Boards, audit committees and senior management now want internal audit to take on a bigger and more strategic role in helping companies manage an increasing array of business risks, according to PwC's 2012 State of the Internal Audit Profession study. The survey polled 1,530 executives from 16 industries in 64 countries.
“The survey shows the trend has changed from just a few years ago, when internal audit was limited to the finance and compliance function,” says Jason Pett, internal audit services leader for PwC. “At the end of the day, the work of internal audit is with key risks to the business. Internal audit needs to be aligned with the business to make sure it is allocating time and effort to the high-risk areas.”
Stakeholders and chief audit executives (CAEs) say their businesses now face more risks than ever before and identified 15 risk areas. They want internal audit to bring its objective point of view to focus on evaluating processes and controls in these other areas, Pett says. The top areas where stakeholders are asking for increased internal audit focus are data privacy and security, and regulations and government policies, according to the survey.
Risk areas that respondents said receive too little attention from internal audit include: talent and labor (33%), competition (32%), new product introductions (31%), mergers and acquisitions and joint ventures (29%), commercial market shifts (25%) and large program risk (25%).
“One hundred percent of stakeholders and CAEs say internal audit needs to spend more time, not less, on business risks,” Pett says. “What successful companies are doing is inviting internal audit to participate early on in strategic discussions on where the business is moving,”
Internal audit has the ability to have a real impact if its objective point of view is inserted throughout the process, he says. For instance, with M&A, internal audit can evaluate the processes and the control environment of the acquisition target, its Foreign Corrupt Practices Act profile and the impact of the acquisition on the overall business and culture of the acquirer. “So companies can know what they are getting before they get it,” Pett says, instead of bringing internal audit in after the acquisition to tell the organization what it bought.
Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.
Your access to unlimited Treasury & Risk content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Thought leadership on regulatory changes, economic trends, corporate success stories, and tactical solutions for treasurers, CFOs, risk managers, controllers, and other finance professionals
- Informative weekly newsletter featuring news, analysis, real-world case studies, and other critical content
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the employee benefits and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
Already have an account? Sign In Now
*May exclude premium content© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.