SlideShare a Scribd company logo

Measuring the impact of Internal Audit

H
Huzeifa Unwala
1 of 15
Download to read offline
Measuring the Impact of Internal Audit in Uncertain Times IIA Bombay Chapter Research Foundation Project 20 November 2012
About the IIA Bombay Research Foundation • IIA Bombay Chapter has recently launched “IIA Bombay Research Foundation” with the objective of being the research arm of The IIA Bombay Chapter conducted by thought leaders in the profession. • The Foundation aims to be a driving force for the continuous evolution of the profession through conducting surveys, publishing research reports covering the full spectrum of issues facing the profession and through such other initiatives that explore current issues, emerging trends, and future needs. This foundation is led by a committee of IIA Bombay Chapter – Mr. Naren Aneja, Mr. Nagesh Pinge, Mr. Anil Bhandari, Mr. Satish Shenoy and Mr. S Bhaskar. • IIA Bombay Chapter has identified “Verita Management Advisors” as its first research partner enabling IIA Bombay Chapter to launch this new initiative. Verita Management Advisors along with IIA Bombay Chapter, has developed this research document titled “Measuring the Impact of Internal Audit in Uncertain Times”.
About the Research Study • The research team designed a detailed research cum survey questionnaire that was circulated to 50 Chief Audit Executives (CAEs) of large and medium sized companies. The research team received replies from 30 participants predominantly from the Mumbai region. The research team also conducted 5 personal interviews with CAEs of leading corporate houses to obtain detailed replies on the direction of the IA function in uncertain economic times. • The research team received responses from varied sectors.
IA Value perception is tilted towards reassurance “The internal auditor’s job appears to have become one of reassuring senior management and the board of directors that their business is being run in a manner that satisfactorily deals with the risks it faces. It is not sufficient that those risks are avoided. Managements and boards are in a highly competitive environment and expect that risks are exploited so as to maximize shareholder value. Therefore, they expect to have a better ways of fine-tuning their response to specific risks than do their competitors. Bankers want to fine tune their response to credit risk in the hope that they can offer loans at lower rates of interest to their borrowers without compromising on credit risk cost. Other managements want to game regulations or contractual obligations hoping to steal a march over their competitors. Many companies have developed a (poor) reputation for changing the terms of Competitively won bids after winning them. Or they sail very close to the legal wind hoping that the regulator’s gust does not overturn their ship. Again, the only protection against disaster that managements and boards of companies that build their business on such practices have is a competent audit. Internal audit is required to possess ever greater degrees of expertise in the subjects that it is required to deal with. The days of the general internal auditor are over”. - Nawshir Mirza, Independent Director
Adding Value To The Audit Committee/ Board Of Directors Q 1: In uncertain times how does a modern day IA function add value to the Audit Committee/ Board of Directors? 93% of respondents agreed or strongly agreed that the IA function could add value by - Greater level of engagement with stakeholders - Enhance focus on compliances Graph - Closer monitoring of critical processes to isolate outliers - Adopting a leaner approach to audit by focusing on high risk areas Majority of the respondents agreed or strongly agreed on the following additional measures where the IA function could add value by: - Continuous Control Monitoring - Greater use of subject matter experts - Benchmarking of processes /indicators with competition Graph A large majority of respondents disagreed that the IA function could add value by: - Reducing the IA budget - 70% - Reducing internal talent and placing more reliance on outsourced service providers - 63% - Each audit mission to carry a value multiple target - 58%
Adding Value To The Audit Committee/ Board Of Directors
Adding Value To The Audit Committee/ Board Of Directors
Nurturing An Effective IA Function Q 2: What are the real differentiators between a performing Internal Audit function and a non- performing one? All the respondents agreed or strongly agreed that following measures are key differentiators between a performing IA function and a non-performing one: - Building continuous learning mechanisms - Implementation of Internal Audit Function – Performance score card - Adopting technology to provide a greater degree of assurance and add to the surveillance capabilities Majority of the respondents agreed or strongly agreed on the following additional differentiators: - Managing an appropriate balance between audit requirements and staffing levels - Attract and retain subject matter experts - On-time report delivery - Attract and retain quality service partners - Constant engagement with the chair of audit committee - Successful completion of annual audit calendar - Implementation focus - Automation of audit workflow - Exceed the expectation set by the audit committee
Nurturing An Effective IA Function
The New Business Risk Normal Q3. What are the new risk factors that you would like to address in an uncertain business environment? Order of Significance on a scale of 1 to 5 where 1 is least significant 28 respondents participated in ranking the new risk normal grid. The Top 5 rankings were given to the risks: - Rising cost pressures - Frauds - Growing compliance complexities - Liquidity, Lack of business resilience and inability to meet growing customer needs - Lack of innovation The respondents agreed that business and IA teams should focus their attention on Top 5 risk rankings in uncertain economic times.
The New Business Risk Normal
Measuring the Impact of IA • Percentage completion of the annual audit calendar. • Red flags identified by the internal audit team as “Early warning signals” on serious compliance and/ or control violations that would be have dire reputational consequences to the organization. • The trend of non-repeat audit observations made by the internal auditor during the year. Assessing how many known issues have been implemented by the management team. • The percentage of audit observations that could be classified as “Cost Savings” or “Revenue Leakage” opportunities. This is an effectiveness measure which indicates the element of effective value add by the internal audit function. • The productivity of the internal audit team in terms of available resources, audit per resource efficiency, audit cycle time, etc. • The percentage of High Risk/ Key audit observations identified by the internal audit team during the year. • The percentage of unimplemented/ uninitiated audit observations during the year. • Number and quality of instances highlighted of internal and/ or external benchmarking for standardization and organizational consistency. • Percentage achievement of audit goals, objectives and initiatives during the year. • IA acceptability, attention/ perception and satisfaction feedback from the executive management team. • IA budget on training, learning and development • IA ability to attract and retain talent especially subject matter experts • IA’s participation in on-going risk assessment projects • IA’s participation in on-going change management projects • IA’s participation in control advocacy and continuous improvement programs
A Global view on building a world class IA function One impact of this soul searching has been that leading companies are taking steps to build a world class IA function. They have realized that for IA to truly add business value their horizons must be broadened to cover the effectiveness of Enterprise Risk Management (ERM). Also as the crises showed, there is a high degree of interrelation between various risks and therefore management and IA should be cognizant of how each risk element impacts the other and the organization as a whole. Limiting the ambit of IA to traditional internal controls assessments focused on compliance, technology and financial controls is no longer sufficient. A key step toward building a world class internal audit would be to realign the focus of IA to these two key areas: • Strategic Risk • Execution Risk For IA leaders to win the proverbial “seat at the table” with other C Level executives, it is critical for them to be aware of the strategic landscape within their respective industries and how their organization’s strategy is set and executed within that environment. Internal Audit’s role should encompass an assessment of the organization strategy setting and execution processes. For e.g. how does the organization deal with the risks of an uncertain business environment? How does the organization identify and prepare for potential black swan events? The best strategic plans have to be backed by good execution. How often does an IA function get involved in assessing the execution risk to the organization’s strategy? Execution is after all is what translates strategy into actual results. IA should assess practices, processes and controls of the organization’s execution capabilities. – Uday Gulvadi, US based senior GRC professional
The Lean, Mean and Hungry tribe of Internal Auditors 1. CAE recruitment by the Chairman of the Audit Committee and not CEO 2. CAE role expanded to include dealing with whistle blower matters 3. Internal Benchmarking of best practices followed by SBUs and periodical recognition of best practices in IA knowledge sharing bulletins 4. Continuous control advocacy through quarterly knowledge forum meetings 5. Aligning the IA function to the “Voice of the Customer” through CAE induction in the business programs of the company 6. CAE participation as an observer in Key Business Review meetings conducted by the CEO 7. CAE personally participates in all audit closure meetings to ensure quality and timeliness 8. On-time audit reporting at audit closure meetings 9. Scoping the audit efforts through a Vital, Essential and Desirable Matrix approach based on core and non-core process bifurcation 10. Audit Champions play the lead coordination role to overcome audit delays/ auditee non-cooperation 11. Independent “Methods team” which documents SOPs and process narratives to keep the audit process live to current business realities
Thank you

