Ol 600 Massive Success / snaptutorial.comReynolds019
OL 600 Milestone One Guidelines and Rubric
In today’s global economy, both small and large multinational organizations and government entities are experiencing formidable changes in the business
environment that demands strategic management of the talent within the organization. Strategic leadership of human resources is not solely a human resources
departmental function; all organizational leaders must understand how the company’s most competitive advantage, its people, provides creative solutions to
sustain and grow the business.
This document provides an overview of Corporate Integrity Agreements (CIAs) imposed by the Department of Health and Human Services Office of Inspector General (OIG). It discusses the evolving responsibilities of boards of directors and executives under CIAs, as well as the increasing use of outside experts like Independent Review Organizations and Compliance Experts. CIAs now routinely require certifications from boards, CEOs, and other executives to ensure accountability for compliance. Selecting qualified outside experts is important, as OIG relies on their reviews and reports.
This document summarizes the key findings of a survey conducted by KPMG on monitoring and evaluation practices in the development sector. Some of the main findings include:
1) There is no clear consensus on terminology or approaches to monitoring and evaluation among organizations. This can create issues with lack of clarity.
2) While sophisticated evaluation models and techniques exist, the most commonly used techniques are quite basic, such as logical frameworks and performance indicators.
3) There is a need for stronger feedback loops to better synthesize lessons learned and ensure they are acted upon in a timely manner. Many evaluations are produced but not acted upon.
4) The adoption of new technologies for data collection and analysis is lagging,
The document discusses the status and future of competitive intelligence (CI) in the Asia region. It summarizes the results of a survey of 50 regional pharma stakeholders on CI. The survey found that while most companies have centralized CI functions in the US and EU, the Asia region would benefit from more localized CI resources and tools. Budgets and headcount for CI are also generally lower in Asia. Going forward, the document suggests CI in Asia will need to provide insights beyond just supporting brands to areas like corporate strategies and portfolios. Regional CI functions may evolve from just monitoring competitors to helping inform more strategic decisions across a company's lifecycle and value chain in the complex Asia markets.
Recognizing Labor Pool Challenges - Driving Knowledge Across the Employee Li...rps_inkhouse_1
Most organizations operating in today’s job market face challenges associated with baby boomer retirement and employee turnover. Those challenges include the retention and maintenance of critical job knowledge and the effectiveness of subsequent hiring efforts with a labor pool formed by a growing number of millennials.
How do organizations navigate today’s labor market while ensuring that a knowledge vacuum isn’t created in the process?
Based on recent research completed with more than 225 learning organizations, this session will share the strategies and best practices learning leaders have adopted for managing the talent pipeline through all phases of the employee lifecycle: pre-employment development, onboarding, knowledge capture and knowledge transfer.
Presentation by Tracy Cox, Director, Applied Strategies and Ken Taylor, President, Training Industry
This document discusses the key responsibilities of boards of directors in developing and overseeing organizational strategy, business models, and risk management. It outlines four main steps in strategic development: defining corporate strategy, developing and testing business models, identifying key performance indicators, and identifying and mitigating risks. The document provides details on how boards should evaluate each of these areas to ensure management appropriately builds and protects shareholder value.
The document summarizes a webinar on assessing compliance programs. It discusses why organizations conduct periodic assessments of their compliance programs, including regulator expectations, stakeholder expectations, and identifying risks and gaps. It also covers preparing for an assessment, including establishing goals and scope, collecting data through document reviews, surveys, interviews and focus groups. Finally, it discusses analyzing the data, reporting findings and recommendations, and generating an action plan to address recommendations. The overall purpose is to evaluate program effectiveness and identify areas for improvement.
Ol 600 Massive Success / snaptutorial.comReynolds019
OL 600 Milestone One Guidelines and Rubric
In today’s global economy, both small and large multinational organizations and government entities are experiencing formidable changes in the business
environment that demands strategic management of the talent within the organization. Strategic leadership of human resources is not solely a human resources
departmental function; all organizational leaders must understand how the company’s most competitive advantage, its people, provides creative solutions to
sustain and grow the business.
This document provides an overview of Corporate Integrity Agreements (CIAs) imposed by the Department of Health and Human Services Office of Inspector General (OIG). It discusses the evolving responsibilities of boards of directors and executives under CIAs, as well as the increasing use of outside experts like Independent Review Organizations and Compliance Experts. CIAs now routinely require certifications from boards, CEOs, and other executives to ensure accountability for compliance. Selecting qualified outside experts is important, as OIG relies on their reviews and reports.
This document summarizes the key findings of a survey conducted by KPMG on monitoring and evaluation practices in the development sector. Some of the main findings include:
1) There is no clear consensus on terminology or approaches to monitoring and evaluation among organizations. This can create issues with lack of clarity.
2) While sophisticated evaluation models and techniques exist, the most commonly used techniques are quite basic, such as logical frameworks and performance indicators.
3) There is a need for stronger feedback loops to better synthesize lessons learned and ensure they are acted upon in a timely manner. Many evaluations are produced but not acted upon.
4) The adoption of new technologies for data collection and analysis is lagging,
The document discusses the status and future of competitive intelligence (CI) in the Asia region. It summarizes the results of a survey of 50 regional pharma stakeholders on CI. The survey found that while most companies have centralized CI functions in the US and EU, the Asia region would benefit from more localized CI resources and tools. Budgets and headcount for CI are also generally lower in Asia. Going forward, the document suggests CI in Asia will need to provide insights beyond just supporting brands to areas like corporate strategies and portfolios. Regional CI functions may evolve from just monitoring competitors to helping inform more strategic decisions across a company's lifecycle and value chain in the complex Asia markets.
Recognizing Labor Pool Challenges - Driving Knowledge Across the Employee Li...rps_inkhouse_1
Most organizations operating in today’s job market face challenges associated with baby boomer retirement and employee turnover. Those challenges include the retention and maintenance of critical job knowledge and the effectiveness of subsequent hiring efforts with a labor pool formed by a growing number of millennials.
How do organizations navigate today’s labor market while ensuring that a knowledge vacuum isn’t created in the process?
Based on recent research completed with more than 225 learning organizations, this session will share the strategies and best practices learning leaders have adopted for managing the talent pipeline through all phases of the employee lifecycle: pre-employment development, onboarding, knowledge capture and knowledge transfer.
Presentation by Tracy Cox, Director, Applied Strategies and Ken Taylor, President, Training Industry
This document discusses the key responsibilities of boards of directors in developing and overseeing organizational strategy, business models, and risk management. It outlines four main steps in strategic development: defining corporate strategy, developing and testing business models, identifying key performance indicators, and identifying and mitigating risks. The document provides details on how boards should evaluate each of these areas to ensure management appropriately builds and protects shareholder value.
The document summarizes a webinar on assessing compliance programs. It discusses why organizations conduct periodic assessments of their compliance programs, including regulator expectations, stakeholder expectations, and identifying risks and gaps. It also covers preparing for an assessment, including establishing goals and scope, collecting data through document reviews, surveys, interviews and focus groups. Finally, it discusses analyzing the data, reporting findings and recommendations, and generating an action plan to address recommendations. The overall purpose is to evaluate program effectiveness and identify areas for improvement.
The document discusses green auditing, including planning, areas of concern, reporting, and implementation. It provides an overview of the necessity of green audits and differences between internal/external audits. Key aspects of audit planning discussed are engagement circumstances, risks, intended users, and standards like AA1000. Areas of concern addressed include regulations, waste management, and supply chain risks. Reporting guidelines from India, GRI, and benefits of reporting are covered. Implementation is shown to involve deciding to report, identifying impacts and audiences, and assuring and publishing the final report.
The document discusses green audit planning and reporting. It covers the necessity of green audits, audit planning considerations like engagement risks and intended users, areas of concern to audit like safety and waste management, and reporting guidelines. Reporting provides benefits like better performance measurement, stakeholder trust, and strategic advantages. In India, reporting is voluntary though the Companies Act requires some environmental reporting. Most large Indian companies follow Global Reporting Initiative guidelines in their sustainability reports.
The document discusses the launch of the IIA Bombay Research Foundation, which aims to conduct surveys and publish research reports on issues facing the internal audit profession. It presents findings from a survey of 30 Chief Audit Executives on how the internal audit function can add value in uncertain economic times. Respondents agreed that focusing on key risks, compliance, engagement and continuous monitoring were important. The document also discusses factors that differentiate effective versus ineffective internal audit functions and new risks that should be addressed, such as costs, fraud, compliance and resilience. It proposes metrics for measuring the impact of internal audit and perspectives on building a world class internal audit function focused on strategic and execution risks.
The importance of value for money and perfomance based auditspaul young cpa, cga
This document discusses the importance of internal audit and performance-based auditing. It provides an overview of internal auditing, why organizations should implement it, and how it relates to risk management. Performance-based auditing assesses whether control frameworks are achieving organizational goals in an efficient and effective manner. The document also discusses how any organization can set up internal audit and controls through triggers, performance measurements, and automation tools. Key success factors include stakeholder involvement, continuous review, deploying the right tools, education, and acting on audit findings.
Performance audit has a long story in many countries to oversee the programme or activity carried out by the public agencies to manage the resource in an efficient and economical manner and the programme are carried out effectively and managed to give a positive impact to the target group. In Malaysia, performance audit has started way back since the 1990’s but the approach at that time whereby certain criteria and aspects are not complicated as compared to this day. Performance audit from time to time are also affected by the government policy and the development of the ICT.
This document summarizes the findings of Bain & Company's 15th annual Management Tools & Trends survey. It received responses from over 1,000 executives from over 70 countries. The survey tracks the use and effectiveness of 25 popular management tools. It found that customer relationship management remains the most widely used tool, while big data analytics was the most satisfying. It also identified trends in management priorities and tools, such as a focus on revenue growth, increased innovation, and a split between regions in their tool preferences.
