A recent Mental Floss article listed the 25 job
skills that, according to LinkedIn, are in the most demand. Take a moment to
peruse the list. Not surprisingly, it is full to bursting with technology
skills, starting out with such things as cloud and distributed computing,
middleware and integration software, web architecture, user interface design,
and software revision control systems.
All well and good. We know technology is a big deal nowadays
and the idea that this list is replete with technological skills is as
surprising as the fact that sun has risen, the stars are shining, and the red
book has a red cover. Why should we in internal audit care?
Well, before getting into that, let me ask this one. If you
looked at the full list, how many did you really know? And how many did you
kind of guess at what they meant? And how many may as well have been written in
an archaic conglomeration of Sanskrit, Ancient Greek, and Elvish? Seriously, if
with a straight face you can tell me that you not only know what Perl, Python,
and Ruby; Shell scripting; and virtualization mean, and then explain them so I
can understand them (and you’re not allowed to say “virtualization is the
virtualizing of things”), then I’ve got a freshly printed package of “My CAE went
to AuditWorld and all he got me was this crummy t-shirt” shirts I’ll let you
have for half price.
But that lack of knowledge gets to why internal audit should
care. Every one of these skills represents an area of exploration for organizations
— the areas organizations are looking at for new and different approaches (Or,
at the very least, looking to keep abreast or catch up with the competition). And
if the organization is making this kind of investment in these new skills, new approaches,
and new strategies, then that means the organization is becoming deeply involved
in something internal audit needs to know about. It means there is a great deal
of risk — potentially unrecognized, unmitigated, and unforeseen risk.
Therefore, for every one of those incomprehensible skills
(and for all the others, too) internal audit needs to pick up the pace and
That is not to say that the only reason to understand these
skills is because the organization may be using them. There are a few on this
list that, while important to the organization, are just as important to
internal auditors and their department. Things like statistical analysis, data mining,
data presentation, and even marketing campaign management can have a direct
impact on the way internal audit completes its work, delivers its message, and
markets its value.
Now, to be honest, I don’t understand the ramifications of
many of these as they relate to the organizations, let alone internal audit.
But it is safe to assume that ramifications exist. And that is why it is
important that we learn and, at the very least, understand them.
So, what’s a poor internal audit department to do? (And the answer
is not to play in a rock and roll band — no matter how many fans of The Who may
be reading this.)
The quick, first, and not-so-good answer is start hiring for
these skills. Unfortunately, we’re not the only ones trying to hire these
people. Internal audit budgets are already stretched and there may not be enough
left over to pay the inflated salaries such skills will bring.
So, here’s a weird idea. How about training? Have you or one
of the auditors in your department got an itch that just can’t be scratched without
learning about stuff? Find that person and let them start scratching.
In the '90s, that was me when it came to computer programming.
I wanted to figure out how to access and work with the data that was out there.
In addition, I found that writing code was the closest thing I ever found to
playing games at work. I was given the time to learn and, along with a couple
of co-workers, eventually got the data, played with it, and significantly
changed the way we completed a large section of our audit work.
(In the process, I became the organization’s top programmer
in Lotus 1-2-3 which, for those of you too young to remember those halcyon
days, is somewhat akin to being able to speak an archaic version of Athabascan.
Yeah, you learned how to speak it; but no one else knows what you are saying.)
This post has gone a long way to wind up with a not-so-new,
fundamental idea: Nothing can succeed without training. Yeah, we all know
training, good; lack of training, bad. But what we forget is that an investment
in training does not have to focus on internal audit. Some of the best training
— some of the best new ideas — come from outside the discipline.
A couple of days ago, Austin Kleon took on this subject in a
piece titled “Learning for Learning’s Sake.” Here’s a snippet of what he had to
“…what worries me the most is this faulty idea that you
should only spend time learning about things if they have a definite ‘ROI.’
Creative people are curious people, and part of being a creative person is
allowing yourself the freedom to let your curiosity lead you down strange,
divergent paths. You just cannot predict how what you learn will end up ‘paying
off’ later. Who’s to say what is and what isn’t professional development? (An
audited calligraphy class winds up changing the design of computers, etc.)”
You may not see the immediate benefit of an internal auditor
getting training in SEO/SEM marketing or algorithm design or Lotus 1-2-3 or
WYSIWYG or animation or baking or Disneyland or Yellowstone geysers… (uh-oh,
starting to get a little personal, there). But, there are benefits — albeit, unknown
benefits — that will be reaped. You just have to go out there and start
So, look at the list of 25 skills and figure out where your
company is headed as it regards these skills. Take the time to understand what that
direction means about your organization’s strategies, plans, and risks. And give
individuals within your department the time necessary to learn these skills. And
then, allow them the time to learn skills for which you haven’t even figured
Internal audit needs creativity. And creativity needs the
cross-pollination of ideas to succeed. And ideas stem from learning.
Learn to allow everyone, even yourself, to learn.