Recommended

Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...
Pritesh Hirapara
 
Public_Sector_Governance1_1_ (1)
Public_Sector_Governance1_1_ (1)Public_Sector_Governance1_1_ (1)
Public_Sector_Governance1_1_ (1)Armando Settimi CAT, BBS, MBS, ACA, CIA
 
Atila Kas
Atila KasAtila Kas
Atila Kas
Alma Total Solutions
 
Internal controls maturity and SME corporate governanance
Internal controls maturity and SME corporate governananceInternal controls maturity and SME corporate governanance
Internal controls maturity and SME corporate governanance
Browne & Mohan
 
starbucks Audit_Committee_Charter
starbucks Audit_Committee_Charterstarbucks Audit_Committee_Charter
starbucks Audit_Committee_Charterfinance41
 
Presentation
PresentationPresentation
Presentationmenem1980
 
Key considerations for your internal audit plan
Key considerations for your internal audit planKey considerations for your internal audit plan
Key considerations for your internal audit plan
essbaih
 
Internal Audit Quality Assessment
Internal Audit Quality AssessmentInternal Audit Quality Assessment
Internal Audit Quality AssessmentMohammad Draidi
 

Recommended

Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...
Pritesh Hirapara
 
Public_Sector_Governance1_1_ (1)
Public_Sector_Governance1_1_ (1)Public_Sector_Governance1_1_ (1)
Public_Sector_Governance1_1_ (1)Armando Settimi CAT, BBS, MBS, ACA, CIA
 
Atila Kas
Atila KasAtila Kas
Atila Kas
Alma Total Solutions
 
Internal controls maturity and SME corporate governanance
Internal controls maturity and SME corporate governananceInternal controls maturity and SME corporate governanance
Internal controls maturity and SME corporate governanance
Browne & Mohan
 
starbucks Audit_Committee_Charter
starbucks Audit_Committee_Charterstarbucks Audit_Committee_Charter
starbucks Audit_Committee_Charterfinance41
 
