Internal Auditor’s blogs reflect the personal views and opinions of the authors. These views may differ from policies and official statements of The Institute of Internal Auditors and its committees and from opinions endorsed by the bloggers’ employers or the editors of Internal Auditor.

​Internal Audit's 8 Stakeholders

Comments Views

A couple of weeks ago, Inc. magazine carried a piece by Bill Murphy, Jr., titled "There Are 8 Key Stakeholders in Any Private Business. (Wait, Did I Miss Any?)" It is an interesting piece and I would suggest you take a look because, while I may not completely agree with what he has included or how some of these have been defined, it represents an evaluation every organization should undertake.

For any organization, defining its stakeholders is an important step. And it needs to be a conscious choice, not just something that happens over time. Unfortunately, many board members, C-Suite members, and senior executives drive blithely forward without giving real thought to who any of their efforts are meant to benefit. ("Profits = success. Do I really need to know any more?")

But, let's ask another question. You, that internal auditor over in the corner nodding your head in knowing agreement. Have you ever thought about who your stakeholders are? Not the organizations stakeholders; internal audit's stakeholders.

Boy, that stopped the head nodding pretty quickly, didn't it?

Well, true confession time. I've been involved in a lot of discussions about internal audit's customers — who they are and what they want — but I don't think I've ever used the phrase "stakeholder". And, to be quite honest, that puts a new spin on the whole thing.

So, based on the article referenced above and some random thoughts that happen to be floundering around in my skull, here are my suggestions regarding internal audit's stakeholders.

  1. The Board – Okay, I'm not starting by going out on too much of a limb with this one. Every internal auditor recognizes the importance of the board and audit committee (or whatever comparable oversight exists within your organization.) However, let's start looking at this all a little differently. In Murphy's article, he includes founders, owners, and investors. Well, the closest thing internal audit has is the board. They founded internal audit, they own internal audit, and they continually invest in internal audit. The minute we start thinking about this group as stakeholders (particularly as founders, owners, and investors) is the minute we begin seeing them in a different light. They are more than the overseers of our work; they are a primary reason our work is completed.
  2. Customers (Internal) – Whenever you can get internal auditors talking about customers, they will begin a laundry list that starts at the C-Suite and works its way through executives, VPs, AVPs, directors, managers, supervisors, line personnel, and any other designation that represents those we audit. It is time to quit making that distinction. Yes, we may have more responsibilities to the C-Suite than to the receptionist at the front door. But they all have a stake in the success of internal audit. So, when discussing stakeholders, let's just use the overall term "customers."
  3. Employees – Now I'm talking about the employees of the audit department. It would seem self-evident, but we all have a stake in the success of our department. And the sooner this is recognized and built upon, the sooner the team becomes stronger. Further, deponent sayeth not.
  4. Competitors – First, it comes as a shock to some internal auditors that internal audit has competitors. (For a history lesson on how this assumption can go badly, talk to one of the older auditors in the department who remembers the internal audit outsourcing that occurred in the 90s.) Even if it is recognized that competitors exist, it tends to focus on the external competitors – external auditors and consultants. Yes, these are competitors, but internal audit departments are facing similar challenges from within the organization. Maybe it is not a concern for your department, but others are seeing groups such as risk, compliance, and legal begin to take on some of internal audit's responsibilities. That being said, every one of those competitors — internal and external — is also a stakeholder. By working with them while continuing to provide services they cannot, we will continue to add value to the organization while turning competitors into fans.
  5. Regulators – Now I'm reaching a little. But think about it. If we are doing our jobs effectively, we are providing regulators assurance that the organization is operating within laws and regulations. No, it won't keep them from the multitude of reviews they need to perform in order to justify their existence. But it will show them the organization is working towards compliance, making their jobs easier and streamlining one of the more intrusive things that happens to an organization.
  6. Customers (External) – In this case, I'm talking about the organization's customers. They have a stake in the organization's ability to deliver on its promises. And our focus on efficiencies, effectiveness, and risk mitigation will help ensure their needs are met.
  7. Family - The idea of including this group is stolen directly from the article referenced above. But let's put a different spin on it. Our families are stakeholders in our success. As we help the organization succeed, we have more security; and the families of others within the department have more security; and the families of our internal customers have more security. Therefore, a large contingent of people have a vested interest in our success. I will only add that, when we consider our own families as stakeholders, it is quite likely that they have different objectives and goals than those we have established related to internal audit. This is my long-winded way of saying you are not doing your family any favors when you work yourself to death.
  8. Community – The community stakeholders for internal audit come in two forms — the community within the organization and the community existing outside the organization. These groups could be considered a part of internal or external customers, but I think the term "community" speaks to something bigger. When we think about communities being our stakeholders it has the broader implication of our being a part of that community, of ensuring that the best is done for that community, and that the community as a whole benefits. It is a big picture look. But it is something internal audit should recognize and keep in mind in all its work.

As noted, these are just quick thoughts that have come out of my mind at 8pm on a Monday evening. But, for now, I'll stand by them. As with Murphy's article referenced above, it is not so much the rightness or wrongness of the list; rather, that some thought has been given to it.

Build your own list. As a start you can use mine, you can use Murphy's, you can use the I Ching, you can use Dungeons and Dragon tetrahedral dice, it doesn't matter. Just start having the conversation.

And, as you solidify that list, make sure you are paying attention to those stakeholders, delivering on their needs. After all, they have a stake in your success.

Internal Auditor is pleased to provide you an opportunity to share your thoughts about these blog posts. Some comments may be reprinted elsewhere, online or offline.

 

 

Comment on this blog post

comments powered by Disqus
  • Fastpath_Oct 2019_Blog 1
  • IIA GAM_Oct 2019_Blog 2
  • IIA Training_Oct 2019_Blog 3