolving and that the extent of damage can pose an existential threat. This is also of special importance for internal auditors. In the new article „Reining in Cyber Risk: An understanding of technology, third parties, […]

Financial Market Integrity Strengthening Act (FISG)

The German government is responding to the Wirecard fraud scandal with the Financial Market Integrity Strengthening Act (FISG), which came into force on July 1, 2021. For the first time, the legislature now explicitly requires appropriate and effective internal control and risk management systems and creates a direct right of information for the audit committee […]

internal-audit function of the future

The near-term challenge of the IA function will primarily be to continue to provide safe oversight while also adapting to the dynamic risk landscape. The IA function must thus be able to deal with the increasing number of emerging risks. The article „Building the internal-audit function of the future“ by McKinsey addresses the challenges of […]

How to measure and communicate the value of internal audit

Internal audit, like all other departments in a company, is seen as an investment that is expected to generate meaningful returns. But unlike departments where the return on investment (ROI) can easily be calculated and traced back to the bottom line, internal auditing is faced with the challenge of assessing the inherent qualitative benefits of […]

Audit committee chair overlap

The new study named „Audit committee chair overlap, chair expertise, and internal auditing practices: Evidence from Malaysia“ by Wan-Hussin, Fitri, and Salim (2021) adds to the sparse literature on audit committee leadership. It examines internal audit outcomes when AC chairs overlap. They use annual reports from 2014 for a sample of the top 100 nonfinancial […]

Powering Audit Committee Outcomes

An independent audit committee is essential for good corporate governance. However, there is no one-size-fits-all solution of what the perfect audit committee should look like. This is because the exact structure and objectives of audit committees worldwide are influenced by the type of business, the regulatory environment, the ownership structure and legal requirements. In addition, […]

Financial Market Integrity Strengthening Act

On July 1, 2021, the Financial Market Integrity Strengthening Act, or FISG for short, came into force in Germany. Extensive changes were made with a total of 27 articles. The aim of the Act is to permanently strengthen investor confidence in the German capital market. The amendments relate, for example, to Supervisory structures in companies. The […]

Remote audits: a concept for the future?

Audits in the usual form are currently not possible or only possible to a limited extent. Since it is not an option to forego revision audits, remote audits are the alternative: audits of internal processes that are not carried out in the company on site. Finally, the supervisory and management bodies‘ monitoring obligations remain unchanged. […]

Internal audit in payment companies

The Covid 19 crisis has changed the risks associated with payments. Deloitte’s article „The shifting landscape of risk: Perspectives on payments companies, internal audit, and the pandemic“ addresses these risks and outlines how the risks have evolved and how payments companies‘ IA departments can improve their understanding of these changing risks. As customers continue to […]

INTERNAL AUDIT’S ROLE IN ESG REPORTING

Environmental, social and governance (ESG) issues are becoming increasingly important in organizations. Companies are more and more under pressure to publicly commit to sustainability and to report on their activities. To date, however, there are not many defined rules for ESG reporting or what ESG reporting should retain. As part of effective governance, Internal Audit […]

The 2021 Audit Management Playbook

Regardless of whether it is an audit team of five, thirty or more people, the biggest challenge for any modern audit leader is to stay relevant and add value to the company. In addition to complying with regulations and reducing costs wherever possible, audit leaders also need to stay abreast of current industry topics and […]

Use of technology in internal audit in times of Covid

What is the use of technology in the internal audit function in times of pandemic? This is one of the questions answered in the new report „Internal Audit’s Digital Transformation Imperative: Advances Amid Crisis – Analysing the Impact of 2020 on Internal Audit Functions‘ Implementation of Technology“. The Internal Audit Foundation and the AuditBoard jointly […]

Should Internal Audit change its name?

The discussion is constantly being stimulated as to whether the internal auditing department should change its name. The idea is usually suggested to avoid what some see as a negative stigma related to internal audit. Richard Chambers, president and CEO of The IIA, discusses the question of changing the name of the internal audit in […]

Internal Audit’s Digital Transformation Imperative: Advances Amid Crisis

The ongoing digital transformation could accelerate in internal audit in 2021. That’s according to a new survey called “ Internal Audit’s Digital Transformation Imperative: Advances Amid Crisis“ from AuditBoard and the Institute of Internal Auditors‘ Internal Audit Foundation (IAF). Twenty-two percent of respondents in a survey say they will implement cloud-based technology this year. Overall, […]

Agents of Change

„Agents of Change: Internal Auditors in an Era of Disruption“, the new book by Richard Chambers, president and CEO of the Institute of Internal Auditors, is calling for a faster and deeper transformation of the internal audit profession. The book claims that internal audit must not only accept change, but also become a catalyst for […]

Moving Internal Audit Deeper Into the Digital Age: Part 3

The third part of the three-part report series, „Moving Internal Audit Deeper into the Digital Age: Part 3, Beyond Theory – Scaling Automation Capabilities in Internal Auditing“ from the Internal Audit Foundation and Deloitte answers the question, „How can internal audit help set up governance architecture around new technologies?“ For effective scaling of analytics and […]

Moving Internal Audit Deeper Into the Digital Age: Part 2

To gain an insight into where various internal audit organizations stand in relation to audit automation and cognitive technologies, the Internal Audit Foundation and Deloitte conducted a survey of IIA members. Based on responses from internal audit leaders across a wide range of organizations, key findings reveal where many organizations are making progress and where […]

Moving Internal Audit Deeper Into the Digital Age: Part 1

The first part of a three-part report series, „Moving Internal Audit Deeper into the Digital Age: Part 1 – A Structured Methodology for Leveraging Automation,“ from the Internal Audit Foundation and Deloitte, explores the impact of robotic process automation (RPA) on internal audit. Part 1 examines how the three types of RPA – probots, knowbots […]

The Guide to Streamlining Document Workflow

Do more with less? Which Internal Auditor hasn’t heard the chorus? Most forward-thinking businesses realize the value of internal audit and are increasing responsibilities of internal audit. Rather than immediately asking for more employees, intelligent teams first address these resource constraints by identifying areas where productivity and efficiency can be improved. Implementing new technology is […]

The Balance between Assurance and Advisory Work

Most internal audit functions spend between 80 and 100 percent of their time doing traditional internal audits, commonly referred to as „assurance work“. Yet, many also do a certain amount of counseling and strive for more. A lot of senior auditors are concerned about how the limited internal audit resources should be allocated across these […]

Time to use RPA in Internal Audit

There are many areas of internal audit where automation using robotic process automation (RPA) and process mining can be used. In Jean-Marie Bequevort, Expert Practice Leader Internal Audit at TriFinance, opinion, two areas are ripe for automation: (1) data download and analysis to identify red flags, and (2) data visualization to support audit interviews. Why […]

IIA-Praxisleitfaden für die Finanzindustrie

Die Nachfrage nach Revisoren mit Kenntnissen und Erfahrungen im Bereich der Finanzindustrie wächst rasant, angetrieben durch den regulatorischen Druck, Revisionsabteilungen mit dem notwendigen Umfang und der erforderlichen Qualität an Ressourcen zu besetzen. Dies hat viele Revisionsabteilungen innerhalb der stark regulierten Finanzdienstleistungsbranche dazu veranlasst, ihre Mitarbeiterzahl entsprechend dem neuen globalen Geschäftsumfeld in Bezug auf Qualität und […]