Presentation
PresentationPresentation
Presentationmenem1980
 
Key considerations for your internal audit plan
Key considerations for your internal audit planKey considerations for your internal audit plan
Key considerations for your internal audit plan
essbaih
 
Internal Audit Quality Assessment
Internal Audit Quality AssessmentInternal Audit Quality Assessment
Internal Audit Quality AssessmentMohammad Draidi
 
Dtme mepov4 internal-audit-in-the-public-sector
Dtme mepov4 internal-audit-in-the-public-sectorDtme mepov4 internal-audit-in-the-public-sector
Dtme mepov4 internal-audit-in-the-public-sector
dfasas
 
Audit of Risk Management Final Report
Audit of Risk Management Final ReportAudit of Risk Management Final Report
Audit of Risk Management Final Report
essbaih
 
Reinventing Internal Audit Final April 2015
Reinventing Internal Audit Final April 2015Reinventing Internal Audit Final April 2015
Reinventing Internal Audit Final April 2015Tim Leech
 
Enterprise Risk Management & Organizational Excellence
Enterprise Risk Management & Organizational ExcellenceEnterprise Risk Management & Organizational Excellence
Enterprise Risk Management & Organizational Excellence
Eneni Oduwole
 
Maco presentation demystifying compliance and survey results
Maco presentation demystifying compliance and survey results Maco presentation demystifying compliance and survey results
Maco presentation demystifying compliance and survey results
Simon Grima
 
“Risk Based Internal Audit in Bangladesh Bank”
“Risk Based Internal Audit in Bangladesh Bank”“Risk Based Internal Audit in Bangladesh Bank”
“Risk Based Internal Audit in Bangladesh Bank”M Anwarul Hoque Tareque
 
Risk assessment and internal controls - Internal Audit
Risk assessment and internal controls - Internal AuditRisk assessment and internal controls - Internal Audit
Risk assessment and internal controls - Internal Audit
Smitesh Bhosale
 
Turning risk into opportunities
Turning risk into opportunitiesTurning risk into opportunities
Turning risk into opportunities
Manoj Agarwal
 
Managing with KPI's and KRI's
Managing with KPI's and KRI's Managing with KPI's and KRI's
Managing with KPI's and KRI's
Andrew Smart
 
Upgrading Risk Management and Internal Control in Your Organization
Upgrading Risk Management and Internal Control in Your OrganizationUpgrading Risk Management and Internal Control in Your Organization
Upgrading Risk Management and Internal Control in Your Organization
International Federation of Accountants
 
Audit Audit Commite And Risk Management
Audit Audit Commite And Risk ManagementAudit Audit Commite And Risk Management
Audit Audit Commite And Risk Management
Manoj Agarwal
 
Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditorsminkhollow
 
Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)
Mohammad Wahid Abdullah Khan
 
Reshaping the nigerian financial services sector
Reshaping the nigerian financial services sectorReshaping the nigerian financial services sector
Reshaping the nigerian financial services sector
Eneni Oduwole
 
Control Self Assessment
Control Self AssessmentControl Self Assessment
Control Self Assessment
Manoj Agarwal
 
Performance audit adding value
Performance audit adding valuePerformance audit adding value
Performance audit adding valueicgfmconference
 
Professional opportunities in Internal Audit
Professional opportunities in Internal AuditProfessional opportunities in Internal Audit
Professional opportunities in Internal Audit
Manoj Agarwal
 
Risk Based Quality Audit Part 1
Risk Based Quality Audit Part 1Risk Based Quality Audit Part 1
Risk Based Quality Audit Part 1Thomas Bradley
 
Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing function
Debashis Gupta
 
Effects Of Internal Audit Practices On Financial...
Effects Of Internal Audit Practices On Financial...Effects Of Internal Audit Practices On Financial...
Effects Of Internal Audit Practices On Financial...
Alison Reed
 
Risk based auditing
Risk based auditingRisk based auditing
Risk based auditing
Tunde Elijah Kelani
 
Value based internal auditing - Nilai Dasar Internal Audit
Value based internal auditing - Nilai Dasar Internal AuditValue based internal auditing - Nilai Dasar Internal Audit
Value based internal auditing - Nilai Dasar Internal Audit
Dr. Zar Rdj
 

More Related Content

What's hot

Dtme mepov4 internal-audit-in-the-public-sector
Dtme mepov4 internal-audit-in-the-public-sectorDtme mepov4 internal-audit-in-the-public-sector
Dtme mepov4 internal-audit-in-the-public-sector
dfasas
 
Audit of Risk Management Final Report
Audit of Risk Management Final ReportAudit of Risk Management Final Report
Audit of Risk Management Final Report
essbaih
 
Reinventing Internal Audit Final April 2015
Reinventing Internal Audit Final April 2015Reinventing Internal Audit Final April 2015
Reinventing Internal Audit Final April 2015Tim Leech
 
Enterprise Risk Management & Organizational Excellence
Enterprise Risk Management & Organizational ExcellenceEnterprise Risk Management & Organizational Excellence
Enterprise Risk Management & Organizational Excellence
Eneni Oduwole
 
