Once upon a time, internal audit departments were busy enough with reviewing financial statements and Sarbanes-Oxley compliance. But as company risks have exploded in recent years, the modern audit department has had to reconfigure its skills and priorities to match.
Today’s internal audit department is—or at least, should be—focusing far more on the top risks and strategic objectives of the organization and assuring the audit plan is carefully aligned with those risks and objectives, says Richard Chambers, president and CEO of the Institute of Internal Auditors. “The modern audit function has a keen understanding of the risks in an organization and how to craft a program of audit coverage that addresses those risks while simultaneously meeting the expressed needs of stakeholders,” he says.
