Practices

 

 

Audit in Tunehttps://iaonline.theiia.org/2019/Pages/Audit-in-Tune.aspxAudit in Tune<p>M​etaphorically speaking, the music internal auditors make — the key ways we perform in our roles and the insight we bring to each engagement — must be our own special song. Each organization is different — each board of directors, C-suite, chief audit executive, and internal audit professional — and so is every geography, market, and strategic plan. In each instance, we have a unique opportunity to demonstrate our strategic knowledge of the organization and our understanding of the various business environments we occupy.</p><p>We maximize that opportunity, and demonstrate the value of internal audit to the organization, when each person's contribution joins all the others' to create something that wasn't there before — not just a report, or an update, or an analysis, but information and knowledge, insight and foresight. Musically speaking, notes and beats combine to form a melody, the memorable part of a song that stays in our heads because it's catchy, or moving, or somehow more engaging than usual. Our internal audit melody consists of the advice, data, and background details we provide that contribute to the organization's success.</p><p>Of course, melody without harmony can seem detached and less relevant — and melody without rhythm can ramble without direction or emphasis. Music is most memorable when all the elements are in sync. Our input as internal auditors is much the same. When we <em>Audit in Tune</em>, my theme as the 2019–2020 chair of The IIA's Global Board, we combine our growing influence and our ongoing grasp of the fundamentals of the profession.</p><h2>Fine-Tuning Internal Audit </h2><p>Successful audit professionals continuously fine-tune their audit approach and philosophy to adjust to rapidly changing conditions and to account for the evolving expectations of their stakeholders, whether we are auditing a business; a nonprofit organization; a university or school system; or a local, county, regional, state, or federal government entity. </p><p>As our influence and authority within our organizations continues to grow, we serve our stakeholders best, and keep earning our seat at the table, by building collaborative relationships with management and all other departments, including finance, IT, human resources, and legal, that help facilitate review and mitigation of key risks. I cannot overemphasize the specific merits of strong relationships with the organization's compliance function, if it's separate from internal audit. There's mutual benefit in working together to identify risk management opportunities that may not be evident to either function alone.</p><p>Indeed, our value proposition as internal auditors is built on maintaining a voice — and ongoing strong rapport and visibility — with the audit committee and senior management, and reinforcing the professional and standards-driven orientation of the function. That's what helps foster a corporate culture where our contributions are understood and respected. Forming and keeping those internal ties can be as simple a proposition as scheduling periodic lunches or meetings with relevant personnel; just about any format for keeping in touch will work, as long as it upholds the organization's cultural standards and the internal audit function's independence. </p><p>This is critical: We don't have to sacrifice our objectivity to successfully partner with our clients. Indeed, some of the best, most useful audit observations come from colleagues — the board, C-suite, line management, or hourly employees — who trust us. </p><h2>Providing the Melody</h2><table class="ms-rteTable-default" width="100%" cellspacing="0"><tbody><tr><td class="ms-rteTable-default" style="width:100%;"><p>​<strong>My Song</strong></p><p>The CIA designation I received more than 30 years ago means more to me now than ever. As our profession evolves and our influence grows, the CIA reflects our commitment to professional standards and confirms our value as trusted advisors to our growing network of stakeholders. </p><p>In fact, the relevance and impact those three letters represent today would have been hard to imagine when I completed my first internal audit in 1983. I remember when workpapers were prepared manually on narrative sheets and columnar pads, red and blue pencils were used for tic marks, and all reports were handwritten and left with the stenographers to be typed up later. Facsimile machines were the epitome of high tech.</p><p>At the time, I was in an internal audit position with JCPenney Co., where I benefited from outstanding training. Over time, I moved through the company’s Pittsburgh, Philadelphia, and Dallas offices. I’ve been with the Blue Cross Blue Shield Association (BCBSA) in Chicago since 1999, where I serve as the vice president, chief auditor and compliance officer. BCBSA is a national association of 36 independent, community-based, and locally operated companies that together cover more than 107 million members. </p><p>The scope of my internal audit work includes our Chicago and Washington, D.C., offices. We build an annual plan as a guide for addressing identified risks and then adjust it as necessary. Interestingly, many of the audits come in the form of management requests, which I consider validation that management perceives the value of our services. As compliance officer, I administer our internal code of conduct, business ethics training, conflict of interest process, and compliance helpline, and I am responsible for our national anti-fraud department, which supports the Special Investigation Units battling health-care fraud at each of the Blue Cross Blue Shield licensees. It is important to note that transparent and mitigating controls have been long established to maintain the independence of our internal audit function, despite these “second line of defense” responsibilities.