Maco presentation demystifying compliance and survey results
Maco presentation demystifying compliance and survey results Maco presentation demystifying compliance and survey results
Maco presentation demystifying compliance and survey results
Simon Grima
 
“Risk Based Internal Audit in Bangladesh Bank”
“Risk Based Internal Audit in Bangladesh Bank”“Risk Based Internal Audit in Bangladesh Bank”
“Risk Based Internal Audit in Bangladesh Bank”M Anwarul Hoque Tareque
 
Risk assessment and internal controls - Internal Audit
Risk assessment and internal controls - Internal AuditRisk assessment and internal controls - Internal Audit
Risk assessment and internal controls - Internal Audit
Smitesh Bhosale
 
Turning risk into opportunities
Turning risk into opportunitiesTurning risk into opportunities
Turning risk into opportunities
Manoj Agarwal
 
Managing with KPI's and KRI's
Managing with KPI's and KRI's Managing with KPI's and KRI's
Managing with KPI's and KRI's
Andrew Smart
 
Upgrading Risk Management and Internal Control in Your Organization
Upgrading Risk Management and Internal Control in Your OrganizationUpgrading Risk Management and Internal Control in Your Organization
Upgrading Risk Management and Internal Control in Your Organization
International Federation of Accountants
 
Audit Audit Commite And Risk Management
Audit Audit Commite And Risk ManagementAudit Audit Commite And Risk Management
Audit Audit Commite And Risk Management
Manoj Agarwal
 
Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditorsminkhollow
 
Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)
Mohammad Wahid Abdullah Khan
 
Reshaping the nigerian financial services sector
Reshaping the nigerian financial services sectorReshaping the nigerian financial services sector
Reshaping the nigerian financial services sector
Eneni Oduwole
 
Control Self Assessment
Control Self AssessmentControl Self Assessment
Control Self Assessment
Manoj Agarwal
 
Performance audit adding value
Performance audit adding valuePerformance audit adding value
Performance audit adding valueicgfmconference
 
Professional opportunities in Internal Audit
Professional opportunities in Internal AuditProfessional opportunities in Internal Audit
Professional opportunities in Internal Audit
Manoj Agarwal
 
Risk Based Quality Audit Part 1
Risk Based Quality Audit Part 1Risk Based Quality Audit Part 1
Risk Based Quality Audit Part 1Thomas Bradley
 

What's hot (18)

Dtme mepov4 internal-audit-in-the-public-sector
Dtme mepov4 internal-audit-in-the-public-sectorDtme mepov4 internal-audit-in-the-public-sector
Dtme mepov4 internal-audit-in-the-public-sector
 
Audit of Risk Management Final Report
Audit of Risk Management Final ReportAudit of Risk Management Final Report
Audit of Risk Management Final Report
 
Reinventing Internal Audit Final April 2015
Reinventing Internal Audit Final April 2015Reinventing Internal Audit Final April 2015
Reinventing Internal Audit Final April 2015
 
Enterprise Risk Management & Organizational Excellence
Enterprise Risk Management & Organizational ExcellenceEnterprise Risk Management & Organizational Excellence
Enterprise Risk Management & Organizational Excellence
 
Maco presentation demystifying compliance and survey results
Maco presentation demystifying compliance and survey results Maco presentation demystifying compliance and survey results
Maco presentation demystifying compliance and survey results
 
“Risk Based Internal Audit in Bangladesh Bank”
“Risk Based Internal Audit in Bangladesh Bank”“Risk Based Internal Audit in Bangladesh Bank”
“Risk Based Internal Audit in Bangladesh Bank”
 
Risk assessment and internal controls - Internal Audit
Risk assessment and internal controls - Internal AuditRisk assessment and internal controls - Internal Audit
Risk assessment and internal controls - Internal Audit
 
Turning risk into opportunities
Turning risk into opportunitiesTurning risk into opportunities
Turning risk into opportunities
 
Managing with KPI's and KRI's
Managing with KPI's and KRI's Managing with KPI's and KRI's
Managing with KPI's and KRI's
 
Upgrading Risk Management and Internal Control in Your Organization
Upgrading Risk Management and Internal Control in Your OrganizationUpgrading Risk Management and Internal Control in Your Organization
Upgrading Risk Management and Internal Control in Your Organization
 
Audit Audit Commite And Risk Management
Audit Audit Commite And Risk ManagementAudit Audit Commite And Risk Management
Audit Audit Commite And Risk Management
 
Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditors
 
Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)
 
Reshaping the nigerian financial services sector
Reshaping the nigerian financial services sectorReshaping the nigerian financial services sector
Reshaping the nigerian financial services sector
 
Control Self Assessment
Control Self AssessmentControl Self Assessment
Control Self Assessment
 
Performance audit adding value
Performance audit adding valuePerformance audit adding value
Performance audit adding value
 
Professional opportunities in Internal Audit
Professional opportunities in Internal AuditProfessional opportunities in Internal Audit
Professional opportunities in Internal Audit
 
