Internal Auditor’s blogs reflect the personal views and opinions of the authors. These views may differ from policies and official statements of The Institute of Internal Auditors and its committees and from opinions endorsed by the bloggers’ employers or the editors of Internal Auditor.

Why Every Auditor Better Be Ready to Face These 25 Skills​​

Comments Views

A recent Mental Floss article listed the 25 job skills that, according to LinkedIn, are in the most demand. Take a moment to peruse the list. Not surprisingly, it is full to bursting with technology skills, starting out with such things as cloud and distributed computing, middleware and integration software, web architecture, user interface design, and software revision control systems.

All well and good. We know technology is a big deal nowadays and the idea that this list is replete with technological skills is as surprising as the fact that sun has risen, the stars are shining, and the red book has a red cover. Why should we in internal audit care?

Well, before getting into that, let me ask this one. If you looked at the full list, how many did you really know? And how many did you kind of guess at what they meant? And how many may as well have been written in an archaic conglomeration of Sanskrit, Ancient Greek, and Elvish? Seriously, if with a straight face you can tell me that you not only know what Perl, Python, and Ruby; Shell scripting; and virtualization mean, and then explain them so I can understand them (and you’re not allowed to say “virtualization is the virtualizing of things”), then I’ve got a freshly printed package of “My CAE went to AuditWorld and all he got me was this crummy t-shirt” shirts I’ll let you have for half price.

But that lack of knowledge gets to why internal audit should care. Every one of these skills represents an area of exploration for organizations — the areas organizations are looking at for new and different approaches (Or, at the very least, looking to keep abreast or catch up with the competition). And if the organization is making this kind of investment in these new skills, new approaches, and new strategies, then that means the organization is becoming deeply involved in something internal audit needs to know about. It means there is a great deal of risk — potentially unrecognized, unmitigated, and unforeseen risk.

Therefore, for every one of those incomprehensible skills (and for all the others, too) internal audit needs to pick up the pace and start learning.

That is not to say that the only reason to understand these skills is because the organization may be using them. There are a few on this list that, while important to the organization, are just as important to internal auditors and their department. Things like statistical analysis, data mining, data presentation, and even marketing campaign management can have a direct impact on the way internal audit completes its work, delivers its message, and markets its value.

Now, to be honest, I don’t understand the ramifications of many of these as they relate to the organizations, let alone internal audit. But it is safe to assume that ramifications exist. And that is why it is important that we learn and, at the very least, understand them.

So, what’s a poor internal audit department to do? (And the answer is not to play in a rock and roll band — no matter how many fans of The Who may be reading this.)

The quick, first, and not-so-good answer is start hiring for these skills. Unfortunately, we’re not the only ones trying to hire these people. Internal audit budgets are already stretched and there may not be enough left over to pay the inflated salaries such skills will ​bring.

So, here’s a weird idea. How about training? Have you or one of the auditors in your department got an itch that just can’t be scratched without learning about stuff? Find that person and let them start scratching.

In the '90s, that was me when it came to computer programming. I wanted to figure out how to access and work with the data that was out there. In addition, I found that writing code was the closest thing I ever found to playing games at work. I was given the time to learn and, along with a couple of co-workers, eventually got the data, played with it, and significantly changed the way we completed a large section of our audit work.

(In the process, I became the organization’s top programmer in Lotus 1-2-3 which, for those of you too young to remember those halcyon days, is somewhat akin to being able to speak an archaic version of Athabascan. Yeah, you learned how to speak it; but no one else knows what you are saying.)

This post has gone a long way to wind up with a not-so-new, fundamental idea: Nothing can succeed without training. Yeah, we all know training, good; lack of training, bad. But what we forget is that an investment in training does not have to focus on internal audit. Some of the best training — some of the best new ideas — come from outside the discipline.​

A couple of days ago, Austin Kleon took on this subject in a piece titled “Learning for Learning’s Sake.” Here’s a snippet of what he had to say:

“…what worries me the most is this faulty idea that you should only spend time learning about things if they have a definite ‘ROI.’ Creative people are curious people, and part of being a creative person is allowing yourself the freedom to let your curiosity lead you down strange, divergent paths. You just cannot predict how what you learn will end up ‘paying off’ later. Who’s to say what is and what isn’t professional development? (An audited calligraphy class winds up changing the design of computers, etc.)”

You may not see the immediate benefit of an internal auditor getting training in SEO/SEM marketing or algorithm design or Lotus 1-2-3 or WYSIWYG or animation or baking or Disneyland or Yellowstone geysers… (uh-oh, starting to get a little personal, there). But, there are benefits — albeit, unknown benefits — that will be reaped. You just have to go out there and start learning.

So, look at the list of 25 skills and figure out where your company is headed as it regards these skills. Take the time to understand what that direction means about your organization’s strategies, plans, and risks. And give individuals within your department the time necessary to learn these skills. And then, allow them the time to learn skills for which you haven’t even figured out uses.

Internal audit needs creativity. And creativity needs the cross-pollination of ideas to succeed. And ideas stem from learning.

Learn to allow everyone, even yourself, to learn​.

Internal Auditor is pleased to provide you an opportunity to share your thoughts about these blog posts. Some comments may be reprinted elsewhere, online or offline.



Comment on this blog post

comments powered by Disqus
  • SCCE 2018 June 19-30_Blog 1
  • IIA_Symposium_June2018_Blog 2
  • IIA_QAL_June 2018_Blog 3