</p><p>I was encouraged to volunteer for the IIA–Dallas Chapter shortly after becoming an IIA Audit Group member in 1989. Since my first committee assignment, I’ve filled an almost unbroken string of committee, officer, and local board roles, including serving as the IIA–Chicago chapter president and on various international and North American committees and assignments. I was the 2015–2016 chair of The IIA’s North American Board, which oversees all IIA operations in the U.S., Canada, and the Caribbean. During my term, we went through an intensive strategic planning session to make sure we synched appropriately with The IIA’s revised Global Strategic Plan. </p><p>The IIA’s Global Board — the governing body of The Institute — also has undergone a recent strategic refresh, and we’re better equipped than ever to manage The IIA, itself, and to provide the guidance and information that individual chapters and affiliates, as well as individual practitioners, count on us for every day. Our long-standing motto is Progress Through Sharing. My theme is Audit in Tune. I hope that when you combine those messages, what emerges is an orchestra of internal audit professionals helping each other achieve world-class results. Let’s have a great year.</p></td></tr></tbody></table><p>For internal auditors to provide the melody behind their organization's success, they need the right instruments. That's where The IIA comes in. Ultimately, it is The IIA's responsibility to provide internal auditors with the information they need in advance — before challenges grow too large — so they can then provide real value and unique insights to their own stakeholders. </p><p>Challenging times loom, and The IIA stands ready to help internal auditors face them with streamlined organizational governance as nimble and flexible at the global level as individual internal auditors must be every day. When internal auditors turn to The IIA for support and assistance, The Institute must respond quickly with the required updates and details. Beginning two years ago, The IIA embarked on a comprehensive assessment of its own governance practices, benchmarking as it progressed against a wide variety of resources. Two of the key outcomes of that review were a significant reduction in the size of the Global Board — from 38 members to 17 — and elimination of the 10-member Executive Committee of the Board. In a sense, the entire 17-member new Board will function as an Executive Committee. Those changes were approved by the membership in May 2018, and they became effective with our Annual Business Meeting in July 2019. </p><p>Moving forward, one of the many expected outcomes of the change to a leaner, more-laser-focused approach will be a more nimble decision-making process at The IIA's Global Headquarters, so it can respond to emerging issues more timely, while maintaining a focus on the strategic issues involved in operating an enterprise this large. This enables the Board to provide forward-thinking guidance both to the organization and to the organization's members. </p><p>The IIA's reorganization and ongoing efforts are designed with rhythm and harmony in mind, too, of course. They're the other elements — "rhythm" is developing our skills at performing the basic functions of our profession, and "harmony" is expanding contact and colleague networks within our organizations — that combine with "melody" to create the music internal auditors make when they audit in tune.</p><h2>Achieving Harmony</h2><p>In music, harmony is achieved with chords that move from beginning to middle to end, combining individual notes into richer, deeper sounds that blend multiple individual sonic expressions to tell a more impactful musical story. In internal auditing, harmony is the influential role auditors play in our organizations' success. Internal audit needs to be in lockstep with all of our stakeholders — and manage our audit processes in a way that's structured to hold everything together. That enables auditors to identify the key risks facing our organizations and ensure that our audits are timely, relevant, and responsive. This includes providing useful, meaningful advice on mitigating and exploiting those key risks, as appropriate.</p><p>At my organization, the Blue Cross Blue Shield Association, we're fortunate to operate in an environment with a strong ethics and control culture that supports the work we do — and that facilitates collaboration among colleagues with shared goals and interests. You might say we operate in a "harmonious" environment. </p><p>In music, harmony can come from a musical instrument or an orchestra, a voice or a choir. And if we audit in tune, the music we make can come in any format, as long as the right content is there. For example, when it comes to documenting our work, it doesn't matter whether our instrument of choice is a simple desktop application or a vendor-supplied workpaper tool — nor whether you're a solo act or part of the 100-plus member London Philharmonic Orchestra. At the end of the day, we all need efficient, professional, clear, and objective techniques to validate and support our audit observations and recommendations.