Stay up-to-date with topical issues from the world of internal audit and discover how industry professionals are shaping the market.
Explore our extensive back-catalogue of A&R features below
Winning the Audit & Risk Inspirational Leader Award may not quite make up for Gareth Cronin’s early disappointment at not making the Irish football team. However, it does demonstrate his continuing commitment to teamwork and his ambition to coach the best performances out of his colleagues.
“When business environments evolve at the speed of risk, innovative internal auditors must be willing to venture beyond process improvement to envision complete process transformation,” writes Richard F Chambers, president and CEO of IIA Global.
The best internal audit functions are tackling innovation head on. Whether developing advanced analytics capabilities, moving into uncharted territory with new types of audits or dedicating time to generating ideas, forward-thinking functions are becoming crucibles of change.
It is often said that an organisation’s workforce is its most valuable asset, but it can also be its biggest liability if an employee – accidentally or deliberately – causes a problem that produces potentially calamitous results.
Our technical helpline provides valuable advice to members on a host of professional issues. Here are some of the questions you’ve recently asked.
All organisations with a payroll of more than £3m are currently paying into a government-run apprenticeship levy, but much of this money remains unclaimed. Heads of internal audit who are keen to train up their teams should therefore be setting the new apprenticeships in internal audit in their sights.
Modern technology, data analytics software and communication aids ought to have made project failures a thing of the past. Yet as customers of Govia Thameslink and TSB, among many others, discovered in the past year, too many projects still fail or experience significant teething problems. What can internal audit do to help?
Healthcare giant Sanofi adopted Wolters Kluwer’s TeamMate+ to integrate processes across a new internal control department and internal audit. It soon found that it opened up far greater assurance possibilities across the global organisation.
Employee mental health problems are still not addressed as openly and supportively as physical ill-health issues. But more companies are now proactively addressing mental health at work, and the good news is that there are simple things all organisations could do.
UK corporate governance is set for change: recent months have seen the publication of the Wates Principles, which establish a new code for large private companies, and a scathing indictment of the Financial Reporting Council by Sir John Kingman. Further reviews of the audit profession are in progress.
The Audit & Risk 2018 Awards winners were announced and celebrated at an event hosted by PwC in London on 5 December. The awards were presented by Paul Manning, president of the Chartered IIA.
In the light of the government’s new Civil Society Strategy, Professor Jeffrey Ridley CIA FIIA explains why internal audit should be involved in social responsibility auditing.
Climate change risk has been slow to get on the boardroom agenda in many organisations, but there are signs that the subject is getting hotter and that the regulators are keen to make it a priority. What can internal auditors do?
"Civil servants are used to getting on with the job despite external pressures, but this has been unique in its complexity and the nature of its challenges," says Margaret Stephens, chair of the audit committee, Department for Exiting the European Union.
“Handled poorly, even a minor conflict can escalate into a fight, and nobody wins when auditors battle with their clients," writes Richard F Chambers, president and CEO of IIA Global.
“Many traditional practices are enormously effective and we should retain these, but we must also try new approaches. We have to change, both internally and externally. Our future depends on it,” says Richard F Chambers, president and CEO of IIA Global.
“Intellectual curiosity has been identified as a fundamental characteristic of the best internal auditors. And truly intellectually curious internal auditors are not satisfied until they know not just how things happen, but why,” writes Richard F Chambers, president and CEO of IIA Global.
Having courage in auditing areas that are challenging, or raising and negotiating difficult recommendations, enhances our reputation. It shows we can bring value to ensuring the continued success of our organisations, writes Steve Stanbury, director of internal audit at City, University of London.
A diverse workforce is essential for teams to benefit from fresh ideas, the best pool of talent and varied experiences. How can auditors help?
What is the future of internal audit? Futurist Ben Hammersley explains why the super powers created by new technology make an impartial human view more vital than ever.
When Janet Chapman became chief internal auditor at Nationwide Building Society, she saw an opportunity to use existing technology more effectively and to introduce agile techniques. The results have exceeded her most optimistic expectations.
Management is responsible for corrective action, but internal auditors can make a huge difference to whether action plans are completed within set timeframes, says Richard F Chambers, president and CEO of IIA Global.
We deserve a seat at the top table, but our potential is sometimes limited when we don't have the benefit of the broader perspective and deeper insight that a more connected profession could deliver, says Derek Jamieson, senior manager KPMG and non-executive director.
Organised crime thrives at times of disruption, but the increasing power of technology means that its tentacles can now reach out from key operating regions in new and more effective ways. Journalist Misha Glenny, author of McMafia: A Journey Through the Global Criminal Underworld, considers what businesses can do to protect themselves.
Impact guru Esther Stanhope explains why everyone can benefit from brushing up their communication skills – and, more importantly, how to do it.
