Building risk awareness and aligning with business strategy are top priorities

MetricStream’s latest survey on the state of internal audit finds auditors focused on delivering timely insights on key risks, aligning audit planning with business strategy, and improving audit processes and operational effectiveness.

  • 5 years ago Posted in
As part of its ongoing efforts in understanding industry trends,  MetricStream Research has published the findings of its latest survey, State of Internal Audit 2018 - Impact and Opportunities. The survey evaluated 600 organisations from 15 industries across the globe to understand internal audit management challenges, priorities, programme structures, and technologies used.

Key findings

Internal audit’s focus is on building risk awareness and aligning with business strategy

Respondents reported that their top audit priorities for 2018 are to provide timely insights on key risks, align audit planning with business strategy, and improve audit processes and operational effectiveness. However, their top challenges lie in adding value to the business and aligning audit processes to changes in the business organisation.

Auditors want technology solutions for real-time data access and detailed analysis and presentation

As boards and executive management teams demand deeper insights into risks, internal auditors are looking to leverage more analytics and other emerging technologies. 77% of the respondents reported an interest in data querying and analysis tools, 75% in continuous control monitoring tools, 60% in data visualisation capabilities, and 58% in modeling and predictive analysis tools.

Enterprise risk management (ERM) is not yet pervasive

Only 50% of the respondents reported having a dedicated ERM team and programme. Of the remaining respondents, 25% indicated not having an ERM programme at all, which could be a significant cause for concern. Meanwhile, 25% reported that their organisations’ ERM programme is maintained by their internal audit team.

Other key findings:

  • 86% of respondents have embraced a risk-based approach to audit planning and execution
  • 80% of respondents define their audit universe before audit planning, while 39% define it during audit planning, and 20% during audit execution
  • Only 19% of respondents use balanced scorecards to assess the effectiveness of their internal audit programme; the rest still rely on qualitative, unstructured assessment approaches like open dialogues between the senior management and auditors, and self-assessments by the audit team

“Today’s internal auditors have a new mandate to go beyond traditional assurance, and to deliver strategic, forward-looking, actionable risk insights that can help the business perform with integrity,” said French Caldwell, Chief Evangelist, MetricStream. “Rising to this new demand will require internal auditors to upskill, improve agility and cross-functional collaboration, and leverage technologies like predictive analytics and continuous monitoring tools. It’s a significant shift in role and outlook, but it’s also an opportunity for internal audit to create new impact and value for the business.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...