• First Reference
  • About us
  • Contact us
  • Blog Signup 📨

First Reference Talks

Discussions on Human Resources, Employment Law, Payroll and Internal Controls

  • Home
  • About
  • Archives
  • Resources
  • Buy Policies
You are here: Home / Business / How to assess internal audit effectiveness and value

By Occasional Contributors | 3 Minutes Read October 11, 2016

How to assess internal audit effectiveness and value

auditHow should this be done? Some would say that the IIA’s quality assurance standards, which require both ongoing and periodic quality reviews, are the answer.
I am not one of those people.
While I agree that procedures performed by the CAE and his team to assure quality are important, and that an independent quality assurance review should be performed every so often, I am not persuaded that they do enough to assess effectiveness—and especially whether internal audit is provided all the value it should.
Who receives the value from internal audit? The answer is that the board (perhaps via the audit committee) and top management are the primary customers. Other customers include operating management, the external auditors, and (often) the regulators.
The only way that effectiveness and value should be measured is through the eyes of the primary customer.
Do we simply ask them whether internal audit is effective and providing value? Do they even know what internal audit should be delivering?
Maybe they have heard that internal audit provides assurance and value–added advisory/consulting services. But what does that mean? How much should they expect?
Some years ago, I asked the chair of the audit committee how we were doing. His answer was that we “helped him sleep through the night”. I believe that’s a clue.
Later, I asked the two presidents of our major divisions the same question. The first said that “you have yet to perform an audit that I wouldn’t gladly pay for”; he also told a visiting state governor that “internal audit gives the company a competitive advantage”. The second president told a visiting state attorney general that “internal audit helps keep the company efficient”.[1]
These are also clues.
Others lie in work by Deloitte and Ernst & Young with respect to risk management. Deloitte asked board members and executives whether risk management “helps then set and execute on strategy”. That is a very perceptive question that strikes to the core value of risk management. Ernst & Young says that “effective risk management gives leaders the confidence to take risk”. I like that very much as well!
So what is the question that we should ask board members and executives about internal audit?

How about this?
Does internal audit provide you with the assurance you need to have confidence in the ability of the organization’s people, processes, and systems to lead the company to success? Where there are opportunities to improve, do they provide actionable information that enables you to make the appropriate changes?

Note that I didn’t mention either risk management or internal controls. Both are included, essential enablers, of effective systems, processes, and so on.
I don’t want to ask them questions about risk and controls. I want to ask whether our work helps them be more successful.
What is the question you would ask?
Do you like mine?
What do you think the typical answer would be from board members and executives?
Is there a similar question that the board should be asked about the CEO and CFO?
[1] For more internal audit stories and how I came to my views about internal audit effectiveness, please consider World-Class Internal Auditing: Tales from my Journey
Norman D. Marks, CPA, CRMA
Author, Evangelist and Mentor for Better Run Business
OCEG Fellow, Honorary Fellow of the Institute of Risk Management

  • About
  • Latest Posts
Occasional Contributors
In addition to our regular guest bloggers, First Reference Talks blog published by First Reference, provides occasional guest post opportunities from various subject matter experts on the topics of human resources, employment/labour law, internal controls, information technology, not-for-profit, business, privacy, tax, finance and accounting, and accessibility in Canada among others. If you are a subject matter expert and would like to become an occasional blogger, please contact us. If you liked this post, subscribe to First Reference Talks blog to get regular updates.
Latest posts by Occasional Contributors (see all)
  • Corporations Canada and new transparency about federal non-profit corporations under the CNCA and new fees for certain documents - December 21, 2022
  • How much should a Canadian registered charity spend on administration? - November 30, 2022
  • Finance proposes changes to disbursement quota for charities and some increased transparency - November 11, 2022

Article by Occasional Contributors / Business, Finance and Accounting, Information Technology, Privacy / internal audit, quality assurance review, risk management

Share with a friend or colleague

Get the Latest Posts in your Inbox for Free!

Electronic monitoring

About Occasional Contributors

In addition to our regular guest bloggers, First Reference Talks blog published by First Reference, provides occasional guest post opportunities from various subject matter experts on the topics of human resources, employment/labour law, internal controls, information technology, not-for-profit, business, privacy, tax, finance and accounting, and accessibility in Canada among others. If you are a subject matter expert and would like to become an occasional blogger, please contact us. If you liked this post, subscribe to First Reference Talks blog to get regular updates.

Footer

About us

Established in 1995, First Reference is the leading publisher of up to date, practical and authoritative HR compliance and policy databases that are essential to ensure organizations meet their due diligence and duty of care requirements.

First Reference Talks

  • Home
  • About
  • Archives
  • Resources
  • Buy Policies

Main Menu

  • About First Reference
  • Resources
  • Contact us
  • 1 800 750 8175

Stay Connected

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

We welcome your comments on our blog articles. However, we do not respond to specific legal questions in this space.
We do not provide any form of legal advice or legal opinion. Please consult a lawyer in your jurisdiction or try one of our products.


Copyright © 2009 - 2023 · First Reference Inc. · All Rights Reserved
Legal and Copyright Notices · Publisher's Disclaimer · Privacy Policy · Accessibility Policy