How internal audit can make better use of technology

By Ken Tysiac

A constantly expanding set of technological tools presents rapidly increasing opportunities for internal auditors to provide value to their organizations.

While internal auditors have increased their use of these tools over the past nine years, many of them are not taking full advantage of the opportunities presented by technology, according to a new survey report.

Just 38% of chief audit executives (CAEs) say their organizations are using technology at an “appropriate” level or higher, according to the 2015 Global Internal Audit Common Body of Knowledge survey report from The Institute of Internal Auditors Research Foundation.

Nearly one-fourth (23%) of CAEs said their organizations rely primarily on manual systems and processes in internal audit. The report reflected the findings of a survey of more than 14,000 internal audit practitioners in 166 countries and territories.

Electronic workpapers are internal audit’s most commonly used IT tool worldwide, with 72% of respondents reporting at least moderate use. Other common technological tools for IT include:

  • A software tool for data mining (53% report at least moderate use).
  • An automated tool for data analytics (53%).
  • An automated tool to monitor and track audit remediation and follow-up (52%).
  • Flowchart or process-mapping software (52%).

Use of many of these tools has increased in recent years. Respondents reporting at least moderate use of software or tools for data mining are up 14 percentage points from 39% in 2006. Also up from 2006 are those reporting at least moderate use of flowchart or process-mapping software (up 9 percentage points from 43%); electronic workpapers (up 7 percentage points from 65%); and continuous real-time auditing (up 7 percentage points from 37%).

To take advantage of these tools properly and stay a step ahead, the report suggests that internal auditors consider:

  • What new technology-based applications their organizations are using and whether internal audit has deployed new technologies of its own to make sure it can effectively audit the new systems.
  • Whether internal audit has enough funding to acquire the technology needed to properly audit the organization’s systems.
  • Whether internal audit possesses sufficient IT technical skills.
  • How internal audit plans to address Big Data, both structured and unstructured, that is important to the organization.
  • Whether there are any organizational applications or processes that take place entirely in the computer—such as the computation of interest charges on loans—and if so, how those processes are audited.
  • What types of software internal audit needs to make audits more efficient and effective.

The full report is available for download.

Ken Tysiac ( is a JofA editorial director.


Year-end tax planning and what’s new for 2016

Practitioners need to consider several tax planning opportunities to review with their clients before the end of the year. This report offers strategies for individuals and businesses, as well as recent federal tax law changes affecting this year’s tax returns.


News quiz: Retirement planning, tax practice, and fraud risk

Recent reports focused on a survey that gauges the worries about retirement among CPA financial planners’ clients, a suit that affects tax practitioners, and a guide that offers advice on fraud risk. See how much you know with this short quiz.


Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.