This document summarizes the findings of Bain & Company's 15th annual Management Tools & Trends survey. It received responses from over 1,000 executives from over 70 countries. The survey tracks the use and effectiveness of 25 popular management tools. It found that customer relationship management remains the most widely used tool, while big data analytics was the most satisfying. It also revealed that executives are focused on revenue growth and innovation to capitalize on an improving economic outlook, though challenges around disruption and technology changes remain. Regional differences in tool preferences and economic optimism were also observed.
The role of Operational and Performance-based Auditing on Government and the ...paul young cpa, cga
Many companies and various levels of government have internal audit departments. The problem many times with audits is the lack of resources. Analytics can play a bigger role in terms of expanding audits.
Effects Of Internal Audit Practices On Financial...Alison Reed
The document discusses the objectives and scope of an internal audit research proposal on the effects of internal audit practices on the financial performance of commercial banks in Kenya. It includes an introduction, literature review, research methodology, and plans for analyzing findings to determine how internal audit can improve bank operations and financial reporting. The proposal was submitted to the Technical University of Mombasa for examination and approval by university supervisors.
Is Internal Audit the Next Blackberry Part 1 ACCA IA Bulletin Dec 2016Tim Leech
- The internal audit profession is facing growing customer dissatisfaction with traditional audit methods that focus on assessing controls rather than risk management processes. Regulators have called for internal audit to focus more on evaluating risk management, but most internal audits still assess controls.
- Surveys find high levels of customer dissatisfaction, with over 30% of board members and executives unhappy with internal audit. Competitors see an opportunity to exploit this dissatisfaction.
- The profession risks "paradigm paralysis" - an inability to change outdated models of thinking. History shows professions can become irrelevant if they do not adapt to changing needs. Internal audit may become the next Blackberry if it does not reinvent itself.
Reinventing Internal Audit Final April 2015Tim Leech
The document discusses how recent regulatory developments are requiring the internal audit profession to rethink its traditional paradigms and approaches. Specifically, the Financial Stability Board (FSB) has issued guidance calling for internal audit to assess an organization's entire risk appetite framework and the reliability of senior management's enterprise risk status reports to the board, rather than just providing point-in-time opinions on control effectiveness for a small subset of risks. This paradigm shift is in response to increased expectations for boards and management to oversee risk management. However, the document notes that internal audit will need to significantly reinvent itself, including developing new competencies, in order to satisfy evolving demands and maintain its relevance.
Reinventing Internal Audit Final April 2015Tim Leech
The document discusses how recent governance developments are requiring the internal auditing profession to revisit some of its long-held paradigms and practices. It outlines several paradigms that internal auditing has traditionally followed, such as point-in-time audits and direct-report engagements. It then discusses key global developments like the creation of the Financial Stability Board that are shifting expectations for boards, management, and internal auditing. The FSB guidance calls for internal audit to assess the reliability of an organization's entire risk appetite framework and risk reporting. This represents a fundamental change from traditional internal audit practices and paradigms.
This document discusses internal controls over financial reporting (ICFR) and the COSO 2013 framework. It notes that ICFR deficiencies continue to be a frequent audit finding for the PCAOB. The document then provides examples of how the 17 principles within the 5 COSO components could be applied through specific controls related to areas like governance, the control environment, management structure and hiring practices. The controls are meant to illustrate how the COSO framework addresses ICFR. It aims to help improve existing controls or implement a more robust control system.
A brief Introduction to ISO 9001 2015-Quality Management SystemSARWAR SALAM
Introduction to Quality Management System ISO 9001-2015 as outlined in EDC Romfor's IMS. Preparation, role and resposibility allocation for Audit purposes.
This document discusses performance management for internal audit departments. It provides leading practices for selecting performance metrics, using a balanced scorecard approach, and conducting quality assessments. Key recommendations include identifying metrics linked to the internal audit mission, selecting top metrics by category, and ensuring management understands the balanced scorecard methodology. Quality assessments should be ongoing and examine areas like compliance with auditing standards. The document is intended to help chief audit executives evaluate and improve their internal audit performance.
1) Internal audit plays an important role in providing assurance that organizations are well-positioned to address complex risks in today's dynamic business environment.
2) Organizations face a variety of complex risks including cyber threats, increased regulation, reputation harm, technological changes, and global economic volatility.
3) To be effective, internal audit must go beyond basic assurance work and become a trusted advisor by developing strong communication, integrating diverse skills and expertise, acting with integrity, and taking a strategic, future-focused approach aligned with the organization's goals.
State of Internal Audit Profession - 2015 - PWCErik Lundberg
The document summarizes the key findings of PwC's 2015 survey on the state of the internal audit profession. It finds that external factors like regulations, competition, and changing customer behaviors are driving significant and rapid transformation across many industries. Companies are undergoing major changes to their business models and operations to respond to these challenges and opportunities. This level of disruption and transformation is taking place in uncharted territory and significantly altering companies' risk landscapes. The survey suggests internal audit functions will need to evolve to maintain their relevance by focusing on emerging risks, developing new skills, and closely aligning with the business in this shifting environment.
This document summarizes the key findings of a 2015 study on global benefits governance and operations conducted by Aon Hewitt and the American Benefits Institute of over 200 multinational companies. The study found that while companies wanted to improve benefits governance over the past three years, effectiveness has not increased as much as hoped. Specifically, execution of risk management strategies and obtaining accurate benefits data continue to be challenges. However, the number of "best practice" companies with formal governance protocols increased. Moving forward, the study recommends companies clearly define objectives and implement disciplined governance protocols to better manage benefits costs and risks.
Internal controls maturity and SME corporate governananceBrowne & Mohan
Good Corporate governance is a key factor in ensuring sound financial reporting and deterring misappropriations of capital and resources. Internal control and corporate governance go hand in hand. Many SME
have an ambitious goal of reaching a
reliable, continuous and integrated internal
control state. However, many SME’s are
still grappling to build a comprehensive
control process. In this paper, we present an
internal maturity framework that SME can use to benchmark and know how they can discourage frauds, improve compliance and adoption of standards.
Codeless Generative AI Pipelines
(GenAI with Milvus)
https://ml.dssconf.pl/user.html#!/lecture/DSSML24-041a/rate
Discover the potential of real-time streaming in the context of GenAI as we delve into the intricacies of Apache NiFi and its capabilities. Learn how this tool can significantly simplify the data engineering workflow for GenAI applications, allowing you to focus on the creative aspects rather than the technical complexities. I will guide you through practical examples and use cases, showing the impact of automation on prompt building. From data ingestion to transformation and delivery, witness how Apache NiFi streamlines the entire pipeline, ensuring a smooth and hassle-free experience.
Timothy Spann
https://www.youtube.com/@FLaNK-Stack
https://medium.com/@tspann
https://www.datainmotion.dev/
milvus, unstructured data, vector database, zilliz, cloud, vectors, python, deep learning, generative ai, genai, nifi, kafka, flink, streaming, iot, edge
More Related Content
Similar to 2015_GKB Driving Success in a Changing World_10 Imperatives for Internal Audit
The document discusses green auditing, including planning, areas of concern, reporting, and implementation. It provides an overview of the necessity of green audits and differences between internal/external audits. Key aspects of audit planning discussed are engagement circumstances, risks, intended users, and standards like AA1000. Areas of concern addressed include regulations, waste management, and supply chain risks. Reporting guidelines from India, GRI, and benefits of reporting are covered. Implementation is shown to involve deciding to report, identifying impacts and audiences, and assuring and publishing the final report.
The document discusses green audit planning and reporting. It covers the necessity of green audits, audit planning considerations like engagement risks and intended users, areas of concern to audit like safety and waste management, and reporting guidelines. Reporting provides benefits like better performance measurement, stakeholder trust, and strategic advantages. In India, reporting is voluntary though the Companies Act requires some environmental reporting. Most large Indian companies follow Global Reporting Initiative guidelines in their sustainability reports.
The document discusses the launch of the IIA Bombay Research Foundation, which aims to conduct surveys and publish research reports on issues facing the internal audit profession. It presents findings from a survey of 30 Chief Audit Executives on how the internal audit function can add value in uncertain economic times. Respondents agreed that focusing on key risks, compliance, engagement and continuous monitoring were important. The document also discusses factors that differentiate effective versus ineffective internal audit functions and new risks that should be addressed, such as costs, fraud, compliance and resilience. It proposes metrics for measuring the impact of internal audit and perspectives on building a world class internal audit function focused on strategic and execution risks.
The importance of value for money and perfomance based auditspaul young cpa, cga
This document discusses the importance of internal audit and performance-based auditing. It provides an overview of internal auditing, why organizations should implement it, and how it relates to risk management. Performance-based auditing assesses whether control frameworks are achieving organizational goals in an efficient and effective manner. The document also discusses how any organization can set up internal audit and controls through triggers, performance measurements, and automation tools. Key success factors include stakeholder involvement, continuous review, deploying the right tools, education, and acting on audit findings.
Performance audit has a long story in many countries to oversee the programme or activity carried out by the public agencies to manage the resource in an efficient and economical manner and the programme are carried out effectively and managed to give a positive impact to the target group. In Malaysia, performance audit has started way back since the 1990’s but the approach at that time whereby certain criteria and aspects are not complicated as compared to this day. Performance audit from time to time are also affected by the government policy and the development of the ICT.
This document summarizes the findings of Bain & Company's 15th annual Management Tools & Trends survey. It received responses from over 1,000 executives from over 70 countries. The survey tracks the use and effectiveness of 25 popular management tools. It found that customer relationship management remains the most widely used tool, while big data analytics was the most satisfying. It also identified trends in management priorities and tools, such as a focus on revenue growth, increased innovation, and a split between regions in their tool preferences.
This document summarizes the findings of Bain & Company's 15th annual Management Tools & Trends survey. It received responses from over 1,000 executives from over 70 countries. The survey tracks the use and effectiveness of 25 popular management tools. It found that customer relationship management remains the most widely used tool, while big data analytics was the most satisfying. It also revealed that executives are focused on revenue growth and innovation to capitalize on an improving economic outlook, though challenges around disruption and technology changes remain. Regional differences in tool preferences and economic optimism were also observed.
