Surveys, papers provide plenty of advice for internal auditors

Like Crocuses blooming in springtime, a whole crop of surveys and studies have emerged in the past few weeks to give internal auditors and others tied to corporate reporting some new insights on where to find performance and reporting improvements that stakeholders are demanding.

From KPMG and Forbes, a survey of more than 400 CFOs and audit committee members reveals a gap between the value they seek out of the internal audit function and the value they actually receive. Nearly 60 percent said they would welcome help in assessing risks and risk-managing practices, but only 22 percent said they get that from internal audit; 36 percent said they would like to see an informed perspective on emerging risks coming from the internal audit shop, but only 5 percent actually see it.

The study provides three major themes that chief audit executives should consider in terms of how they could increase the value they provide to CFOs and audit committees, says Craig Carter, a KPMG principal in internal audit, risk, and compliance services. “There’s a need to translate the value of the internal audit function into more than black-and-white compliance,” he says. “There’s also a need to take a new approach around risk and be much more effective at identifying and addressing emerging risks.”

The survey also suggests internal auditors have an opportunity to better leverage technology, says Carter, and not just in using more data analytics to provide more insight. “There’s clear linkage in the survey between leveraging technology and improving the speed, the effectiveness and the efficiency of the audit,” he says. Survey respondents indicated they'd like to see internal audit employ more subject matter expertise in providing audit results, to help audits move beyond a focus on compliance to providing more insights on strategic imperatives and potential operational improvements, he says.

From EY, a global survey of 1,000 CFOs at companies with at least $500 million in revenue shows a diminishing confidence in the quality of information provided through the full spectrum of corporate reporting. Only 55 percent of CFOs said they were confident in the degree of compliance compared with 84 percent the year before; only 45 percent said they felt confident in the clarity and relevance of information provided through their corporate reporting, down from 67 percent in 2014. Less than half said their reporting was effective in securing the confidence of the board, down from 71 percent a year earlier.

Peter Wollman, a financial accounting advisory services leader for EY, says the CFO agenda has changed in recent times to extend beyond strictly financial functions. “Today, the CFO is getting more into the chief operating officer’s role,” he says. “The risk environment has changed significantly the regulatory expectations, and the consequence is a demand for risk mitigation from the CFO.” As with the KPMG survey, the EY survey says technology emerges as a big theme of concern for CFOs.

From the Institute of Internal Auditors, a new report provides some food for thought for internal auditors regarding how well they are meeting the needs of the audit committee specifically. Authored by former COSO chairman Larry Rittenberg, the paper also explores whether the internal audit function is getting the support and oversight it needs to operate effectively.

The paper is based on the findings of the IIA’s 2015 Common Body of Knowledge study, a global survey of internal auditors. The report says too many organizations still do not have effective audit committees, and audit committees are all over the map in terms of how frequently they meet, sometimes based on the maturity of the committee. “The opportunity for internal audit to meet the board and audit committee in executive sessions without management present is quite low in some some regions and needs to be improved,” the report says.

Finally, the IIA’s Research Foundation is taking orders for its newest book, published with Grant Thornton, that explores how internal audit can raise its game using data analytics. Titled Data Analytics: Elevating Internal Audit’s Value, the book promises to explain how internal auditors can develop a data analytics framework and use it to accomplish multiple audit objectives.

CAEs will learn, the IIARF says, how data mining and data analytics can enhance internal audit efficiency, how to eliminate redundant data mining and analysis efforts across the organization, and how to determine the effort necessary to maximize the framework. The book begins shipping in March.