Risk Based Quality Audit Part 1
Risk Based Quality Audit Part 1Risk Based Quality Audit Part 1
Risk Based Quality Audit Part 1
 

Similar to Measuring the impact of Internal Audit

Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing function
Debashis Gupta
 
Effects Of Internal Audit Practices On Financial...
Effects Of Internal Audit Practices On Financial...Effects Of Internal Audit Practices On Financial...
Effects Of Internal Audit Practices On Financial...
Alison Reed
 
Risk based auditing
Risk based auditingRisk based auditing
Risk based auditing
Tunde Elijah Kelani
 
Value based internal auditing - Nilai Dasar Internal Audit
Value based internal auditing - Nilai Dasar Internal AuditValue based internal auditing - Nilai Dasar Internal Audit
Value based internal auditing - Nilai Dasar Internal Audit
Dr. Zar Rdj
 
Tyco Internal Audit Case Study
Tyco Internal Audit Case StudyTyco Internal Audit Case Study
Tyco Internal Audit Case Study
Jessica Myers
 
Risk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarRisk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches Webinar
Aviva Spectrum™
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal Audit
ArmeniaFED
 
Reinventing Internal Audit Final April 2015
Reinventing Internal Audit Final April 2015Reinventing Internal Audit Final April 2015
Reinventing Internal Audit Final April 2015Tim Leech
 
Internal auditing for boosting company performance in Dubai.pptx
Internal auditing for boosting company performance in Dubai.pptxInternal auditing for boosting company performance in Dubai.pptx
Internal auditing for boosting company performance in Dubai.pptx
CateSusen
 
The importance of value for money and perfomance based audits
The importance of value for money and perfomance based auditsThe importance of value for money and perfomance based audits
The importance of value for money and perfomance based audits
paul young cpa, cga
 
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORKPOSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
Haresh Lalwani
 
Internal Audit in Post COVID Era.pdf
Internal Audit in Post COVID Era.pdfInternal Audit in Post COVID Era.pdf
Internal Audit in Post COVID Era.pdf
Fiyona Nourin
 
Internal Audit Project
Internal Audit ProjectInternal Audit Project
Internal Audit Project
Soumeet Sarkar
 
Angela Witzany
Angela WitzanyAngela Witzany
Angela Witzany
Alma Total Solutions
 
internal audit function ans controller's role in investors relation
internal audit function ans controller's role in investors relation internal audit function ans controller's role in investors relation
internal audit function ans controller's role in investors relation
ArgentinaMorata
 
Fice Of Internal Audit
Fice Of Internal AuditFice Of Internal Audit
Fice Of Internal Audit
Christina Berger
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk ConsultingPrashant Jain
 
Internal Audit Services- PKC Management Consulting
Internal Audit Services- PKC Management ConsultingInternal Audit Services- PKC Management Consulting
Internal Audit Services- PKC Management Consulting
PKCIndia2
 
For model i 4a - 11 - risk assessment in the internal audit department
For model i 4a - 11 - risk assessment in the internal audit departmentFor model i 4a - 11 - risk assessment in the internal audit department
For model i 4a - 11 - risk assessment in the internal audit departmentRajeswaran Muthu Venkatachalam
 

Similar to Measuring the impact of Internal Audit (20)

Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing function
 
Effects Of Internal Audit Practices On Financial...
Effects Of Internal Audit Practices On Financial...Effects Of Internal Audit Practices On Financial...
Effects Of Internal Audit Practices On Financial...
 
Risk based auditing
Risk based auditingRisk based auditing
Risk based auditing
 
Value based internal auditing - Nilai Dasar Internal Audit
Value based internal auditing - Nilai Dasar Internal AuditValue based internal auditing - Nilai Dasar Internal Audit
Value based internal auditing - Nilai Dasar Internal Audit
 
Tyco Internal Audit Case Study
Tyco Internal Audit Case StudyTyco Internal Audit Case Study
Tyco Internal Audit Case Study
 
Risk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarRisk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches Webinar
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal Audit
 
Reinventing Internal Audit Final April 2015
Reinventing Internal Audit Final April 2015Reinventing Internal Audit Final April 2015
Reinventing Internal Audit Final April 2015
 
Internal auditing for boosting company performance in Dubai.pptx
Internal auditing for boosting company performance in Dubai.pptxInternal auditing for boosting company performance in Dubai.pptx
Internal auditing for boosting company performance in Dubai.pptx
 
The importance of value for money and perfomance based audits
The importance of value for money and perfomance based auditsThe importance of value for money and perfomance based audits
The importance of value for money and perfomance based audits
 
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORKPOSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
 
Internal Audit in Post COVID Era.pdf
Internal Audit in Post COVID Era.pdfInternal Audit in Post COVID Era.pdf
Internal Audit in Post COVID Era.pdf
 
Internal Audit Project
Internal Audit ProjectInternal Audit Project
Internal Audit Project
 
Angela Witzany
Angela WitzanyAngela Witzany
Angela Witzany
 
internal audit function ans controller's role in investors relation
internal audit function ans controller's role in investors relation internal audit function ans controller's role in investors relation
internal audit function ans controller's role in investors relation
 