The role of Operational and Performance-based Auditing on Government and the ...paul young cpa, cga
Many companies and various levels of government have internal audit departments. The problem many times with audits is the lack of resources. Analytics can play a bigger role in terms of expanding audits.
Effects Of Internal Audit Practices On Financial...Alison Reed
The document discusses the objectives and scope of an internal audit research proposal on the effects of internal audit practices on the financial performance of commercial banks in Kenya. It includes an introduction, literature review, research methodology, and plans for analyzing findings to determine how internal audit can improve bank operations and financial reporting. The proposal was submitted to the Technical University of Mombasa for examination and approval by university supervisors.
Is Internal Audit the Next Blackberry Part 1 ACCA IA Bulletin Dec 2016Tim Leech
- The internal audit profession is facing growing customer dissatisfaction with traditional audit methods that focus on assessing controls rather than risk management processes. Regulators have called for internal audit to focus more on evaluating risk management, but most internal audits still assess controls.
- Surveys find high levels of customer dissatisfaction, with over 30% of board members and executives unhappy with internal audit. Competitors see an opportunity to exploit this dissatisfaction.
- The profession risks "paradigm paralysis" - an inability to change outdated models of thinking. History shows professions can become irrelevant if they do not adapt to changing needs. Internal audit may become the next Blackberry if it does not reinvent itself.
Reinventing Internal Audit Final April 2015Tim Leech
The document discusses how recent regulatory developments are requiring the internal audit profession to rethink its traditional paradigms and approaches. Specifically, the Financial Stability Board (FSB) has issued guidance calling for internal audit to assess an organization's entire risk appetite framework and the reliability of senior management's enterprise risk status reports to the board, rather than just providing point-in-time opinions on control effectiveness for a small subset of risks. This paradigm shift is in response to increased expectations for boards and management to oversee risk management. However, the document notes that internal audit will need to significantly reinvent itself, including developing new competencies, in order to satisfy evolving demands and maintain its relevance.
Reinventing Internal Audit Final April 2015Tim Leech
The document discusses how recent governance developments are requiring the internal auditing profession to revisit some of its long-held paradigms and practices. It outlines several paradigms that internal auditing has traditionally followed, such as point-in-time audits and direct-report engagements. It then discusses key global developments like the creation of the Financial Stability Board that are shifting expectations for boards, management, and internal auditing. The FSB guidance calls for internal audit to assess the reliability of an organization's entire risk appetite framework and risk reporting. This represents a fundamental change from traditional internal audit practices and paradigms.
This document discusses internal controls over financial reporting (ICFR) and the COSO 2013 framework. It notes that ICFR deficiencies continue to be a frequent audit finding for the PCAOB. The document then provides examples of how the 17 principles within the 5 COSO components could be applied through specific controls related to areas like governance, the control environment, management structure and hiring practices. The controls are meant to illustrate how the COSO framework addresses ICFR. It aims to help improve existing controls or implement a more robust control system.
A brief Introduction to ISO 9001 2015-Quality Management SystemSARWAR SALAM
Introduction to Quality Management System ISO 9001-2015 as outlined in EDC Romfor's IMS. Preparation, role and resposibility allocation for Audit purposes.
This document discusses performance management for internal audit departments. It provides leading practices for selecting performance metrics, using a balanced scorecard approach, and conducting quality assessments. Key recommendations include identifying metrics linked to the internal audit mission, selecting top metrics by category, and ensuring management understands the balanced scorecard methodology. Quality assessments should be ongoing and examine areas like compliance with auditing standards. The document is intended to help chief audit executives evaluate and improve their internal audit performance.
1) Internal audit plays an important role in providing assurance that organizations are well-positioned to address complex risks in today's dynamic business environment.
2) Organizations face a variety of complex risks including cyber threats, increased regulation, reputation harm, technological changes, and global economic volatility.
3) To be effective, internal audit must go beyond basic assurance work and become a trusted advisor by developing strong communication, integrating diverse skills and expertise, acting with integrity, and taking a strategic, future-focused approach aligned with the organization's goals.
State of Internal Audit Profession - 2015 - PWCErik Lundberg
The document summarizes the key findings of PwC's 2015 survey on the state of the internal audit profession. It finds that external factors like regulations, competition, and changing customer behaviors are driving significant and rapid transformation across many industries. Companies are undergoing major changes to their business models and operations to respond to these challenges and opportunities. This level of disruption and transformation is taking place in uncharted territory and significantly altering companies' risk landscapes. The survey suggests internal audit functions will need to evolve to maintain their relevance by focusing on emerging risks, developing new skills, and closely aligning with the business in this shifting environment.
This document summarizes the key findings of a 2015 study on global benefits governance and operations conducted by Aon Hewitt and the American Benefits Institute of over 200 multinational companies. The study found that while companies wanted to improve benefits governance over the past three years, effectiveness has not increased as much as hoped. Specifically, execution of risk management strategies and obtaining accurate benefits data continue to be challenges. However, the number of "best practice" companies with formal governance protocols increased. Moving forward, the study recommends companies clearly define objectives and implement disciplined governance protocols to better manage benefits costs and risks.
Internal controls maturity and SME corporate governananceBrowne & Mohan
Good Corporate governance is a key factor in ensuring sound financial reporting and deterring misappropriations of capital and resources. Internal control and corporate governance go hand in hand. Many SME
have an ambitious goal of reaching a
reliable, continuous and integrated internal
control state. However, many SME’s are
still grappling to build a comprehensive
control process. In this paper, we present an
internal maturity framework that SME can use to benchmark and know how they can discourage frauds, improve compliance and adoption of standards.
Similar to 2015_GKB Driving Success in a Changing World_10 Imperatives for Internal Audit (20)
Codeless Generative AI Pipelines
(GenAI with Milvus)
https://ml.dssconf.pl/user.html#!/lecture/DSSML24-041a/rate
Discover the potential of real-time streaming in the context of GenAI as we delve into the intricacies of Apache NiFi and its capabilities. Learn how this tool can significantly simplify the data engineering workflow for GenAI applications, allowing you to focus on the creative aspects rather than the technical complexities. I will guide you through practical examples and use cases, showing the impact of automation on prompt building. From data ingestion to transformation and delivery, witness how Apache NiFi streamlines the entire pipeline, ensuring a smooth and hassle-free experience.
Timothy Spann
https://www.youtube.com/@FLaNK-Stack
https://medium.com/@tspann
https://www.datainmotion.dev/
milvus, unstructured data, vector database, zilliz, cloud, vectors, python, deep learning, generative ai, genai, nifi, kafka, flink, streaming, iot, edge
Analysis insight about a Flyball dog competition team's performanceroli9797
Insight of my analysis about a Flyball dog competition team's last year performance. Find more: https://github.com/rolandnagy-ds/flyball_race_analysis/tree/main
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data LakeWalaa Eldin Moustafa
Dynamic policy enforcement is becoming an increasingly important topic in today’s world where data privacy and compliance is a top priority for companies, individuals, and regulators alike. In these slides, we discuss how LinkedIn implements a powerful dynamic policy enforcement engine, called ViewShift, and integrates it within its data lake. We show the query engine architecture and how catalog implementations can automatically route table resolutions to compliance-enforcing SQL views. Such views have a set of very interesting properties: (1) They are auto-generated from declarative data annotations. (2) They respect user-level consent and preferences (3) They are context-aware, encoding a different set of transformations for different use cases (4) They are portable; while the SQL logic is only implemented in one SQL dialect, it is accessible in all engines.
#SQL #Views #Privacy #Compliance #DataLake
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...Social Samosa
The Modern Marketing Reckoner (MMR) is a comprehensive resource packed with POVs from 60+ industry leaders on how AI is transforming the 4 key pillars of marketing – product, place, price and promotions.
Open Source Contributions to Postgres: The Basics POSETTE 2024ElizabethGarrettChri
Postgres is the most advanced open-source database in the world and it's supported by a community, not a single company. So how does this work? How does code actually get into Postgres? I recently had a patch submitted and committed and I want to share what I learned in that process. I’ll give you an overview of Postgres versions and how the underlying project codebase functions. I’ll also show you the process for submitting a patch and getting that tested and committed.
The Building Blocks of QuestDB, a Time Series Databasejavier ramirez
Talk Delivered at Valencia Codes Meetup 2024-06.
Traditionally, databases have treated timestamps just as another data type. However, when performing real-time analytics, timestamps should be first class citizens and we need rich time semantics to get the most out of our data. We also need to deal with ever growing datasets while keeping performant, which is as fun as it sounds.
It is no wonder time-series databases are now more popular than ever before. Join me in this session to learn about the internal architecture and building blocks of QuestDB, an open source time-series database designed for speed. We will also review a history of some of the changes we have gone over the past two years to deal with late and unordered data, non-blocking writes, read-replicas, or faster batch ingestion.
The Ipsos - AI - Monitor 2024 Report.pdfSocial Samosa
According to Ipsos AI Monitor's 2024 report, 65% Indians said that products and services using AI have profoundly changed their daily life in the past 3-5 years.
Learn SQL from basic queries to Advance queriesmanishkhaire30
Dive into the world of data analysis with our comprehensive guide on mastering SQL! This presentation offers a practical approach to learning SQL, focusing on real-world applications and hands-on practice. Whether you're a beginner or looking to sharpen your skills, this guide provides the tools you need to extract, analyze, and interpret data effectively.
Key Highlights:
Foundations of SQL: Understand the basics of SQL, including data retrieval, filtering, and aggregation.
Advanced Queries: Learn to craft complex queries to uncover deep insights from your data.
Data Trends and Patterns: Discover how to identify and interpret trends and patterns in your datasets.
Practical Examples: Follow step-by-step examples to apply SQL techniques in real-world scenarios.
Actionable Insights: Gain the skills to derive actionable insights that drive informed decision-making.
Join us on this journey to enhance your data analysis capabilities and unlock the full potential of SQL. Perfect for data enthusiasts, analysts, and anyone eager to harness the power of data!
