Internal Auditors Finding New Ways to Add Value in Expanded Role
by Terri Eyden on
By Frank Byrt
Chief audit executives (CAEs) are working to expand their roles within their organizations, moving from their traditional focus on compliance to include suggesting ways to improve processes and providing insights that influence strategy, according to a Grant Thornton LLP survey.
"CAEs, who have a wealth of knowledge about their organizations, are in a really good position to continue down the path of value creation," said Warren Stippich, CPA, partner and National Governance, Risk and Compliance Solution Leader at Grant Thornton, in a March 18 press release summarizing the survey. "But, it's not without its challenges - it requires using technology, being smarter about audit approaches, and getting more involved, both at the business unit or process level and the strategic thinking level."
The 2013 survey of 330 CAEs was aimed at discovering how internal auditors are adjusting to the evolving expectations of their role. "Perhaps one of the biggest challenges for audit executives is the ongoing quest to rebalance traditional internal audit activities and methods, while becoming more strategic in mind-set and strategic in approach," according to the survey report, Today's Chief Audit Executive: Continuing on a Path to Value Creation.
Although CAEs would like to find growing acceptance as strategic partners, CAEs said their departments face challenges in achieving that status. They cited budget constraints (58 percent), talent limitations (51 percent), and image problems (51 percent) as barriers that impede the internal audit department from delivering greater insights and strategic value.
When asked to rank a number of risk areas based on their potential to impact growth, CAEs cited:
- Execution of strategy
- Emerging technologies
- Data privacy and security
- Third parties/vendors
- Supply chain
- Business community
"These are all cutting-edge areas that CAEs should be focused on," Stippich told AccountingWEB in an interview.
Use of Technology and Data Analytics
Internal audit departments remain slow to maximize technology to gain efficiencies:
- More than three-quarters (77 percent) said they're not using governance, risk management, and compliance (GRC) software or an internal audit-specific tool. This is only a slight increase from last year's 79 percent.
Although respondents have yet to fully embrace GRC technology, the use of data analytics and business intelligence tools has more than doubled since last year's survey, with 66 percent of respondents saying they're taking advantage of this tool:
- 38 percent use it for forensic analysis, 32 percent for performance measurement, and 15 percent for predictive analytics.
"Our survey suggests that CAEs believe their departments have the ability to deliver the most value when they're helping to mitigate risks, identify improvement opportunities, and strengthen corporate governance," Grant Thornton said in the report.
According to Stippich, increasing the value of an auditor is even more compelling for small and midsized firms, including those with outside auditors. That's because, with the right suggestions, it's possible to create a greater impact on a small company than a huge one. "The smaller the company, the easier it is for an auditor or tax preparer to contribute value, simply because the level of sophistication of the clients is a little less."
Regardless of organization size, two areas worth focusing on are cybersecurity and fraud risk assessment.
Nevertheless, compliance-related activities remain the primary focus of the audit plan. More than half of respondents (56 percent) said between 1 and 25 percent of their audit plan is focused on regulatory compliance. Nearly one-quarter (24 percent) said 26 to 50 percent of the audit plan is focused on compliance, while 16 percent said compliance activities account for 51 percent or more of their audit plan.
However, 51 percent reported they've yet to adopt a "one-to-many" approach to streamline compliance testing, whereby they test once but comply multiple times with various regulatory standards or other mandates. This statistic highlights that there's substantial room for improvement when it comes to leveraging control testing requirements for maximum benefit.
You may like these other stories...
IRS must take oath on Lerner emails: judgeMackenzie Weinger of Politico reported on Thursday that a federal judge ordered the IRS to explain under oath how it lost emails connected to Lois Lerner, the ex-IRS official at the...
Credit Suisse says pension assets at risk unless court delays sentencingJohn Letzing of the Wall Street Journal reported on Wednesday that Credit Suisse Group AG says its management of billions of dollars in assets for...
The prospect of International Financial Reporting Standards (IFRS) being fully adopted in the United States in the near future are growing less likely, as the Financial Accounting Standards Board (FASB) and the International...
Upcoming CPE Webinars
Hand off work to others with finesse and success. Kristen Rampe, CPA will share how to ensure delegated work is properly handled from start to finish in this content-rich one hour webinar.
FRF for SMEs Series--Statement of Cash Flows, Subsequent Events, Related Party Issues, Accounting for Investments including Consolidations, Part 4A
This webcast will cover the preparation of the statement of cash flows and focus on accounting and disclosure policies for other important issues described below.
We can’t deny a great divide exists between the expectations and workplace needs of Baby Boomers and Millennials. To create thriving organizational performance, we need to shift the way in which we groom future leaders.
In this presentation Excel expert David Ringstrom, CPA revisits the Excel feature you should be using, but probably aren't. The Table feature offers the ability to both boost the integrity of your spreadsheets, but reduce maintenance as well.