Fice Of Internal Audit
Fice Of Internal AuditFice Of Internal Audit
Fice Of Internal Audit
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk Consulting
 
Internal Audit Services- PKC Management Consulting
Internal Audit Services- PKC Management ConsultingInternal Audit Services- PKC Management Consulting
Internal Audit Services- PKC Management Consulting
 
GRCICMAI
GRCICMAIGRCICMAI
GRCICMAI
 
For model i 4a - 11 - risk assessment in the internal audit department
For model i 4a - 11 - risk assessment in the internal audit departmentFor model i 4a - 11 - risk assessment in the internal audit department
For model i 4a - 11 - risk assessment in the internal audit department
 

Recently uploaded

Resolutions-Key-Interventions-28-May-2024.pdf
Resolutions-Key-Interventions-28-May-2024.pdfResolutions-Key-Interventions-28-May-2024.pdf
Resolutions-Key-Interventions-28-May-2024.pdf
bhavenpr
 
role of women and girls in various terror groups
role of women and girls in various terror groupsrole of women and girls in various terror groups
role of women and girls in various terror groups
sadiakorobi2
 
2024 is the point of certainty. Forecast of UIF experts
2024 is the point of certainty. Forecast of UIF experts2024 is the point of certainty. Forecast of UIF experts
2024 is the point of certainty. Forecast of UIF experts
olaola5673
 
03062024_First India Newspaper Jaipur.pdf
03062024_First India Newspaper Jaipur.pdf03062024_First India Newspaper Jaipur.pdf
03062024_First India Newspaper Jaipur.pdf
FIRST INDIA
 
Draft-1-Resolutions-Key-Interventions-.pdf
Draft-1-Resolutions-Key-Interventions-.pdfDraft-1-Resolutions-Key-Interventions-.pdf
Draft-1-Resolutions-Key-Interventions-.pdf
bhavenpr
 
Do Linguistics Still Matter in the Age of Large Language Models.pptx
Do Linguistics Still Matter in the Age of Large Language Models.pptxDo Linguistics Still Matter in the Age of Large Language Models.pptx
Do Linguistics Still Matter in the Age of Large Language Models.pptx
Slator- Language Industry Intelligence
 
AI and Covert Influence Operations: Latest Trends
AI and Covert Influence Operations: Latest TrendsAI and Covert Influence Operations: Latest Trends
AI and Covert Influence Operations: Latest Trends
CI kumparan
 
Codes n Conventionss copy (1).paaaaaaptx
Codes n Conventionss copy (1).paaaaaaptxCodes n Conventionss copy (1).paaaaaaptx
Codes n Conventionss copy (1).paaaaaaptx
ZackSpencer3
 
Preview of Court Document for Iseyin community
Preview of Court Document for Iseyin communityPreview of Court Document for Iseyin community
Preview of Court Document for Iseyin community
contact193699
 
Sharjeel-Imam-Judgement-CRLA-215-2024_29-05-2024.pdf
Sharjeel-Imam-Judgement-CRLA-215-2024_29-05-2024.pdfSharjeel-Imam-Judgement-CRLA-215-2024_29-05-2024.pdf
Sharjeel-Imam-Judgement-CRLA-215-2024_29-05-2024.pdf
bhavenpr
 
Hogan Comes Home: an MIA WWII crewman is returned
Hogan Comes Home: an MIA WWII crewman is returnedHogan Comes Home: an MIA WWII crewman is returned
Hogan Comes Home: an MIA WWII crewman is returned
rbakerj2
 
31052024_First India Newspaper Jaipur.pdf
31052024_First India Newspaper Jaipur.pdf31052024_First India Newspaper Jaipur.pdf
31052024_First India Newspaper Jaipur.pdf
FIRST INDIA
 
01062024_First India Newspaper Jaipur.pdf
01062024_First India Newspaper Jaipur.pdf01062024_First India Newspaper Jaipur.pdf
01062024_First India Newspaper Jaipur.pdf
FIRST INDIA
 

Recently uploaded (13)

Resolutions-Key-Interventions-28-May-2024.pdf
Resolutions-Key-Interventions-28-May-2024.pdfResolutions-Key-Interventions-28-May-2024.pdf
Resolutions-Key-Interventions-28-May-2024.pdf
 
role of women and girls in various terror groups
role of women and girls in various terror groupsrole of women and girls in various terror groups
role of women and girls in various terror groups
 
2024 is the point of certainty. Forecast of UIF experts
2024 is the point of certainty. Forecast of UIF experts2024 is the point of certainty. Forecast of UIF experts
2024 is the point of certainty. Forecast of UIF experts
 
03062024_First India Newspaper Jaipur.pdf
03062024_First India Newspaper Jaipur.pdf03062024_First India Newspaper Jaipur.pdf
03062024_First India Newspaper Jaipur.pdf
 
Draft-1-Resolutions-Key-Interventions-.pdf
Draft-1-Resolutions-Key-Interventions-.pdfDraft-1-Resolutions-Key-Interventions-.pdf
Draft-1-Resolutions-Key-Interventions-.pdf
 