#DataAnalysis #SQL #LearningSQL #DataInsights #DataScience #Analytics
End-to-end pipeline agility - Berlin Buzzwords 2024Lars Albertsson
We describe how we achieve high change agility in data engineering by eliminating the fear of breaking downstream data pipelines through end-to-end pipeline testing, and by using schema metaprogramming to safely eliminate boilerplate involved in changes that affect whole pipelines.
A quick poll on agility in changing pipelines from end to end indicated a huge span in capabilities. For the question "How long time does it take for all downstream pipelines to be adapted to an upstream change," the median response was 6 months, but some respondents could do it in less than a day. When quantitative data engineering differences between the best and worst are measured, the span is often 100x-1000x, sometimes even more.
A long time ago, we suffered at Spotify from fear of changing pipelines due to not knowing what the impact might be downstream. We made plans for a technical solution to test pipelines end-to-end to mitigate that fear, but the effort failed for cultural reasons. We eventually solved this challenge, but in a different context. In this presentation we will describe how we test full pipelines effectively by manipulating workflow orchestration, which enables us to make changes in pipelines without fear of breaking downstream.
Making schema changes that affect many jobs also involves a lot of toil and boilerplate. Using schema-on-read mitigates some of it, but has drawbacks since it makes it more difficult to detect errors early. We will describe how we have rejected this tradeoff by applying schema metaprogramming, eliminating boilerplate but keeping the protection of static typing, thereby further improving agility to quickly modify data pipelines without fear.
Global Situational Awareness of A.I. and where its headedvikram sood
You can see the future first in San Francisco.
Over the past year, the talk of the town has shifted from $10 billion compute clusters to $100 billion clusters to trillion-dollar clusters. Every six months another zero is added to the boardroom plans. Behind the scenes, there’s a fierce scramble to secure every power contract still available for the rest of the decade, every voltage transformer that can possibly be procured. American big business is gearing up to pour trillions of dollars into a long-unseen mobilization of American industrial might. By the end of the decade, American electricity production will have grown tens of percent; from the shale fields of Pennsylvania to the solar farms of Nevada, hundreds of millions of GPUs will hum.
The AGI race has begun. We are building machines that can think and reason. By 2025/26, these machines will outpace college graduates. By the end of the decade, they will be smarter than you or I; we will have superintelligence, in the true sense of the word. Along the way, national security forces not seen in half a century will be un-leashed, and before long, The Project will be on. If we’re lucky, we’ll be in an all-out race with the CCP; if we’re unlucky, an all-out war.
Everyone is now talking about AI, but few have the faintest glimmer of what is about to hit them. Nvidia analysts still think 2024 might be close to the peak. Mainstream pundits are stuck on the wilful blindness of “it’s just predicting the next word”. They see only hype and business-as-usual; at most they entertain another internet-scale technological change.
Before long, the world will wake up. But right now, there are perhaps a few hundred people, most of them in San Francisco and the AI labs, that have situational awareness. Through whatever peculiar forces of fate, I have found myself amongst them. A few years ago, these people were derided as crazy—but they trusted the trendlines, which allowed them to correctly predict the AI advances of the past few years. Whether these people are also right about the next few years remains to be seen. But these are very smart people—the smartest people I have ever met—and they are the ones building this technology. Perhaps they will be an odd footnote in history, or perhaps they will go down in history like Szilard and Oppenheimer and Teller. If they are seeing the future even close to correctly, we are in for a wild ride.
Let me tell you what we see.
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...sameer shah
"Join us for STATATHON, a dynamic 2-day event dedicated to exploring statistical knowledge and its real-world applications. From theory to practice, participants engage in intensive learning sessions, workshops, and challenges, fostering a deeper understanding of statistical methodologies and their significance in various fields."
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
2015_GKB Driving Success in a Changing World_10 Imperatives for Internal Audit
1. Driving Success in a
Changing World
10 Imperatives for Internal Audit
Practitioner
Series
GLOBAL
PERSPECTIVE
Larry Harrington
CIA, QIAL, CRMA, CPA
Arthur Piper
CBOK
The Global Internal Audit
Common Body of Knowledge
Sponsored by
2. 2 ● Driving Success in a Changing World
About CBOK
The Global Internal Audit Common Body of Knowledge (CBOK) is the world’s
largest ongoing study of the internal audit profession, including studies of inter-
nal audit practitioners and their stakeholders. One of the key components of CBOK
2015 is the global practitioner survey, which provides a comprehensive look at the
activities and characteristics of internal auditors worldwide. This project builds on two
previous global surveys of internal audit practitioners conducted by The IIA Research
Foundation in 2006 (9,366 responses) and 2010 (13,582 responses).
Beginning in July 2015, reports will be released on a monthly basis and can be
downloaded free of charge thanks to the generous contributions and support from
individuals, professional organizations, IIA chapters, and IIA institutes. More than 25
reports are planned and are categorized into eight knowledge tracks focused on the
profession’s emerging issues in areas that include the future of internal auditing, gover-
nance, global perspective, management, risk, standards, talent, and technology.
Visit the CBOK Resource Exchange at www.theiia.org/goto/CBOK to download
the survey questions and the latest reports as they become available.
Middle East
& North
Africa
8%
Sub-
Saharan
Africa
6%
Latin
America
& Caribbean
14%
North
America 19%
South
Asia 5%
East
Asia
& Pacific
25%
Europe &
Central
Asia
23%
Note: Global regions are based on World Bank categories. Survey responses were collected from February 2, 2015, to April 1, 2015.
The online survey link was distributed via institute email lists, IIA websites, newsletters, and social media. Partially completed
surveys were included in analysis as long as the demographic questions were fully completed. In CBOK 2015 reports, specific
questions are referenced as Q1, Q2, and so on.
CBOK 2015 Practitioner Survey: Participation from Global Regions
SURVEY FACTS
Respondents 14,518
Countries 166
Languages 23
EMPLOYEE LEVELS*
Chief audit
executive (CAE) 26%
Director 13%
Manager 17%
Staff 44%
*Employee levels were
obtained from 12,716
respondents.
3. www.theiia.org/goto/CBOK ● 3
Contents
Executive Summary 4
Section 1: Play a Leading Role
1 Anticipate the Needs of Stakeholders 5
2 Develop Forward-Looking Risk Management
Practices 8
3 Continually Advise the Board and Audit
Committee 10
4 Be Courageous 12
Section 2: Beat the Expectations Gap
5 Support the Business’s Objectives 14
6 Identify, Monitor, and Deal with Emerging
Technology Risks 15
7 Enhance Audit Findings Through Greater Use of
Data Analytics 16
8 Go Beyond The IIA's Standards 17
Section 3: Invest in Excellence
9 Invest in Yourself 21
10 Recruit, Motivate, and Retain Great Team Members 23
Conclusion 26
CBOK
Knowledge
Tracks
Future
Global
Perspective
Governance
Management
Risk
Standards &
Certifications
Talent
Technology
4. 4 ● Driving Success in a Changing World
Change in the business world is accelerating as the effects of globalization, advances
in technology, and revolutions in geopolitical landscapes reach deeper into societies
around the globe.
Larry Harrington, the 2014–2015 global senior vice chairman of the Board of
Directors of The IIA, has partnered with award-winning business writer Arthur Piper
to develop Driving Success in a Changing World: 10 Imperatives for Internal Audit,
which gives practitioners a fresh perspective on how to navigate today’s challenges. The
10 imperatives will help practitioners discover areas where they can grow professionally
and add more value to their organizations.
This report is supported by insights derived from the CBOK 2015 Global Internal
Audit Practitioner Survey, the largest survey of internal auditors in the world. In addition,
the authors conducted interviews with internal audit leaders from global regions.
In this report, you will discover how respondents from the global regions answered
questions such as:
●● How do you measure the effectiveness of your performance?
●● Is your internal audit department aligned to your organization’s strategic plan?
●● How frequently do you update your audit plan?
●● Have you ever felt pressure to suppress or modify a valid audit finding or report?
If so, from whom?
●● How much time does your internal audit department spend on cybersecurity and
social media risks?
●● Are you practicing continuous auditing?
●● What kinds of training do you provide for your staff?
You will also learn about trends in the profession such as:
●● What percentage of respondents intend to stay in the internal audit profession
over the next five years
●● How the ratio of male to female practitioners is changing dramatically
●● How The IIA’s International Standards for the Professional Practice of Internal
Auditing (Standards) usage has increased in the last five years
●● What skills CAEs want to add to their internal audit departments
Driving Success in a Changing World is the first in a one-year series of reports based
on the CBOK 2015 practitioner survey, which will be released starting July 2015.
CBOK reports are available free to the public at www.theiia.org/goto/CBOK.
Executive Summary
5. www.theiia.org/goto/CBOK ● 5
processes. They must demonstrate how
and why their audit plans meet the key
risks the business faces in pursuing its
strategy. Failure to do so often leads to
a dangerous expectations gap between
internal auditors and stakeholders.
Globally, while 3 out of 4 departments
(73%) say they incorporate requests from
management into their audit plans, just
2 out of 3 (62%) consult with divisional
or business heads, and fewer (56%) con-
sult with audit committees. In North
America, there are much higher levels of
consultation across all of these categories
(see exhibit 1).
To play a leading role in the success of
their organizations, internal auditors
need to anticipate the requirements of
their stakeholders. In today’s dynamic
risk landscape, that is no easy task. The
board, management, control functions,
and internal and external assurance pro-
viders have a broad range of constantly
shifting, often competing, and sometimes
poorly communicated needs that internal
auditors should fundamentally under-
stand and serve.
Internal auditors must improve com-
munication channels to better anticipate
stakeholder expectations, particularly
during the audit planning and approval
1 Anticipate the Needs of
Stakeholders
Note: Q48: What resources do you use to establish your audit plan? (Choose all that apply.) CAEs only. n = 3,013.
