Internal Auditor’s blogs reflect the personal views and opinions of the authors. These views may differ from policies and official statements of The Institute of Internal Auditors and its committees and from opinions endorsed by the bloggers’ employers or the editors of Internal Auditor.

What Did You Learn in That Last Audit?​​

Comments Views

What started as a simple blog post discussing a blog post from the Center for Creative Leadership and the parallels between entrepreneurship and internal audit has grown. It has now taken on a life of its own. (You can find where it all started right here.) The result is that, for the last few and next few Fridays, I have been and will be discussing the specific competencies identified in that blog post and what they mean for internal auditors. I hope you'll join me on the journey.


The successful auditor is the one who is constantly learning. That learning doesn't have to be about audit, it doesn't have to be about the company or the company's industry, it doesn't even have to be about something that is immediately useful. (Although any of those are really nice to have.) No, successful auditors are those who just want to learn … about anything … about everything.

For example, last year, did you think you were going to need to know much about blockchain? A few people did. But a lot of us were so immersed in learning about cybersecurity that blockchain snuck up on us. And a few years ago, how many of us thought we'd need to know about cybersecurity? Even more years ago, did you have an inkling that social media was a thing, let alone just how much impact it would have on every organization's reputational risk? Shoot, go way back. How big a deal did you think the internet was really going to be, cell phones, computers, steam engines, the wheel. (Okay, maybe I went back a little too far.)

Each of us has to be in the constant practice of learning something new. Because the only way to be ready to provide assurance about an ever-changing world is to do all we can to keep up with the future of that ever-changing world.

The Disney Great Leaders Strategy says it best. "In times of drastic change, it is the learners who inherit the future. The learned usually find themselves equipped to live in a world that no longer exists."

The willingness and the passion to learn new things — to never be satisfied with the knowledge and skills we currently have — is one of the most important drivers of success for any internal auditor. We have to be willing to not only keep abreast of potential changes in the profession, in our organization, or in our industry; but we also have to practice precognition in trying to determine the next change/risk/nightmare that may be on the horizon.

However, when we talk about the importance of learning for internal auditors, that is only the beginning.

In the Center for Creative Leadership's blog post that is behind all of this, the second competency they list is "Learning Agility." Now, this does not mean leaning to be agile (which, actually, was the point of the previous blog post in this series). And it is much more than just learning. Learning agility is the ability to quickly use our new experiences and understandings to change the way we do things.

As the article notes "People who are learning agile excel at gleaning lessons from their experiences. They then take the lessons they've learned and adapt them to succeed in new situations."

I don't see a lot of audit departments conducting audit post-mortems. And by that I don't just mean the manager talking to the lead or the lead talking to the auditors or anything else that might be interpreted as the classic one-on-one performance review. No, I mean going back as soon as the audit is over and talking about what went wrong, what went right, lessons learned, and how the next audit will be done differently. At its very best, this means having the entire audit department (or as many as is practical) present at each meeting — truly learning from each other.

No, I was never able to make this a permanent practice within our operations. But the few times I was able to pull off doing one of these post-mortems, we had amazing success. The first time was right after I became manager and the entire staff had needed to go out and conduct fraud investigations on agents throughout our three-state operating territory. Two weeks later, the five of us got together (that was the entire staff) and spent a Friday afternoon sharing what had happened to each of us. Open, honest sharing. Here are the successes and failures sharing. Here's what I did good, here's what I did bad sharing.

Probably the best meeting I ever attended. We all learned. And our work became instantly better.

But wait; there's more. There is another interesting line within this section of the blog post.

"Put another way, they're talented at knowing what to do when they don't know what to do."

For the internal auditor, that is the proof of having mastered learning agility — getting into a situation that has never been faced before, using the knowledge gained from all those other audit projects, and finding a way to successfully forge ahead.

Learning new information. Learning from the processes of prior audits. And learning how to know what to do when you aren't really sure what the "right" way is. That is the full spectrum of learning agility.

Certainly a bigger challenge than understanding the difference between a debit and a credit, isn't it?​

Internal Auditor is pleased to provide you an opportunity to share your thoughts about these blog posts. Some comments may be reprinted elsewhere, online or offline.



Comment on this blog post

comments powered by Disqus
  • Idea-September-2020-Blog-1
  • Galvanize-September-2020-Blog-2
  • CIA-September-2020-Blog-3