Do Linguistics Still Matter in the Age of Large Language Models.pptx
Do Linguistics Still Matter in the Age of Large Language Models.pptxDo Linguistics Still Matter in the Age of Large Language Models.pptx
Do Linguistics Still Matter in the Age of Large Language Models.pptx
 
AI and Covert Influence Operations: Latest Trends
AI and Covert Influence Operations: Latest TrendsAI and Covert Influence Operations: Latest Trends
AI and Covert Influence Operations: Latest Trends
 
Codes n Conventionss copy (1).paaaaaaptx
Codes n Conventionss copy (1).paaaaaaptxCodes n Conventionss copy (1).paaaaaaptx
Codes n Conventionss copy (1).paaaaaaptx
 
Preview of Court Document for Iseyin community
Preview of Court Document for Iseyin communityPreview of Court Document for Iseyin community
Preview of Court Document for Iseyin community
 
Sharjeel-Imam-Judgement-CRLA-215-2024_29-05-2024.pdf
Sharjeel-Imam-Judgement-CRLA-215-2024_29-05-2024.pdfSharjeel-Imam-Judgement-CRLA-215-2024_29-05-2024.pdf
Sharjeel-Imam-Judgement-CRLA-215-2024_29-05-2024.pdf
 
Hogan Comes Home: an MIA WWII crewman is returned
Hogan Comes Home: an MIA WWII crewman is returnedHogan Comes Home: an MIA WWII crewman is returned
Hogan Comes Home: an MIA WWII crewman is returned
 
31052024_First India Newspaper Jaipur.pdf
31052024_First India Newspaper Jaipur.pdf31052024_First India Newspaper Jaipur.pdf
31052024_First India Newspaper Jaipur.pdf
 
01062024_First India Newspaper Jaipur.pdf
01062024_First India Newspaper Jaipur.pdf01062024_First India Newspaper Jaipur.pdf
01062024_First India Newspaper Jaipur.pdf
 

