Friday, 21st September 2018

Building risk awareness and aligning with business strategy are top priorities

MetricStream’s latest survey on the state of internal audit finds auditors focused on delivering timely insights on key risks, aligning audit planning with business strategy, and improving audit processes and operational effectiveness.

As part of its ongoing efforts in understanding industry trends, MetricStream Research has published the findings of its latest survey, State of Internal Audit 2018 - Impact and Opportunities. The survey evaluated 600 organisations from 15 industries across the globe to understand internal audit management challenges, priorities, programme structures, and technologies used.

Key findings

Internal audit’s focus is on building risk awareness and aligning with business strategy

Respondents reported that their top audit priorities for 2018 are to provide timely insights on key risks, align audit planning with business strategy, and improve audit processes and operational effectiveness. However, their top challenges lie in adding value to the business and aligning audit processes to changes in the business organisation.

Auditors want technology solutions for real-time data access and detailed analysis and presentation

As boards and executive management teams demand deeper insights into risks, internal auditors are looking to leverage more analytics and other emerging technologies. 77% of the respondents reported an interest in data querying and analysis tools, 75% in continuous control monitoring tools, 60% in data visualisation capabilities, and 58% in modeling and predictive analysis tools.

Enterprise risk management (ERM) is not yet pervasive

Only 50% of the respondents reported having a dedicated ERM team and programme. Of the remaining respondents, 25% indicated not having an ERM programme at all, which could be a significant cause for concern. Meanwhile, 25% reported that their organisations’ ERM programme is maintained by their internal audit team.

Other key findings:

  • 86% of respondents have embraced a risk-based approach to audit planning and execution
  • 80% of respondents define their audit universe before audit planning, while 39% define it during audit planning, and 20% during audit execution
  • Only 19% of respondents use balanced scorecards to assess the effectiveness of their internal audit programme; the rest still rely on qualitative, unstructured assessment approaches like open dialogues between the senior management and auditors, and self-assessments by the audit team

“Today’s internal auditors have a new mandate to go beyond traditional assurance, and to deliver strategic, forward-looking, actionable risk insights that can help the business perform with integrity,” said French Caldwell, Chief Evangelist, MetricStream. “Rising to this new demand will require internal auditors to upskill, improve agility and cross-functional collaboration, and leverage technologies like predictive analytics and continuous monitoring tools. It’s a significant shift in role and outlook, but it’s also an opportunity for internal audit to create new impact and value for the business.”

Thycotic has released the findings from its 2018 Black Hat conducted survey of more than 300 hackers...
Powerful technology coalition brings patent-pending Rocket Wallet™ service to millions of digital co...
Knowledge-based identification may be the preferred way to authenticate online, but for how long...
Four in five executives around the world (84%) report having blockchain initiatives underway1, wit...
Worldwide spending on information security products and services will reach more than $114 billion...
More than 60 percent of organisations not leveraging established hardening benchmarks.
Ninety percent of surveyed security professionals fear that Meltdown-Spectre attacks are becoming...
Organisations report that 38% of IT security incidents occur as a direct result of their employe...