New duties on horizon for internal auditors

BY KEN TYSIAC

Even as assurance and compliance responsibilities are expanding for internal auditors, a significant shift in their strategic duties is on the horizon, according to a new survey.

More than half (54%) of respondents expect that in the next two years, internal audit’s primary mandate will be providing stakeholders with business insights and serving as a strategic adviser to the organization, according to EY’s Global Internal Audit Survey 2013.

Less than one-third (28%) of respondents said playing that strategic role is currently the primary mandate or focus of internal audit. More than 500 chief audit executives (CAEs) and audit committee members participated in the survey.

“The clear message from the survey is that internal audit functions need to stop thinking about themselves as compliance specialists and start taking on a much larger, more strategic role within the organization,” Ernst & Young LLP internal audit leader Brian Schwartz said in a news release. “IA is increasingly being asked by senior management and the board to provide broader business insights and better anticipate traditional and emerging risks, even as they maintain their focus on non-negotiable compliance activities.”

New risks

As strategic opportunities emerge, internal auditors also are adjusting to new compliance duties, according to the survey. Globalization has resulted in increased revenue from emerging markets for many companies, so new regulatory, cultural, tax, and talent risks are emerging.

Internal audit will play a more prominent role in evaluating these risks, according to the survey report. Although slightly more than one-fourth (27%) of respondents are heavily involved in identifying, assessing, and monitoring emerging risks now, 54% expect to be heavily involved in the next two years.

The biggest primary risks that respondents said their organizations are tracking are:

  • Economic stability (54%).
  • Cybersecurity (52%).
  • Major shifts in technology (48%).
  • Strategic transactions in global locations (44%).
  • Data privacy regulations (39%).


Survey respondents said the skills most often found to be lacking in internal audit functions are:

  • Data analytics;
  • Business strategy;
  • Deep industry experience;
  • Risk management; and
  • Fraud prevention and detection.


“As corporate leaders demand a greater measure of strategy and insight from their internal audit functions, CAEs will need to move quickly to close competency gaps and ensure that they have the right people in the right place, at the right time.” Schwartz said. “If they fail to meet organizational expectations, they risk being left behind or consigned to more transactional compliance activities.”

Ken Tysiac ( ktysiac@aicpa.org ) is a JofA senior editor.

SPONSORED REPORT

Time to prepare for overtime changes

As an employer, trusted business adviser, or HR professional, you will need to be aware of exemption guidance, record requirements, advice for clients, and typical problems in applying overtime pay.

QUIZ

News quiz: Good news on pay and benefits for accountants

CPAs can find much to like in recent reports, including news that their expertise and skills are in such demand that pay is expected to rise and that their employers value professional certifications.

CHECKLIST

Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.