5 top challenges for internal auditors
Internal auditors live in a world of risk. They are charged with helping organizations determine whether controls are in place to reduce risks in various processes and operations. They look for holes, inefficiencies, inconsistencies and regulatory compliance issues.
Their efforts sometimes evoke anxiety within resource-strapped organizations, but the value of these detailed examinations is irrefutable: by understanding and addressing risk, they help convey credibility, confidence and a competitive advantage.
The necessity of internal audits has long been established for highly regulated institutions like banks and credit unions, but there is hardly an industry that couldn’t benefit from an independent, objective scrutiny of internal controls related to risk management, technology, governance, financial processes and other operations.
Insurance, healthcare and manufacturing are among the industries that increasingly look to internal audits to help affirm their practices within a highly competitive landscape.
But the path to a successful audit has gotten more complex in recent years. Challenges have emerged or gotten steeper because of myriad forces affecting business operations and processes: from COVID-19 and labor shortages to the transition to an increasingly remote workforce and technology acceleration.
Here’s a look into how these factors are affecting internal audit and how your organization can adjust:
1. Talent shortage
Attracting and retaining internal audit staff has become a hardship in many sectors. Even though hiring budgets for auditors have increased overall, filling positions has never been tougher. Organizations need to be a place where auditors want to work. You need to recognize the premium workers place on flexibility in both where they work and when their workday starts and ends. Cookie-cutter rules about office hours and face time in the office are becoming obsolete.
By emphasizing individual growth and learning (professionally and personally), along with a commitment to work-life balance, your organization’s audit department can stand apart.
2. Rise of remote work
The pandemic caused most organizations to pivot quickly to remote operations. And most employees aren’t super excited about returning to full-time in-office work. If you don’t allow for flexibility, the chances rise that auditors you have on staff now will flee to other organizations. You don’t want to risk losing valued team members by failing to make your remote-work policies permanent.
The flip side of having a more entrenched remote workforce is the option to hire auditing staff who live anywhere. The pool of available talent just got bigger. Be sure to communicate your openness to new hires from anywhere in the country. But do come to an agreement on the time zone you expect far-flung workers to abide by.
3. Relationship-building barriers
In addition to the challenges with your own staff working remotely, you may find that working with auditing clients remotely requires some new practices, too. Audits themselves are more likely to be done off-site nowadays. In the past, it was easier to foster relationships with an organization through the organic connections that developed during regular visits.
Even though technology options make the physical auditing process easier, it may be harder to feel like you’re building an ongoing trusted relationship with advisors you work with at a distance. Fewer touchpoints between auditing departments, contracted auditors and internal stakeholders in operations and management require more proactive efforts to maintain close, working ties.
Consider your outsourced auditor as a collaborator. Sometimes a phone call now and then, even between jobs, can go a long way toward cementing a comfortable, trusting long-term relationship.
4. Evolving audit skill needs
Analytical and critical thinking skills have always been a necessity for internal auditors, but subject matter needs are expanding exponentially. Cybersecurity, data mining and analytics, and a vast array of IT systems require expertise that keeps growing and changing.
Even if you are fully staffed in your company’s audit department, your needs will keep evolving as new areas of risk emerge. Stay current with those needs and be sure you have the capacity to audit based on emerging cyber threats and new technologies.
Your internal training for evaluating risk must keep up with the times. And you may need to develop a co-sourced arrangement with outside auditors for areas requiring specialized knowledge. As business operations become more complex and new risks are identified, outsourcing discrete auditing projects can alleviate pressures on your team to stay current.
5. Tech tool reassessment
Does your internal audit department have the right technology available to do the job? And is your team properly trained to use those tools and systems? Audits may well benefit from applying technologies such as continuous auditing, data analytics and cloud-based audit management software.
It’s reasonable to expect that will become common, increasingly replacing audits based on data samples. AI technology will make it possible to pick out the exceptions when you’re looking at, for example, whether needed documentation is accurate and complete. It would be a much more thorough process than what may be happening now when auditors inspect documents manually. More consolidation of systems and better communication between them will enhance the auditing process.
The fast pace of technology change is hardly the only source of friction in the auditing world. Organizations are adjusting to business model disruptions and taking a harder look at ESG and DEI policies, which are creating new areas of risk moving into the future. Such areas may well become the scope of internal audits going forward. Planning for these risks will be key to internal audit departments staying relevant and vital to their organizations.
How Wipfli can help
In keeping up with the rapid changes in the workforce and technology, the way your organization handles internal audits may also need to change. Wipfli’s internal auditing team is ready help your organization assess its internal controls and assist with any compliance issues that come up in your business processes.
Sign up to receive additional content or information in your inbox or read on to learn more:
