Wanted: A flexible approach to internal audit planning

By Ken Tysiac

Internal auditors may need to change their approach to audit planning to keep up with unexpected and fast-paced changes in risks, a new global survey shows.

Most internal audit departments are not flexible in adapting their audit plans to handle rapidly changing risks, according to the Institute of Internal Auditors (IIA) 2015 Global Pulse of Internal Audit survey. More than 3,344 chief audit executives (CAEs) participated in the global survey.

Just 16% of CAEs reported that their organization has a highly flexible audit plan that matches the organization’s changing risk profile. Almost one-fourth (24%) of CAEs said their organization has a formal enterprise risk management process with a chief risk officer or equivalent, and almost half (47%) said their risk management processes are informal, developing, or nonexistent.

Many internal auditors encounter barriers to important resources, as just 54% of CAEs said internal audit at their organization has complete and unrestricted access to employee records and property for their work.

The report concludes that:

  • CAEs need to understand emerging risks quickly, frequently revise their audit plans in response to new information, and effectively communicate these changes to key stakeholders.
  • Internal audit needs to have a broad view of risks, working closely with other risk functions in defining, assessing, and providing assurance over risks.
  • Many CAEs have an opportunity to contribute their expertise and insight in support of integrated and sustainability reporting. Internal audit can provide assurance to increase the credibility of integrated reporting, and can bring value by communicating the impact of sustainability on business processes, according to the report.
  • To successfully navigate political pressures, CAEs need to optimize their reporting lines, consider the impact their choices have on their objectivity when performing internal audit activities, and insist on access to the information they need.

Ken Tysiac ( ktysiac@aicpa.org ) is a JofA editorial director.


Year-end tax planning and what’s new for 2016

Practitioners need to consider several tax planning opportunities to review with their clients before the end of the year. This report offers strategies for individuals and businesses, as well as recent federal tax law changes affecting this year’s tax returns.


News quiz: Retirement planning, tax practice, and fraud risk

Recent reports focused on a survey that gauges the worries about retirement among CPA financial planners’ clients, a suit that affects tax practitioners, and a guide that offers advice on fraud risk. See how much you know with this short quiz.


Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.