Exhibit 1 Resources Used to Establish an Audit Plan
0%
20%
40%
60%
80%
100%
Requests from the
audit committee
Consultations with divisional
or business heads
Requests from
management
Global
Average
Middle East
& North Africa
Latin America
& Caribbean
East Asia
& Pacific
Sub-Saharan
Africa
Europe &
Central Asia
South
Asia
North
America
86%
79%
74% 74%
67%
62% 61%
73%
80%
66% 67%
60%
43%
54%
58%
62%
74%
65%
56%
68%
40%
50%
53%
56%
6. 6 ● Driving Success in a Changing World
except in South Asia, where close to half
(46%) say they do so (see exhibit 2).
Fewer CAEs (32%) compare audit
outcomes against the specific expecta-
tions set and agreed with stakeholders,
Note: Q90: What specific measures does your organization use to evaluate the performance
of its internal audit activity? (Choose all that apply.) CAEs only. n = 2,605.
Exhibit 2 Performance Measured Against Stakeholder Expectations
0% 10% 20% 30% 40% 50%
Global Average
East Asia & Pacific
Europe & Central Asia
Middle East & North Africa
North America
Latin America & Caribbean
Sub-Saharan Africa
South Asia 46%
42%
37%
35%
31%
28%
26%
32%
Three Lines of Defense
The Three Lines of Defense model of
corporate governance is endorsed by The
IIA and provides the following structure
for assigning and managing risk manage-
ment and control responsibilities:
First Line of Defense: Operational man-
agement, which owns and manages risk
and control
Second Line of Defense: Risk manage
ment and compliance functions,
which define risk policies and support
management
Third Line of Defense: Internal audit,
which provides independent and
objective assurance to both management
and the organization on how well the
system works and meets the strategic
needs of the organization
Among survey respondents who were
familiar with the Three Lines of Defense
model, between 62% and 81% indicate
that internal audit uses the model in
their organizations (see the combined
total of the “yes” responses in exhibit 3).
However, there is a lack of familiarity
with the model in certain regions, partic-
ularly South Asia, North America, and
Middle East & North Africa, indicating
opportunities for further education (see
exhibit 4).
Source: IIA Position Paper, The Three Lines of Defense in Effective Risk Management and Control,
January 2013, pages 3–5.
❝When you want to
know how stake-
holders rate your
performance,
you need to do
more than send
out a feedback
survey. We ask
an independent
party to sit with
our stakeholders
for a focused
conversation based
on a question-
naire on how we
are doing, which
takes account of
our charter and of
whether or not we
are meeting their
needs.❞
—Robert Kella,
Senior Vice President
of Internal Audit for
Emirates Group, Dubai,
United Arab Emirates
7. www.theiia.org/goto/CBOK ● 7
0% 10% 20% 30% 40% 50%
Global Average
Europe Central Asia
Sub-Saharan Africa
Latin America Caribbean
East Asia Pacific
Middle East North Africa
North America
South Asia
Exhibit 3 Usage of the Three Lines of Defense Model
Exhibit 4 Respondents Not Familiar with the Three Lines of Defense
Model
Note: Q63: Does your organization follow the three lines of defense model as articulated by The IIA? n = 11,255. Those who
responded “I am not familiar with this model” were excluded from these calculations. Due to rounding, some region totals may not
equal 100%.
Note: Q63: Does your organization follow the three lines of defense model as articulated by
The IIA? This exhibit shows respondents who chose the option “I am not familiar with this
model.” n = 11,255.
0% 20% 40% 60% 80% 100%
Global Average
Latin America Caribbean
Middle East North Africa
North America
South Asia
Sub-Saharan Africa
East Asia Pacific
Europe Central Asia
No, this model is not applicable
for my organization.
No, my organization does not
follow this model.
Yes, but internal audit is
considered the second line of
defense in our organization.
Yes, but the distinction
between the second and third
line of defense is not clear.
Yes, and internal audit is
considered the third line of
defense.
64% 14% 3% 15% 5%
62% 11% 6% 17% 4%
53% 15% 8% 19% 5%
50% 13% 10% 16% 10%
50% 15% 6% 22% 6%
45% 10% 10% 25% 10%
45% 12% 5% 31% 6%
56% 13% 6% 20% 5%
43%
25%
24%
22%
19%
15%
12%
20%
8. 8 ● Driving Success in a Changing World
While executive managers can grasp
the importance of such risks for their
departments, they may fail to see how
those risks impact the organization as a
whole.
On average, just over 1 out of 3
respondents say their annual audit plan
is updated three or more times a year as
risks change (see exhibit 5). Although
internal auditors are in a position to
understand strategic risks to their orga-
nizations, on average, only about half
of survey respondents (57%) say their
departments are either fully or mostly
aligned with the strategic plan of their
business (see exhibit 6).
Internal auditors must understand
how the complex web of risks arising
from geopolitical events, environmental
change, and rapid advances in technol-
ogy impacts their businesses. They must
assess the likely impact of possible future
events—including their second- and
third-order consequences—on their orga-
nizations’ strategies and operations.
Looking forward, CAEs say that the
risks on which executive management will
focus the greatest attention in 2015 are:
Operational 72%
Strategic business risks 70%
Compliance/regulatory 62%
2 Develop Forward-Looking Risk
Management Practices
❝While executive
managers under-
stand what is
important to
their depart-
ments individually,
internal audit
should have the
overarching view of
things and under-
stand corporately
what the big risks
are to the entire
organization.❞
—Theresa Grafenstine,
Inspector General,
U.S. House of
Representatives,
Washington, DC
Note: Q38: How would you describe the development of the audit plan at your organization?
Exhibit shows respondents who chose option 3, “updated three or more times a year as
risks change,” or option 4, “comprises a highly flexible plan matched to the organization’s
changing risk profile.” CAEs only. n = 3,014.
Exhibit 5 Audit Plan Updated Three or More Times Per Year
0% 10% 20% 30% 40% 50%
Global Average
East Asia Pacific
Europe Central Asia
Middle East North Africa
Latin America Caribbean
South Asia
Sub-Saharan Africa
North America 47%
45%
42%
35%
31%
29%
24%
34%
Source: Q65.
9. www.theiia.org/goto/CBOK ● 9
“The annual audit plan should be
based on the organization’s strategic
plan. Internal auditors should priori-
tize their engagements and reassess and
update their plans regularly,” says Simon
Nyazenga, formerly group director
internal audit, Rift Valley Corporation,
Harare, Zimbabwe.
Assuring the board that the organi-
zation is able to deal with fast-moving
emerging risks requires an understanding
of the strategic, business, legal, and com-
pliance risks of the organization; in-depth
knowledge of the business; and high levels
of competence in technology tools. One
challenge for internal audit departments
will be to ensure they have the skill sets
to meet the demand for their services in
these areas.
Note: Q57: To what extent do you believe your internal audit department is aligned with the strategic plan of your organization?
CAEs only. n = 2,717.
Exhibit 6 Internal Audit Aligned to Strategic Plan
0% 20% 40% 60% 80% 100%
Global Average
South Asia
East Asia Pacific
North America
Europe Central Asia
Middle East North Africa
Sub-Saharan Africa
Latin America Caribbean
Fully aligned or almost
fully aligned
Somewhat aligned
Not aligned or
minimally aligned
72% 21% 7%
69% 25% 7%
59% 31% 9%
57% 35% 8%
54% 40% 7%
45% 44% 11%
43% 49% 8%
57% 35% 8%
10. 10 ● Driving Success in a Changing World
understands both the business and the
risks and has the ability to tie them
together,” says Theresa Grafenstine,
inspector general, U.S. House of
Representatives, Washington, DC.
Responses from the 2015 practitioner
survey indicate that a high percentage of
CAEs have an active relationship with
their audit committees. Among organi-
zations that have audit committees, on
average, 7 out of 10 say they report func-
tionally to the audit committee, although
there are wide regional variations (see
exhibit 8). In addition, about 75% of
CAEs say they meet at least once per year
Advising the audit committee of the
constantly changing compliance,
regulatory, and risk environment is of
great value to organizations because it
helps them keep abreast of global devel-
opments. The widespread adoption of
audit committees across the globe pro-
vides internal audit with a conduit to
be the leading source of information to
the board on emerging risks, risk man-
agement, internal audit, and The IIA’s
Standards (see exhibit 7).
“The chief audit executive is in the
ideal position to inform and advise the
board of key risks because he or she
3 Continually Advise the Board and
Audit Committee
Note: Q78: Is there an audit committee or equivalent in your organization? n = 11,085.
Exhibit 7 Audit Committee in Organization
0% 20% 40% 60% 80% 100%
Global Average
Latin America Caribbean
East Asia Pacific
South Asia
Middle East North Africa
Europe Central Asia
North America
Sub-Saharan Africa 90%
89%
78%
76%
73%
73%
73%
79%
ACTION POINTS
l Communicate risks
in the context of the
business’s goals and
objectives.
l Provide an overall
opinion on how the
business is managing
itself.
l Eliminate non-
value-adding con-
trols and activities to
streamline costs.
l Advise the audit
committee of the
issues it should be
most concerned
about on a regular
basis.
l Give an overview
of the control envi-
ronment and report
whether it is improv-
ing or getting worse.
11. www.theiia.org/goto/CBOK ● 11
UK, and past president of The IIA–UK
Ireland. She says internal auditors
build credibility by developing good
business awareness, adopting a pragmatic
approach to their work, and being able
to speak to people about what really
matters to them without turning every
inquiry into an audit request. With hard
work, internal auditors can encourage
the board, senior management, and other
stakeholders to accept that internal audit
is capable of operating at the right level
of seniority to provide such advice.
with the audit committee in executive
sessions with no member of management
present (Q78c).
In addition to these formal commu-
nication channels, which are critical,
working behind the scenes as an advisor
to audit committees and other stake-
holders is a highly effective way of both
understanding their needs and helping to
keep the board up to speed.
“You need credibility if you want
people to come to you for advice and
information,” says Nicola Rimmer, direc-
tor in Barclay’s Internal Audit, London,
Note: Q74: What is the primary functional reporting line for the chief audit executive (CAE)
or equivalent in your organization? The survey stated that “functional reporting refers to
oversight of the responsibilities of the internal audit function, including approval of the
internal audit charter, the audit plan, evaluation of the CAE, compensation for the CAE.” Only
responses from CAEs at organizations with audit committees are reported. n = 1,952.
Exhibit 8 CAEs Who Report Functionally to Their Audit Committees
0% 20% 40% 60% 80% 100%
Global Average
East Asia Pacific
Europe Central Asia
Latin America Caribbean
North America
South Asia
Middle East North Africa
Sub-Saharan Africa 87%
83%
82%
82%
66%
61%
51%
69%
12. 12 ● Driving Success in a Changing World
the control environment and the other
assessing management’s control approach
to see whether they are proactively iden-
tifying and addressing issues. Reports
then clearly show where management is
proactive (even if management is still on
a journey of improvement), which lessens
the risk of pressure to alter audit reports.
Ideally, internal audit can avoid
unnecessary conflict by inviting collabo-
ration for problem solving. Robert Kella,
senior vice president of internal audit for
Emirates Group, Dubai, United Arab
Emirates, says his internal audit depart-
ment has moved away from making
audit recommendations to working with
management on securing agreed actions.
That has allowed his department to focus
the debate more on how best to improve
the business’s response to managing risk.
It also gives his team confidence that
the issues they raise during fieldwork are
taken seriously by the executive team.
Nevertheless, internal audit needs
to be prepared to handle conflict.
“Management has to know that if there
is a disagreement, you will act on your
responsibility for escalating the issue to
the next level by actually doing it—the
business has to know the audit function
has teeth,” says Kella. In order for inter-
nal auditors to make the tough decisions,
it is crucial for them to gain the support
of the audit committee and executive
management.
Internal auditors must have the courage
to tell stakeholders the truth, whether
they want to hear it or not. This is easier
said than done, but it is essential if inter-
nal audit is to gain credibility across the
organization.
Among all employee levels, about 3
out of 10 internal audit practitioners say
they had undue pressure put on them
to suppress or modify their findings.
Depending on employee level, between
5% and 14% of all respondents say they
“prefer not to answer” the question,
suggesting the issue is potentially under-
reported (see exhibit 9).
Survey respondents indicated that the
pressure came from a variety of sources,
depending on the respondent’s employee
level. CAEs felt the most pressure from
the CEO, operations management,
and the chief financial officer (CFO).
However, directors, managers, and staff
were most likely to report that the pres-
sure came from within the internal audit
department, perhaps showing how pres-
sure is transferred from the CAE down to
lower employee levels (see exhibit 10).
Rimmer comments that high levels
of pressure from management to alter
audit reports could mean that adverse
audit findings affect the client’s pay and
bonus. “You need a culture within the
organization that encourages and rewards
people to be proactive in finding issues
and bringing them to light,” she says.
She advises two ratings: one focused on
4 Be Courageous
Note: Q77: During your
internal audit career, have
you experienced a situation
where you were directed
to suppress, or significantly
modify, a valid internal audit
finding or report? n = 10,823.
Exhibit 9 Pressure Felt
to Change an Audit
Finding or Report
29% 66%
5%
25% 64%
11%
20%
66%
14%
I would prefer not
to answer
One time or more
Never
CAE or Equivalent
Director or Manager
Staff
13. www.theiia.org/goto/CBOK ● 13
Exhibit 10 Top 5 Sources of Pressure to Modify a Finding or Report
CAE or Equivalent Director or Manager Staff
Chief executive
officer (CEO)
38%
Internal audit
department
34%
Internal audit
department
44%
Operations
management
26%
Operations
management
26%
Operations
management
21%
Chief financial
officer (CFO)
24%
Chief executive
officer (CEO)
24%
Chief executive
officer (CEO)
15%
Board of
directors
12%
Chief financial
officer (CFO)
18%
I prefer not to
answer
15%
Other internal
source
10%
Other internal
source
16%
Other internal
source
14%
Note: Q77b: What was the source of the pressure when you were directed to suppress, or
significantly modify, a valid internal audit finding or report? (Choose all that apply.) Question
only answered by respondents who previously indicated they had felt pressure to modify a
finding or report. n = 2,547.
10 Best Practices for CAEs to Manage Organizational Pressure
1. Look for good governance and a
knowledgeable board to support
internal audit activities.
2. Use executive support to mitigate
issues with other organizational
relationships.
3. Know whether your employer’s
values are a good fit with your
values.
4. Build credibility for internal audit
by raising the right issues, being fair,
building a strong team, focusing on
facts, and playing on the same team
as management.
5. Build strong relationships by doing
more than attending quarterly meet-
ings; become a more visible leader.
THE PRESSURES OF
BEING AN INTERNAL
AUDITOR
A recent project by
The IIA Research
Foundation took an
in-depth look at orga-
nizational pressures felt
by internal auditors.
Authors Patricia Miller
and Larry Rittenberg,
who spent decades
in the internal audit
profession, identified
the 10 best practices
for CAEs to manage
political pressure. Their
insights are available in
The Politics of Internal
Auditing.
6. Plan ahead; talk with executives and
your board about what you will do
when political issues arise.
7. Have a decision framework to deter-
mine which issues you will pursue
even if you will face resistance.
8. Develop a strong internal audit
charter to diffuse resistance to the
role and mandate of internal audit.
9. Begin positive communication
before audits are conducted; con-
tinue communication in order to
defuse future conflicts.
10. Learn from experience; consider
what worked and what could have
been handled better.
Source: Patricia K. Miller and Larry E. Rittenberg, The Politics of Internal Auditing (Altamonte Springs,
Florida: The IIA Research Foundation, 2015), pages 103–111.
14. 14 ● Driving Success in a Changing World
Ramirez recommends, “For each area
of the strategic plan, specific performance
measures should be identified, which
indicate the overall change in direction
as defined by the plan.” In addition to
tracking these indicators against the
desired outcomes of the business, he
adds, the audit department can use them
to incentivize employees through their
training programs and compensation
packages.
Internal audit leaders need to do more
to educate their teams about the organi-
zations in which they operate. Individual
auditors can act to acquire industry-
specific certifications to enhance their
understanding of the business and to
help build personal credibility with
management.
CAEs need to ensure that the way they
measure their department’s performance
does not deepen the expectations gap.
Only about half (51%) say they use sur-
veys of audit clients to measure how well
they perform, with fewer than 1 out of 3
(29%) surveying key stakeholders (Q91).
Internal auditors can close the expecta-
tions gap between themselves and key
stakeholders by better aligning their work
to the business’s strategic objectives. Such
alignment facilitates risk-based auditing
and better anticipation of stakeholder
needs.
A little more than half of respondents
(57%) to the CBOK practitioner survey
say the internal audit department is either
fully aligned or almost fully aligned with
the strategic plan of their business (see
exhibit 6). This means that nearly half of
respondents are not confident that they
are aligned with organizational strategy
and will likely struggle to demonstrate
the value they add to their organizations.
“Thoroughly understanding your
client’s business objectives and identify-
ing and managing the key risks facing
such objectives are the two most powerful
basic elements with which internal audit
can help customers achieve their goals,”
says Gabriel Benavides Ramirez, director
of internal control and anti-corruption
auditing, General Audit Office of Mexico
City, Mexico.
5 Support the Business’s Objectives
You can better support
the business’s objec-
tives by developing
key performance indi-
cators such as:
Customer Measures:
A list of areas where
value is added per
audit, customer
satisfaction ratings,
and number of key
customer meetings
Financial Measures:
Documentation
of cost savings,
improved efficiencies,
or other monetary
benefits related
to organizational
objectives
Quality Measures:
Quality assessment
reviews, benchmarking
using the Global Audit
Information Network®
(GAIN®
)
Staff Growth
Measures: Certifi
cations earned, hours
of training per year,
development of
training planning using
The IIA’s Career Map
15. www.theiia.org/goto/CBOK ● 15
activity on some critical, nonroutine
IT issues is surprisingly low. Globally,
almost 1 out of 5 respondents (17%)
say they spend no time auditing their
organization’s cybersecurity systems, and,
likewise, more than 1 out of 4 (27%)
say they spend no time on social media
audits (see exhibit 11).
Most respondents say that audit activ-
ity in cybersecurity and social media will
increase over the next 2 to 3 years—74%
and 54%, respectively (Q94).
Technology risks are extremely dif-
ficult to manage because they are
constantly evolving. Internal auditors
need to respond proactively by helping
organizations identify, monitor, and deal
with such emerging IT risks and advising
their boards on how best to do so.
IT risk is among the top five risks
on which internal auditors are focusing
the greatest level of attention in 2015,
according to survey respondents (Q66).
However, a notable percentage of orga-
nizations, the extent of internal audit
6 Identify, Monitor, and Deal with
Emerging Technology Risks
KEEPING UP WITH
TECHNOLOGY
Fifteen years ago,
Grafenstine decided
to focus heavily on IT
auditing and security.
She invested in herself
by learning various
operating systems and
enterprise applications,
spent time over the
weekends to read up on
IT trends and risks, and
gradually incorporated
that knowledge into her
audit work. “Auditors
often don’t deal with
IT risk because they
are afraid—they don’t
understand it,” she says.
“But it’s too big a risk to
ignore.”
She recommends that
auditors start looking at
IT risk from a high level
first, examining poli-
cies, project plans, and
business issues. They
should network with
peers and IIA special
interest groups, do their
homework to gradually
extend their techni-
cal knowledge, and
increase IT knowledge
and skills within their
teams.
Note: Q92: For information technology (IT) security in particular, what is the extent of the
activity for your internal audit department related to the following areas: employee use of
social media, cybersecurity of electronic information. n = 9,941 for cybersecurity; n = 9,747 for
social media.