What part can internal auditors play in helping executives to reduce bias and promote deep-rooted trust in their brands? Read on to find out.
The final report of Parliament’s Work and Pensions, and Business, Energy and Industrial Strategy Committees into the collapse of Carillion highlights a catalogue of errors, oversights and wildly reckless behaviour. Once again, MPs are asking how we can improve corporate governance. What role should internal audit play and how can it make its challenges heard more clearly?
Enlightened organisations with qualified and fully resourced internal audit teams are trailblazers and should be celebrated, but there are many others out there who could benefit from greater exposure to good internal auditing. Regional Chartered IIA volunteers can help this, both by helping to provide events that hone auditing skills and, perhaps more importantly, helping to spread the word about what good looks like and where people can find out more.
The Grenfell Tower tragedy has cast a long shadow. Boards in relevant sectors want to know that fire and other buildings’ safety risks are being effectively managed and mitigated, but without adequate regulation and guidance, there’s every chance mistakes will be repeated.
Reputational risk can be seen as an intangible that is too conceptual to audit, but that is not the case. As metrics become more sophisticated, and given that reputation can make or break a company, internal audit will be expected to offer assurance in this area.
Despite the fact that data analytics and Computer Assisted Audit Techniques (CAAT) have been part of auditing for nearly 30 years, many organisations are still struggling with the implementation of effective data analytics to enhance internal audit quality and effectiveness. Experts at Beinex Consulting offer advice and help.
Wolters Kluwer’s TeamMate solution is already used by organisations across the world to streamline their internal audit processes, generate reports, produce dashboards and monitor follow-up actions. Now TeamMate+ takes the software to a new level. We find out what this means in practice to a global food manufacturer.
Good internal auditors learn from their own missteps and try not to repeat them – but the best learn from the blunders of others, says Richard F Chambers, president and CEO of IIA Global.
Dr Helen Pankhurst is the granddaughter and great-granddaughter of Suffragettes and,100 years after her ancestors helped gain women the vote, she will explain to delegates at Internal Audit 2018 why this is a crucial time to continue the campaign for women’s equality.
Rebuilding this trust was one of the topics on the agenda at the Chartered IIA’s Internal Audit 2018 conference, where it was discussed by a panel chaired by Liam Halligan, economist, broadcaster and Sunday Telegraph columnist.
Once the head of internal audit would report major concerns to the audit committee and that would be that. Now there are a number of areas that are so complex that the conversation needs to go deeper, writes Chris Jones, audit committee chair, Santander UK, and audit committee member, Wellcome Trust.
Organisations and their risk profiles are evolving rapidly, and so too must internal audit if it is to stay relevant and deliver changing assurance requirements. What will you and your team need to be in future?
Those who do not learn from history are doomed to repeat it. Barclays Data Analytics Team won last year’s Audit & Risk Award for Best Use of Technology. They explain how they are using historical data to identify what is likely to be significant in the future.
As technology develops and IT departments become ever more crucial it can be easy for others in the organisation to leave critical decisions to the IT experts or, conversely, to become paralysed with fright about the risks. So what can internal auditors offer IT?
It is critical for for internal auditors to understand how effective audit committees function and their role in ensuring this, says Taff Gidi. Understand why.
In each internal audit staffing decision, we perform a strategic balancing act between risk mitigation and such factors as headcount, qualifications and budget, writes Richard F Chambers, president and CEO of IIA Global.
Professor Jeffrey Ridley CIA FIIA explains why he believes professional internal auditors should be responsible for auditing to create a better civil society for all.
Whether you believe artificial intelligence is the key to a glorious future or a one-way route to a machine-dominated dystopia, recent developments mean that many organisations can no longer afford to ignore its potential benefits – or its risks. What questions should internal audit be asking?
Liberal capitalism is a force for good and for progress – but we need major changes to make our systems fit for a brighter, more civilised future that benefits everyone, says Lord Daniel Finkelstein, a keynote speaker at Internal Audit 2018.
Alison McFadyen, group head of internal audit at Standard Chartered Bank, explains why diversity in banking and in internal audit is critical, why technology is too important to leave to external experts and why the last thing you want is a homogeneous internal audit team.
The world is changing, but changing a large internal audit function to keep pace is never easy. Lloyds Banking Group has come up with an innovation hub to generate ideas and evolve, develop and implement change projects.
A new piece of research by the Chartered IIA shows that internal audit in the public sector is a varied, challenging and rewarding career that is increasingly valued by management and the public – however, it is still under-publicised as a career option. Why?
Identifying and attracting people who have the potential to be leaders is a constant challenge. Sophie Henderson opted to join Standard Life Aberdeen’s internal audit team straight from school and went on to win the Audit & Risk Award for Best Newcomer in 2017. What singled her out and what effect has the award had on her career?
