Assessing the maturity of an internal audit department helps stakeholders determine strategies to improve its performance and reliability, according to the Institute of Internal Auditors Research Foundation’s new report, Benchmarking Internal Audit Maturity: A High-Level Look at Audit Planning and Processes Worldwide.
The report examines key indicators of maturity, based on data and survey responses from more than 14,000 respondents in 166 countries, about a quarter of whom were chief audit executives (CAEs) and almost half were department staffers.
Here’s a snapshot of survey findings by maturity indicator.
1. Internal audit is almost fully aligned with the organization’s strategic plan and is flexible to change. More than half (55 percent) of CAEs said their department is almost or fully aligned. Alignment helps ensure synergy with the entire organization. The older the department, the greater the likelihood that is it almost completely aligned.
2. Internal audit relies on holistic risk assessment to understand the organization at micro and macro levels. The term “holistic assessment” means it is done comprehensively, compared to a “focused” assessment of risks one at a time. The former is what indicates maturity.
Globally, 71 percent of CAEs said they use comprehensive risk assessment, which is needed because of the complexity of the current business environment. A comprehensive approach allows a broader view of risks and lessens the chance of missing risks if a focused assessment is used.