Think of me as a little bee, flitting from flower to flower, spreading delicate yellow pollen… Wait! If you have ever met me in person, that image won’t work. No one has ever called me ‘little’ unless talking about my brain capacity. I am more like John Belushi’s character on Saturday Night Live, the Killer Bee.
I am a sharer, a disseminator,and a bug-like genetic slave to my professional function as a teacher and author.
Like bees, most auditors stick with their own kind. They stay in either the internal audit garden or the CPA firm garden, reluctant to work with other flowers. But I work with anyone who says they are an auditor because I am a foolish capitalist. I’m foolish because I don’t always succeed. And I’m a capitalist because I’m motivated by my need to pay the rent.
Because of my capitalist tendency, I have worked with just about every type of audit team there is: internal auditors in both Fortune 500 corporations and in government at federal, state, municipal, and county levels. Plus I frequently work with CPA firms that contract as internal auditors, inspector generals, legislative auditors, and folks who call themselves auditors but who are really monitors.
As nervous as I am flying to new flowers, I always find more similarities between flowers than differences. An audit is an audit is an audit. The only differences between audits are the subject matter, the criteria, the level of assurance, and the standards that the auditors follow. Otherwise, we all use similar methodologies to come to our conclusions and opinions.
What’s more is that I learn from every single interaction, and each makes me a better bee.
So what do I see as I flit from flower to flower?
A struggle with the risk assessment process. Anyone claiming to have a perfect risk assessment process is full of it… and I’m not talking about honey!
Big corporations pay top consultants to show them the best risk assessment processes. And being the stinker I am, I can always shoot holes in their processes.
These so-called ‘super methods’ don’t work in the field, or even in the classroom. Some are burdensomely detailed, while others’ vagueness causes audit teams to roam aimlessly, working themselves into a frenzy.
This is, without a doubt, the most important step of the audit, and as a profession we still don’t have it right. But, we can look to the AICPA who has the best available guidance for auditor risk assessment.
Reports give audit teams fits. That is, reports give auditors fits if they care about them. Some audit teams think the audit report is the least significant part of their work. These folks pay their final product little mind.
But internal auditors, who seem to care more about their reports than CPA firms do, sometimes drive themselves and their teammates crazy. They spend as much time on the report as they do on the audit, passing it back and forth, tweaking it, crafting it…often for no more than incremental improvements.
All auditors could benefit from the guidance regarding reporting offered by the GAO’s Yellow Book.
The desire to reduce cycle time. Salaried auditors are neither motivated by profit nor in a big hurry. They are most likely to have broad audit objectives, the ultimate cause of most long, drawn-out, never-ending audits.
Because CPA firms recognize that each project can generate a profit or a loss, these auditors move more speedily.
Regardless of bee type, all leadership prefers their audit teams to complete projects faster. They might look to the GAO who best describes the parameters of an audit project.
True auditor independence is elusive. Internal auditors are employed by their audit victims, and CPA firms get hired and paid by theirs. Some auditors actually report directly to their main audit victim, the Chief Financial Officer, who can squelch their results.
Of all auditors, legislative auditors have the best chance of being truly independent. And staying out of politics may allow them to tell the truth without suffering painful consequences.
The GAO, who is the legislative auditor for the federal government, does the best job with the concept of independence in Chapter 3 of the Yellow Book.
Leadership matters. Getting the technical aspects of an audit right is hard enough. But add to it a weak leader, and you might as instead study for some sort of professional certification, because your audits aren’t useful to anyone. No amount of training or technical competence can overcome a leader who can’t articulate their wants and refuses to direct the team.
Of all the standards, the IIA standards best define the role of the audit executive.
Do you see what I see?
If you could see what I see as I buzz around, you probably would say to yourself, “Oh, that looks familiar. We have an issue with that, too.”
Being a worker bee is hard and lonely. All professionals should have bee friends from other hives with whom they can share ideas, tools, and dilemmas.
The IIA’s motto “Progress Through Sharing” encourages audit bees to open their little wings and fly. And if you aren’t into sharing (maybe because you don’t want your competitors to get a leg up — CPAs, I’m talking to you!), attending conferences with like-minded bees can open your eyes to their latest struggles.
Belushi says in this video:
I’m a king bee baby, want you to be my queen.
Together we can make honey baby, the world has never seen.
Buzz, buzz! Baby.