Tom Turner, CEO of BitSight, argues the case for the need for effective third-party risk management in financial services.
When Barclays Internal Audit looked into the benefits of adopting “agile” techniques its managers had little idea about what these would mean in practice, or what they could offer their sector. Two years later, agile is transforming the way they conduct audits.
In the first of a series of articles on different organisational functions we look at the relationship between internal audit and HR and ask how it is changing – and how it will need to develop further – to meet the needs of organisations in future.
Long-awaited European rules on the handling of personal data come into effect on 25 May, and there are stiff penalties for organisations that fail to comply. What do internal auditors need to ask?
Find out how DWP won the Audit & Risk Award for Outstanding Team Public Sector in 2017.
IT security is now too important to be left to IT alone. Jim Doggett, SVP and CISO, Panaseer explains why IT teams must work together with risk functions and combine crucial data to address cyber risks. If they do not, crucial links may be missed. What does internal audit need to know and what should auditors be checking?
Recent regulatory cases have highlighted the concept of legal privilege. Susan Hopcraft, partner at Wright Hassall LLP, explains what internal auditors need to know.
Charities must tread carefully when raising money. Accepting cash today may deter future donations, so consistent, formalised due diligence is a must to mitigate donor risks.
Craig Donaldson, CEO of Metro Bank, addressed delegates at the Chartered IIA’s Leaders’ Conference on 15 March 2018 on “The CEO and audit committee’s expectations of audit in a rapidly changing world”. Here's a snapshot of what he had to say.
It’s a safe bet that, in organisations where internal auditors are unaware of crisis-response procedures, other employees also are uninformed. This is a recipe for disaster: critical events don’t happen by appointment,” writes Richard F Chambers, president and CEO of IIA Global.
Change is not an easy process. A theme running through any transformation is clear and honest communication. This builds trust and allows a cycle of feedback and improvement to occur, says Andrew Baker, group audit director, BGL Group.
Risks associated with innovation, and failure to innovate, have risen to the top of boards’ agendas – yet innovation programmes are notorious for soaking up cash and management time with no guaranteed results. What can internal audit do to help organisations hatch the precious golden eggs, while keeping a close eye on strategy, progress and results?
Shortly after most of the civil service internal audit function was amalgamated in the Government Internal Audit Agency, trainees studying for their audit qualifications were invited to form a Trainee Network, run by trainees for trainees. This proved such a success that it’s now struggling to meet demand. What’s its secret?
Internal audit at Rolls-Royce has been busy – while supporting an SFO investigation and completing their audit schedule they have implemented a total assurance programme, introduced root-cause analysis, transformed reports and introduced new communications. These and other improvements won them the Audit & Risk Award for Outstanding Team Private Sector 2017.
Why should internal auditors all be thinking more about root-cause analysis? We explain.
In many ways the writing was on the wall for Carillion long before its demise. Why, then, did its customers and suppliers not take heed, and what lessons can be learned from the collapse of one of the government’s largest contractors?
Chief audit executives across Europe have revealed the key risks that feature highest on their agendas for 2018. What is in the report and why should you download it today?
Vision and values: After 24 years in internal audit, Mike Taylor, the new Chartered IIA president, still believes that audit is exciting, life is fun and challenges should be relished. He explains what he and the institute plan for the year ahead and why he wants others to get involved.
Internal auditors who sit on the sidelines and fail to call out inefficiency, waste, fraud or mismanagement are spectators. Ideally, they will spot troubling issues as they form and blow the whistle before play begins, writes Richard F Chambers, president and CEO of IIA Global.
Hear from Katey Arrowsmith, then head of finance strategy at Medway Council, on internal audit from a client's perspective.
Some sectors have been highlighting problems recruiting and retaining the skilled staff they depend on for years, but the Brexit negotiations, increased pressure for greater diversity on boards and demographic shifts mean that the risk of skills gaps and problems filling key roles should be on every organisation’s agenda. So what should internal audit look for?
Gemma Smith explains why inheriting a far from perfect EQA report when she embarked on a new head of internal audit job gave her guidelines for an improvement plan that, three years’ later, led to a very different EQA result.
A known target for rogue employees and criminal hackers, social media can look like a portal to peril, so should we continue to use it? My view is yes we should, but we must do so with caution, writes Ross Thomson, principal consultant at Amethyst Risk.
The FRC’s Corporate Governance Code was launched 25 years ago, yet corporate governance has never been higher on the political agenda. This is why the Chartered IIA believes it is the ideal time to advocate the work of internal auditors at the top table. The clock is ticking. What has happened so far and what do you need to know now?
