Risk in Focus puts a spotlight on priority risk areas that organisations face as they look ahead to next year. It reveals how heads of internal audit across Europe view today’s risk landscape.
Risk in Focus provides a touchpoint for the internal audit profession that helps HIAs to understand how their peers view today’s risk landscape. Working hand-in-hand with boards, audit committees and other stakeholders, internal audit should already have a rigorous understanding of their organisations and the greatest financial, operational and strategic risks they face. However, it is vital that knowledge and thinking is shared within the profession to reinforce risk assessments and mapping and, ultimately, to support the provision of greater assurance.
While many audit functions will be preoccupied with business-as-usual operational audits, and all should be focused on areas specific to the assurance needs of their organisations, the hot topics in this report represent themes that are relevant across industries, with an emphasis on new and emerging risks. To be clear, this list is not exhaustive and we expect internal audit to take an appropriately risk- based approach to its work by addressing organisations’ greatest priorities. The topics listed herein should therefore be treated as a reference point rather than audit planning guidance.
The most sophisticated audit functions will not only test internal control systems but support their business in identifying risks looming on the horizon. We hope this report serves as a valuable resource for HIAs in evaluating risks they may not have considered, or contemplate from fresh angles risks that are already on their radar screens. Some readers may recognise themes from their own risk assessments and they should take comfort from this. It is confirmation that they are risk-aware. Others may find the highlighted topics help them to shape their forthcoming audit plans.
Now in its third year, Risk in Focus is a collaborative effort between seven European institutes of internal auditors in France, Germany, Italy, the Netherlands, Spain, Sweden and the UK and Ireland.
As previously, we interviewed HIAs in all of these territories and across sectors as part of our qualitative research into priority risk areas that are expected to be addressed in audit plans for 2019 and further into the future. In addition, we also conducted a quantitative survey that received 311 responses. This research augmented the overall report by providing data on the biggest risks that HIAs believe their organisations face and where internal audit is spending time.
The hard data from the survey complements the qualitative research by showing, at the highest level, priority risks that organisations face, as identified by their HIAs, and quantitative results are included in the report. The interviews, meanwhile, allowed us to dig deeper and draw attention to more granular issues related to these broad priority risks.