Exhibit 11 Internal Audit Activity Related to Cybersecurity and Social
Media
0% 20% 40% 60% 80% 100%
ExtensiveModerate or minimalNone
Cybersecurity of
electronic information
Employee use
of social media
27% 61% 12%
17% 63% 20%
16. 16 ● Driving Success in a Changing World
says Kwang Ho Sung, vice president and
head of internal audit at a major South
Korean bank. Such knowledge trans-
fer can empower stakeholders to better
achieve their objectives in managing their
own risks and controls and allow internal
audit resources to focus on the bigger risk
picture, he adds.
Continuous or real-time auditing
technology is being leveraged by internal
audit departments. Globally, a little less
than half of respondents (44%) report
moderate or extensive activity for con-
tinuous/real-time auditing (Q95). To
help internal audit move forward into
continuous auditing, Kella says that
internal audit should develop separate,
but related, plans for audit processes and
analytics. He recently allocated about
60% of his analytics resource to support
the group’s audit plan and allocated the
remaining 40% to develop continuous
monitoring platforms with a select group
of like-minded business units. Kella says
this shares the development costs, helps
train management to use the analytics
suite, and moves the audit department
into a more independent, continuous
monitoring role.
Internal auditors must continue to
improve their data analysis skills and
techniques to enhance audit findings. In
addition to being able to analyze com-
plete data sets (rather than samples), such
technologies enable auditors to improve
efficiency and audit data-rich areas in
more sophisticated ways.
About half of survey respondents say
they use data mining or data analytics
in fraud identification (49%), to investi-
gate issues raised through risk or control
monitoring (47%), and to test entire data
populations (47%), with little variation
among global regions (Q96). This sug-
gests that a much broader adoption of
these techniques is needed.
Additionally, internal auditors give
themselves high proficiency ratings for the
“use of data analysis to reach meaningful
conclusions.” Globally, about half (55%)
consider themselves to be “advanced” or
“expert,” with higher percentages in Latin
America Caribbean (69%) and Europe
Central Asia (68%) (Q86).
“If you have regular communication
with your clients and talk about sharing
data analysis skills, they are often very
happy to learn those skills from me,”
7 Enhance Audit Findings Through
Greater Use of Data Analytics
17. www.theiia.org/goto/CBOK ● 17
respondents who said that they did not
use the Standards at all dropped to 11%
in 2015 compared to 14% in 2010 (see
exhibit 12).
Standards usage varies a great deal
between regions, with a high of 68% in
North America and a low of 40% in East
Asia Pacific for use of all the Standards.
When responses for full use and partial
use of the Standards are combined, the
region with the highest percentage was
Sub-Saharan Africa (96%), and the lowest
was South Asia (76%) (see exhibit 13).
The IIA’s Standards provides internal
auditors with guidance that enables
them to successfully perform internal
audit activities for the organizations they
serve.
Usage of the Standards overall appears
to be increasing globally, according to
CAEs who responded to the CBOK
practitioner surveys in 2010 and 2015.
In 2015, 54% of CAEs indicated that
they used “all of the Standards,” com-
pared to 46% in 2010 (an 8% increase).
At the same time, the percentage of
8 Go Beyond The IIA’s Standards
❝The best way of
demonstrating
the value of the
Standards is by
making internal
audit easy and
convenient to work
with, helping save
money and comply
with regulations,
but, above all,
by meeting the
organization’s
objectives in
an efficient and
ethical way.❞
—Gabriel Benavides
Ramirez, Director of
Internal Control and
Anti-corruption Auditing,
General Office of
Mexico City, Mexico
Note: Q98: Does your organization use the International Standards for the Professional
Practice of Internal Auditing (Standards)? Only CAE responses were included in this exhibit.
This data represents a comparison between the CBOK practitioner surveys from 2010 and
2015. n = 2,975 for 2010; n = 2,478 for 2015.
Exhibit 12 Increase in Use of IIA Standards (from 2010 to 2015)
No
Partial yes,
some of the
Standards
Yes, all
of the
Standards
2010 2015
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
46%
40%
14%
11%
35%
54%
18. 18 ● Driving Success in a Changing World
need to implement quality assurance
measures to assess whether they are meet-
ing stakeholder expectations and close
the performance expectations gap.
Historically, Standard 1300 has
had the lowest levels of conformance
out of all the Standards. From 2010 to
2015, CAEs who indicate full confor-
mance with Standard 1300 increased
only slightly, from 39% to 42% (see
exhibit 14).
Only 1 out of 3 CAEs feel that their
quality processes are well defined (see
exhibit 15). However, among respon-
dents who are using the Standards, about
7 out of 10 say that they have periodic or
ongoing internal assessments as required
in Standard 1311 (Q100).
“The chief audit executive can use
the Standards to inform the board of its
responsibilities and to paint a holistic
picture of the business and the risks it is
facing,” says Ramirez. “The board can
be confident in internal audit’s objec-
tive insights into the business because
the Standards provides a specialized and
systematic approach to providing such
assurance.”
Quality Assurance and Improve-
ment Program (Standard 1300)
Standard 1300 states, “The chief audit
executive must develop and maintain
a quality assurance and improvement
program that covers all aspects of the
internal audit activity.” Internal auditors
Note: Q98: Does your organization use the International Standards for the Professional Practice of Internal Auditing (Standards)?
Only CAE responses were included in this exhibit. Due to rounding, some totals may not equal 100%. n = 2,478.
Exhibit 13 Use of IIA Standards
0% 20% 40% 60% 80% 100%
No
Partial yes, some
of the Standards
Yes, all of the
Standards
Global Average
East Asia Pacific
Latin America Caribbean
South Asia
Middle East North Africa
Sub-Saharan Africa
Europe Central Asia
North America 68% 24% 8%
60% 32% 8%
58% 38% 4%
49% 43% 8%
39% 37% 24%
41% 47% 12%
40% 41% 19%
54% 35% 11%
19. www.theiia.org/goto/CBOK ● 19
Note: Q99: Is your organization in conformance with the Standards? Topic: Standard 1300:
Quality Assurance and Improvement Program. Only CAE responses from those who use all
or part of the Standards were included in this exhibit. This data represents a comparison
between the CBOK practitioner surveys from 2010 and 2015. Due to rounding, some totals
may not equal 100%. n = 2,167 for 2010; n = 2,217 for 2015.
Exhibit 14 Conformance to Standard 1300: Quality Assurance and
Improvement Program (Change from 2010 to 2015)
0%
10%
20%
30%
40%
50%
No, not in conformance
Yes, partial conformance
Yes, full conformance
2010 2015
39%
44%
16%
42% 41%
16%
Note: Q47: How developed is the quality assurance and improvement program (QAIP) at your
organization? CAEs only. “Well defined” included those who answered “well defined, including
external quality review” or “well defined, including external quality review and a formal link to
continuous improvement and staff training activities.” n = 2,833.
Exhibit 15 Maturity Level of the Quality Assurance and Improvement
Program
0% 20% 40% 60% 80% 100%
Nonexistent
or ad hoc
In the process of
development
Well defined
South Asia
Latin America Caribbean
East Asia Pacific
Middle East North Africa
Sub-Saharan Africa
North America
Europe Central Asia
Global Average
42% 32% 26%
40% 33% 27%
32% 49% 19%
30% 43% 27%
30% 36% 34%
22% 44% 34%
20% 49% 31%
34% 37% 29%
20. 20 ● Driving Success in a Changing World
2. Go beyond the Standards to
identify and deliver specific
high-value activities for your
organization.
a. Discuss with the audit
committee and executive
management their views
and expectations for what
they would consider a
high-value internal audit
activity.
b. Agree with the audit
committee and executive
management on a set of
specific activities that
internal audit would focus
on to meet those expecta-
tions for quality and value.
c. Periodically report to
the audit committee and
executive management
on internal audit’s per-
formance relative to the
specific expectations of the
audit committee and exec-
utive management.
BUILDING ON THE STANDARDS TO DELIVER HIGH VALUE
1. Use IIA Standards as the frame-
work for quality assessment.
a. Inform the audit commit-
tee about the value of the
Standards, in particular
those covering quality,
to demonstrate internal
audit’s professionalism and
commitment to quality.
b. Establish a robust quality
assurance and improve-
ment program as required
by the Standards.
c. Perform an annual self-
assessment to ensure con-
formance to the Standards
and have an external qual-
ity review conducted at
least every five years.
d. Inform the audit commit-
tee on the results of the
external review and quality
program to provide them a
basis for understanding the
quality of the internal audit
activities and where they
need to be improved.
e. Ensure that the audit team
is certified and oblige the
internal audit staff to be
certified if they hold cer-
tain levels of responsibility.
21. www.theiia.org/goto/CBOK ● 21
training, especially in smaller internal
audit departments. In the smallest inter-
nal audit departments, almost 7 out of 10
CAEs say their training programs were
not developed or done so on an ad hoc
basis (see exhibit 16).
There has never been a better time
to be an internal auditor. The skills
shortage in the profession has triggered
fierce competition for the best-qualified
auditors. You can reap the full rewards by
investing in your own development.
That being said, internal auditors
cannot simply rely on employers for their
9 Invest in Yourself
❝Leadership is an
important skill for
internal auditors
as organiza-
tions strive to be
globally relevant
and competitive.
Internal audit is
considered one of
the central pillars
of corporate gover-
nance in those
organizations
and is expected
to play a leading
role, which is why,
in Africa, training
is aligned to the
development of
robust corporate
governance.❞
—Simon Nyazenga,
formerly Group Director
Internal Audit,
Rift Valley Corporation,
Harare, Zimbabwe
Note: Q45: What is the level of formalization for the training program for internal audit at your
organization? Compared to Q24: Approximately how many full-time equivalent employees
make up your internal audit department? CAEs only. n = 2,820.
Exhibit 16 Training Program Maturity Compared to Employees in
Internal Audit Departments
0%
20%
40%
60%
80%
100%
Not developed
or ad hoc
Structured and
documented
50 or more25–4910–244–91–3
67%
55%
45%
63%
37%
68%
32%
26%
74%
33%
22. 22 ● Driving Success in a Changing World
about the business so that they can
understand the significance of their audit
findings and contribute value to their
organizations. The best way to do that
is to understand the skills, knowledge,
and attitudes that contribute most to the
businesses in which they work, perhaps
by spending some time working on the
operational side of the organization.