James Grigor, director of group audit and risk at BT, explains how his team has risen to meet substantial challenges over the past couple of years and what it meant to win the 2016 Audit & Risk Award for Outstanding Team – Private Sector.
Guidance to help organisations meet human rights obligations has thrown the spotlight on internal audit as a function ideally placed to provide assurance to stakeholders. What do internal auditors need to know?
Well-functioning whistleblowing procedures help draw attention to misconduct and can mean the difference between an organisation’s success and failure. But all too often employees fear speaking up or are victimised for doing so.
Steven Kelly asks what internal auditors can do to help ensure that non-executive directors and the independent boards they sit on are truly effective at challenging management.
Assurance mapping is becoming essential for modern, relevant internal audit, but it remains a challenge for many teams, partly because it can't be done in isolation. Explore what is meant by assurance mapping.
Hear from Katya Adler on the Brexit situation and what it means for businesses.
Karen Bassett, chief internal auditor for Leeds Building Society, explains how she helped to set up an internal audit panel for the mutual sector, embarked on an organisation-wide culture audit and put her team through an external quality assessment, all of which contributed to her winning an Audit & Risk Award for Inspirational Leader in 2016.
The Modern Slavery Act is prompting companies to think more carefully about their unwitting engagement in forced labour, with some positive results. But how many companies are looking widely enough?
The government has made clear its intention to improve one of the country’s starkest inequalities: the disability employment gap. Understand what role internal audit has to play in that process.
An external quality assessment is always nerve-wracking, even when you know you’re doing well. The Chartered IIA completed a review of the EQAs it has undertaken. So what did it learn?
Ian Douglas offers advice on how to ensure your reports inform, rather than confuse, your readers.
Organisations are increasingly at risk from problems in their supply chains – from physical issues that disrupt supplies or services to legal demands for accountability over practices such as forced labour and bribery. What can internal audit do to help?
As the corporate risk environment grows ever more complex, the expectation of – and pressure on – internal audit increases. This requires new ways of thinking about risk and effective, efficient audit approaches, as we explore.
"Managing a business is not just about driving top-line growth, it should also be about managing the risks to growth. Internal audit plays a vital role in assessing whether we are doing both well,” says Rogerio Ribeiro, senior vice-president pharmaceuticals, emerging markets and Australasia, GSK.
Sir Vince Cable discusses Donald Trump, Brexit, the role of economists in forecasting the future and how to deal with global uncertainty.
Boards need assurance that the executive has taken pertinent geopolitical risks into consideration. Find out what this means for internal audit.
There are always challenges involved in setting up an entirely new internal audit function, but these multiply when the organisation concerned is also new and working in a critical and highly sensitive, yet also untested area.
A key report by the Chartered IIA examines the pros and cons of data analytics and finds out how internal auditors are using these tools.
We cannot prevent worst case scenarios from happening, but we can ensure that we pick up the pieces and keep operations going in even the most nightmarish of situations. What is resilience and how do you get it?
Strong technical and analytical skills helped Christine Sylvain, internal audit trainee at DWP, to identify improvements to internal audit systems when she joined the organisation in 2015. But it was her ability to create solutions and persuade others to take these seriously that won her the 2016 Audit & Risk award for Best Newcomer.
As an increasing number of companies start to use machine learning tools. Thomas Baumann, IT performance architect at Swiss Mobiliar, asks how machine learning can help internal auditors in their work and how technology with a machine learning core can be audited.
Cyber criminals are employing ever more sophisticated ways to hack into organisation's databases to steal information, hold them to ransom and disrupt their businesses. Matt Rhodes from Quiss Technology explains how organisations can protect themselves.
In an age when democracy itself depends on the resilience of an email server, cybersecurity has never been more important. Find out why.
It is a familiar story: boards want more assurance from an internal audit function that is already juggling stretched resources. While that scenario presents more than enough logistical and planning problems, heads of internal audit are facing other challenges too. Understand what those challenges are.
While the CIA exams offer internal auditors a recognised international qualification, full chartered status provides something more – higher salaries, a breadth of experience and admission to a circle of senior peers across a wide range of sectors. Get to know the importance of chartered status.
Does your organisation recognise the risk from spreadsheets – and what can internal audit do about it. Matthew Wood gives us the lowdown.
Alun Milford, general counsel at the Serious Fraud Office, explains what internal audit needs to know about the consequences of an SFO investigation.
Good internal auditors are good communicators, says Ian Musgrave CMIIA. He explains how all auditors can benefit from polishing up their interviewing and listening skills.
In his second article on essential audit communications skills, Ian Musgrave CMIIA discusses how to get to know your audience and build effective relationships – face-to-face and via reports.
Internal audit professionals are increasingly under pressure to deliver more with less. As James Paterson explains, lean auditing provides an insightful and practical way of doing this.