Internal audit may need a makeover

By Ken Tysiac

Many internal audit functions will need to undergo a fundamental shift in the coming years to keep pace with changes at their organizations, according to a new survey report.

Just 11% of chief audit executives (CAEs) participating in PwC’s 2015 State of the Internal Audit Profession Study say their current internal audit function is providing value-added services and proactive advice for the business. But 60% of CAEs believe they need to be providing such services and advice within the next five years.

Meanwhile, more than 45% of internal audit stakeholders expect internal audit to move from its traditional role of providing assurance to a more proactive advisory role within the next five years.

In many cases, internal audit will be undergoing a makeover along with the rest of the business. Nearly 70% of organizations participating in the survey have gone through or are in the process of a business transformation in response to market shifts. An additional 12% plan such a transformation in the next 18 to 24 months.

The most common transformation initiatives can include cost reductions and implementation of privacy and security controls. Such changes may present organizations—and internal audit—with new risks.

“As companies undergo significant change to their operations and models, internal audit functions should be at the forefront of where the company is going, not where it’s been,” Jason Pett, CPA, PwC’s internal audit services leader, said in a news release. “As companies evolve and transform, senior management and boards are looking for internal audit functions to be actively involved in business imperatives and offer proactive perspectives on all business risks.”

Four key actions can keep internal audit moving in the right direction, according to the report, which suggests that internal audit should:

  • Focus on the right risks at the optimal time in the process.
  • Develop the talent and business acumen to be relevant and offer valuable insight.
  • Strengthen alignment with enterprise risk management and other lines of defense.
  • Harness the power of data throughout the audit life cycle to provide better insights into the business.

To meet the need for talent in certain areas, 71% of CAEs either outsource or plan to outsource at least some of their specialized IT needs. And many CAEs plan to increase the use of data analytics to assist them in duties such as fraud monitoring, compliance monitoring of operational controls, and risk analytics.

Ken Tysiac ( ) is a JofA editorial director.


Year-end tax planning and what’s new for 2016

Practitioners need to consider several tax planning opportunities to review with their clients before the end of the year. This report offers strategies for individuals and businesses, as well as recent federal tax law changes affecting this year’s tax returns.


News quiz: Retirement planning, tax practice, and fraud risk

Recent reports focused on a survey that gauges the worries about retirement among CPA financial planners’ clients, a suit that affects tax practitioners, and a guide that offers advice on fraud risk. See how much you know with this short quiz.


Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.