“Forty hours is okay if you are com-
fortable with mediocrity, but to be
successful, you have to put in the extra
time,” says Grafenstine. “In my organiza-
tion, if people invest in themselves and get
additional certifications, it raises the pro-
fessionalism of the internal audit group
and we reward that with hard dollars.”
Those who provide training pro-
grams usually include internal audit
skills (68%) but are less likely to include
orientation for new employees (54%)
and other business critical skills, such as
knowledge of the business (53%), critical
thinking (30%), or leadership (27%) (see
exhibit 17).
It is especially critical for internal
auditors to have sufficient knowledge
About 4 out of 10 say that they
receive less than 40 hours of training
per year, which is below the required
level to maintain many IIA certifica-
tions. About 3 out of 10 report exactly
40 hours of training per year, and
another 3 out of 10 exceed 40 hours
(see exhibit 18).
Less than
40 hours
39% Exactly
40 hours
28%
More than
40 hours
33%
Note: Q46: What is included in the training program for internal audit? (Choose all that apply.)
CAEs only. n = 3,099.
Exhibit 17 Elements Included in Training Programs for Internal Audit
0% 20% 40% 60% 80% 100%
Leadership skills
Critical thinking skills
Business knowledge related to
the industry and organization
Onboarding and orientation
for new employees
Internal audit skills
(for example, writing audit reports)
68%
54%
53%
30%
27%
Note: Q14: How many hours
of formal training related to
internal audit do you receive
per year? n = 13,106.
Exhibit 18 Hours of
Internal Audit Training
Per Year
23. www.theiia.org/goto/CBOK ● 23
Internal audit departments need to cast
their nets wider to attract, retain, and
motivate team members who are able to
understand and anticipate the rapidly
changing business environment. This is
crucial if internal auditors are to better
understand the businesses and functions
of the organizations they serve.
In general, survey respondents studied
accounting, auditing, and/or finance-
related topics in college (Q5a). The most
common areas of study were:
Accounting 57%
Auditing (internal) 42%
Finance 32%
Business management 27%
Auditing (external) 23%
Economics 22%
This relatively narrow focus threatens
to restrict the skills available to CAEs
and could ultimately blindside the
profession. Today, CAEs say they are
particularly seeking to increase skills in
critical thinking (64%) and communi-
cation (52%) in their departments (see
exhibit 19). A top priority should also be
industry-specific knowledge and general
IT skills, with an emphasis on the link
between what employees learn and its
relevance to the objectives and needs of
their organizations.
10 Recruit, Motivate, and Retain
Great Team Members
❝Excellent commu-
nication skills
and business
knowledge are
critical to internal
auditors. If we
find a potential
control breakdown
in a high-risk area,
we need to be
able to easily and
accurately explain
that to our clients
in a way they
understand.❞
—Kwang Ho Sung,
Vice President and Head
of Internal Audit at a
major South Korean Bank
Exhibit 19 Top Skills CAEs Seek
for Staff
Analytical/critical thinking 64%
Communication skills 52%
Accounting 43%
Risk management assurance 42%
Information technology
(general)
38%
Industry-specific knowledge 35%
Data mining and analytics 31%
Business acumen 27%
Fraud auditing 23%
Finance 22%
Forensics and investigations 15%
Cybersecurity and privacy 14%
Legal knowledge 12%
Quality controls (Six Sigma;
ISO)
7%
Other 4%
Note: Q30: What skills are you recruiting
or building the most in your internal audit
department? (Choose up to five.) CAEs only.
n = 3,304.
24. 24 ● Driving Success in a Changing World
receive a bonus (Q34, n = 11,792). These
payments are tied most commonly to
personal performance (78%) or company
performance (74%) (Q34a).
Over the next five years, about 3 out
of 4 (75%) survey respondents say they
intend to stay in internal auditing (see
exhibit 20). It might become a feature
of the new reality that internal audit
executives may not be able to recruit and
develop all the skills they need at any
one time in-house. Co-sourcing is likely
to continue to play a significant part
in meeting the skills needed. One final
trend to mention regarding staffing is the
significant change between the ratio of
men to women, as shown in exhibit 21
and exhibit 22 on the following page.
The mix of skills in a department is
also important. “Historically, most per-
formance management and development
work has been isolated between a man-
ager and an individual,” says Kella. “We
still have that, but we’ve also introduced
talent maps for each of our experience
levels within the department. This
process is refreshed by taking a twice-
a-year look at the department’s talent,
looking at the projects we have in the
pipeline, and matching those to the kind
of on-the-job experience, training, and
developmental experience that we’re tar-
geting for the individual.”
For motivation and retention of team
members, many organizations offer
bonuses. Sixty-seven percent of respon-
dents say they have the opportunity to
Note: Q36: In the next five years, what are your career plans related to internal auditing? n = 12,380.
Exhibit 20 Career Plans Related to Internal Audit in the Next Five Years
0% 20% 40% 60% 80% 100%
Retire
Leave the internal audit
profession or not sure
Stay in the internal
audit profession
Global Average
North America
East Asia Pacific
Europe Central Asia
Middle East North Africa
Sub-Saharan Africa
South Asia
Latin America Caribbean 86% 10% 4%
80% 18% 2%
80% 18% 2%
76% 18% 6%
74% 21% 5%
70% 24% 6%
67% 24% 9%
75% 20% 5%
25. www.theiia.org/goto/CBOK ● 25
CHANGING RATIO OF
MEN TO WOMEN
Survey responses indi-
cate the internal audit
profession of the future
will likely be more evenly
balanced between men
and women (in most
regions). For survey
respondents aged 19 to
29, the ratio is almost
equal (55% male, 45%
female), compared to
83% male and 17% female
for those 60 years or
older (see exhibit 21 and
exhibit 22).
0%
20%
40%
60%
80%
100%
Female
Male
19–29
years
30–39
years
40–49
years
50–59
years
60 years
or older
Note: Q4: What is your gender? Compared to Q3: What is your age? n = 12,744.
Exhibit 21 Proportion of Men to Women Compared by Age
83%
69%
62% 61%
55%
17%
31%
38% 39%
45%
Note: Q4: What is your gender? n = 14,158.
Exhibit 22 Proportion of Men to Women Compared by Global Region
0%
20%
40%
60%
80%
100%
FemaleMale
Global
Average
Middle East
North Africa
Latin America
Caribbean
East Asia
Pacific
Sub-Saharan
Africa
Europe
Central Asia
South
Asia
North
America
52%
48%
57%
43%
60%
40%
64%
36%
71%
29%
81%
19%
87%
13%
62%
38%
26. 26 ● Driving Success in a Changing World
Internal auditors who invest in themselves to meet the challenges ahead will benefit
both professionally and personally in ways that would have been unthinkable in the
profession even 10 years ago.
The emerging risk landscape presents internal auditors with unprecedented oppor-
tunities. Internal auditors are ideally positioned to play a leading role in the success
of their organizations with their unique understanding of business goals and strate-
gic objectives, and their ability to see the impact of risks across the entire enterprise.
In addition, internal audit insight can be an engine for innovation and business
improvement.
The 10 imperatives for internal audit can help practitioners at every level challenge
themselves to grow professionally and increase their value in the business market.
Conclusion
10 IMPERATIVES FOR INTERNAL AUDIT
Play a Leading Role
1. Anticipate the needs of stakeholders.
2. Develop forward-looking risk management
practices.
3. Continually advise the board and audit
committee.
4. Be courageous.
Beat the Expectations Gap
5. Support the business’s objectives.
6. Identify, monitor, and deal with emerging
technology risks.
7. Enhance audit findings through greater use
of data analytics.
8. Go beyond The IIA’s Standards.
Invest in Excellence
9. Invest in yourself.
10. Recruit, motivate, and retain great team
members.
27. www.theiia.org/goto/CBOK ● 27
Larry Harrington, CIA, QIAL, CRMA, CPA, is vice president of internal audit for
Raytheon Company, a technology company specializing in defense, security, and
civil markets throughout the world.
From 2010 to 2014, Harrington also served as Raytheon’s Executive Diversity
Champion. In this role, he provided senior leadership, sponsorship, and support for
Raytheon’s diversity strategy to advance the company’s culture of diversity and inclusion.
Harrington has spent most of his career in finance and internal auditing. He also
served as vice president of human resources and vice president of health operations at
Aetna Inc. He is a member of The IIA, past chairman of its North American Board of
Directors, and the 2014–2015 global senior vice chairman of the Board of Directors.
Harrington has completed Harvard Business School’s Advanced Management
Program, and he is a frequent speaker at seminars on auditing, change management,
negotiation, people development, and motivation.
Arthur Piper, PhD, is an award-winning writer and editor with more than 20 years’
experience specializing in internal auditing, risk management, corporate governance,
and emerging technologies. He has been managing director of the editorial services
company, Smith de Wint, since 1996. He has been Associate Research Fellow at the
University of Nottingham (UK) in the Department of Culture, Film and Media since
2006, and specializes in the critical understanding of emerging technologies.
CBOK Development Team
CBOK Co-Chairs:
Dick Anderson (United States)
and Jean Coroller (France)
Practitioner Survey Subcommittee Chair:
Michael Parkinson (Australia)
IIARF Vice President: Bonnie Ulmer
Primary Data Analyst: Dr. Po-ju Chen
Content Developer: Deborah Poulalion
Project Manager: Selma Kuurstra
Senior Editor: Lee Ann Campbell
About the Authors
About the Project Team
Report Review Committee
Dick Anderson (United States) Michael Parkinson (Australia)
Adil Buhariwalla (United Arab Emirates) Gabriel Benavides Ramirez (Mexico)
Jiin-Feng Chen (Chinese Taiwan) Eric Yankah (Ghana)
Daniela Danescu (Netherlands)