Measuring the impact of Internal Audit

  • 1. Measuring the Impact of Internal Audit in Uncertain Times IIA Bombay Chapter Research Foundation Project 20 November 2012
  • 2. About the IIA Bombay Research Foundation • IIA Bombay Chapter has recently launched “IIA Bombay Research Foundation” with the objective of being the research arm of The IIA Bombay Chapter conducted by thought leaders in the profession. • The Foundation aims to be a driving force for the continuous evolution of the profession through conducting surveys, publishing research reports covering the full spectrum of issues facing the profession and through such other initiatives that explore current issues, emerging trends, and future needs. This foundation is led by a committee of IIA Bombay Chapter – Mr. Naren Aneja, Mr. Nagesh Pinge, Mr. Anil Bhandari, Mr. Satish Shenoy and Mr. S Bhaskar. • IIA Bombay Chapter has identified “Verita Management Advisors” as its first research partner enabling IIA Bombay Chapter to launch this new initiative. Verita Management Advisors along with IIA Bombay Chapter, has developed this research document titled “Measuring the Impact of Internal Audit in Uncertain Times”.
  • 3. About the Research Study • The research team designed a detailed research cum survey questionnaire that was circulated to 50 Chief Audit Executives (CAEs) of large and medium sized companies. The research team received replies from 30 participants predominantly from the Mumbai region. The research team also conducted 5 personal interviews with CAEs of leading corporate houses to obtain detailed replies on the direction of the IA function in uncertain economic times. • The research team received responses from varied sectors.
  • 4. IA Value perception is tilted towards reassurance “The internal auditor’s job appears to have become one of reassuring senior management and the board of directors that their business is being run in a manner that satisfactorily deals with the risks it faces. It is not sufficient that those risks are avoided. Managements and boards are in a highly competitive environment and expect that risks are exploited so as to maximize shareholder value. Therefore, they expect to have a better ways of fine-tuning their response to specific risks than do their competitors. Bankers want to fine tune their response to credit risk in the hope that they can offer loans at lower rates of interest to their borrowers without compromising on credit risk cost. Other managements want to game regulations or contractual obligations hoping to steal a march over their competitors. Many companies have developed a (poor) reputation for changing the terms of Competitively won bids after winning them. Or they sail very close to the legal wind hoping that the regulator’s gust does not overturn their ship. Again, the only protection against disaster that managements and boards of companies that build their business on such practices have is a competent audit. Internal audit is required to possess ever greater degrees of expertise in the subjects that it is required to deal with. The days of the general internal auditor are over”. - Nawshir Mirza, Independent Director
  • 5. Adding Value To The Audit Committee/ Board Of Directors Q 1: In uncertain times how does a modern day IA function add value to the Audit Committee/ Board of Directors? 93% of respondents agreed or strongly agreed that the IA function could add value by - Greater level of engagement with stakeholders - Enhance focus on compliances Graph - Closer monitoring of critical processes to isolate outliers - Adopting a leaner approach to audit by focusing on high risk areas Majority of the respondents agreed or strongly agreed on the following additional measures where the IA function could add value by: - Continuous Control Monitoring - Greater use of subject matter experts - Benchmarking of processes /indicators with competition Graph A large majority of respondents disagreed that the IA function could add value by: - Reducing the IA budget - 70% - Reducing internal talent and placing more reliance on outsourced service providers - 63% - Each audit mission to carry a value multiple target - 58%
  • 6. Adding Value To The Audit Committee/ Board Of Directors
  • 7. Adding Value To The Audit Committee/ Board Of Directors
  • 8. Nurturing An Effective IA Function Q 2: What are the real differentiators between a performing Internal Audit function and a non- performing one? All the respondents agreed or strongly agreed that following measures are key differentiators between a performing IA function and a non-performing one: - Building continuous learning mechanisms - Implementation of Internal Audit Function – Performance score card - Adopting technology to provide a greater degree of assurance and add to the surveillance capabilities Majority of the respondents agreed or strongly agreed on the following additional differentiators: - Managing an appropriate balance between audit requirements and staffing levels - Attract and retain subject matter experts - On-time report delivery - Attract and retain quality service partners - Constant engagement with the chair of audit committee - Successful completion of annual audit calendar - Implementation focus - Automation of audit workflow - Exceed the expectation set by the audit committee
  • 10. The New Business Risk Normal Q3. What are the new risk factors that you would like to address in an uncertain business environment? Order of Significance on a scale of 1 to 5 where 1 is least significant 28 respondents participated in ranking the new risk normal grid. The Top 5 rankings were given to the risks: - Rising cost pressures - Frauds - Growing compliance complexities - Liquidity, Lack of business resilience and inability to meet growing customer needs - Lack of innovation The respondents agreed that business and IA teams should focus their attention on Top 5 risk rankings in uncertain economic times.
  • 11. The New Business Risk Normal
  • 12. Measuring the Impact of IA • Percentage completion of the annual audit calendar. • Red flags identified by the internal audit team as “Early warning signals” on serious compliance and/ or control violations that would be have dire reputational consequences to the organization. • The trend of non-repeat audit observations made by the internal auditor during the year. Assessing how many known issues have been implemented by the management team. • The percentage of audit observations that could be classified as “Cost Savings” or “Revenue Leakage” opportunities. This is an effectiveness measure which indicates the element of effective value add by the internal audit function. • The productivity of the internal audit team in terms of available resources, audit per resource efficiency, audit cycle time, etc. • The percentage of High Risk/ Key audit observations identified by the internal audit team during the year. • The percentage of unimplemented/ uninitiated audit observations during the year. • Number and quality of instances highlighted of internal and/ or external benchmarking for standardization and organizational consistency. • Percentage achievement of audit goals, objectives and initiatives during the year. • IA acceptability, attention/ perception and satisfaction feedback from the executive management team. • IA budget on training, learning and development • IA ability to attract and retain talent especially subject matter experts • IA’s participation in on-going risk assessment projects • IA’s participation in on-going change management projects • IA’s participation in control advocacy and continuous improvement programs
  • 13. A Global view on building a world class IA function One impact of this soul searching has been that leading companies are taking steps to build a world class IA function. They have realized that for IA to truly add business value their horizons must be broadened to cover the effectiveness of Enterprise Risk Management (ERM). Also as the crises showed, there is a high degree of interrelation between various risks and therefore management and IA should be cognizant of how each risk element impacts the other and the organization as a whole. Limiting the ambit of IA to traditional internal controls assessments focused on compliance, technology and financial controls is no longer sufficient. A key step toward building a world class internal audit would be to realign the focus of IA to these two key areas: • Strategic Risk • Execution Risk For IA leaders to win the proverbial “seat at the table” with other C Level executives, it is critical for them to be aware of the strategic landscape within their respective industries and how their organization’s strategy is set and executed within that environment. Internal Audit’s role should encompass an assessment of the organization strategy setting and execution processes. For e.g. how does the organization deal with the risks of an uncertain business environment? How does the organization identify and prepare for potential black swan events? The best strategic plans have to be backed by good execution. How often does an IA function get involved in assessing the execution risk to the organization’s strategy? Execution is after all is what translates strategy into actual results. IA should assess practices, processes and controls of the organization’s execution capabilities. – Uday Gulvadi, US based senior GRC professional
  • 14. The Lean, Mean and Hungry tribe of Internal Auditors 1. CAE recruitment by the Chairman of the Audit Committee and not CEO 2. CAE role expanded to include dealing with whistle blower matters 3. Internal Benchmarking of best practices followed by SBUs and periodical recognition of best practices in IA knowledge sharing bulletins 4. Continuous control advocacy through quarterly knowledge forum meetings 5. Aligning the IA function to the “Voice of the Customer” through CAE induction in the business programs of the company 6. CAE participation as an observer in Key Business Review meetings conducted by the CEO 7. CAE personally participates in all audit closure meetings to ensure quality and timeliness 8. On-time audit reporting at audit closure meetings 9. Scoping the audit efforts through a Vital, Essential and Desirable Matrix approach based on core and non-core process bifurcation 10. Audit Champions play the lead coordination role to overcome audit delays/ auditee non-cooperation 11. Independent “Methods team” which documents SOPs and process narratives to keep the audit process live to current business realities