</p><h2>The Rhythm of the IPPF</h2><p>The techniques internal auditors use, no matter how sophisticated, must be based on the basics of our profession. Every piece of music has a backbone of rhythm — it's the building block that supports a song. Similarly, when I talk about rhythm as part of my theme this year, I'm referring to internal audit's need to master and employ the fundamentals of the field as the processes we use, and the stakeholders we serve, continue to evolve. Indeed, as stakeholder expectations increase for many internal audit departments, we need to remember that credibility — one of our most valuable qualities — comes from both current knowledge and command of the basic skills that define a profession.</p><p>Demonstrating our command of the critical fundamentals of our work begins with the implementation of the International Professional Practices Framework (IPPF). The IPPF really should underpin everything we do as we engage in frequent and robust discussions with our audiences — our boards and audit committees, senior and operating managers, and, importantly, regulators. Consider the IPPF's Code of Ethics and <em>International Standards for the Professional Practice of Internal Auditing</em> to be the sheet music from which we should all be playing. The functions it facilitates — our ability to proactively identify and prioritize corporate risks, maximize finite audit resources through efficient and innovative audit techniques, and develop value-added recommendations for enhancing operations to help management achieve its objectives — are tangible metrics internal auditors can demonstrate.</p><p>I'm also a relentless advocate for professional certification. Becoming more complete internal auditors requires us to support the Certified Internal Auditor (CIA) designation, a globally recognized symbol of professionalism that demonstrates our ability to play a leading role in elevating organizational success. The CIA reflects our commitment to continued professional growth and development and shows our value as trusted advisors. Truly, it plays an instrumental role in helping us make our mark on our organizations and our profession. </p><h2>A Brand New Beat</h2><p>We have the opportunity to maximize our results when we audit in tune. Enhancing our rhythms, harmonies, and melodies will be increasingly critical in the future. The key challenges we face — remaining relevant and increasing our value to stakeholders, given the pace of innovation and changing risks; providing consistent work product quality, given the varying maturity of the function globally; and the continuing need to increase our skills — will demand every resource we can command in response. </p><p>It's time for internal audit to move to a new beat — each department's and each practitioner's unique blend of industry insight and strategic smarts — in every geography The IIA represents. And it's time to take center stage for broader and broader audiences. But as we do so, we can't forget our fundamentals. Let's take on the challenges ahead as a band of professionals making our own kind of music. </p>Mike Joyce0
Relevance Amid Disruptionhttps://iaonline.theiia.org/2019/Pages/Relevance-Amid-Disruption.aspxRelevance Amid Disruption<p style="text-align:justify;">Disruptive trends and technology will have a profound impact on employment in the coming years, according to The World Economic Forum's The Future of Jobs Report 2018. Already, the report says, business model disruptions are swiftly impacting skills for both current and emerging jobs across industries. Disruptive technologies like robotic process automation, machine learning, the Internet of Things, and blockchain, as well as the automation of business and assurance processes, are factors determining skill requirements for the current and future audit workforce. Moreover, the lead time to upskill is decreasing, whereas the proportion of core skills required to perform a job will rise incrementally. <br></p><p style="text-align:justify;">The employment impact of disruptive technological, demographic, and socioeconomic changes suggests two future scenarios — either limitless opportunities in newly emerging job categories (the optimistic view) or massive labor substitution and displacement (the pessimistic view). Either possibility is feasible, and opinions differ on which is most likely to unfold. <br></p><p style="text-align:justify;">I foresee massive opportunities for professionals who continually re-skill themselves and commit to lifelong learning. To ensure a lasting career shelf life and remain professionally relevant in the coming years, internal auditors need to pursue a strategy of continuous improvement. Ten steps, in particular, can help practitioners thrive amid disruptive organizational change.<br></p><p style="text-align:justify;"><strong>1. </strong><strong>Ask Yourself — What Did </strong><strong>I</strong><strong> Learn Today? </strong>Anyone seeking career growth should strive to learn something new every day. Remaining well-informed and keeping up to date on new business and industry trends is essential to professional success. The World Economic Forum report recommends incentivizing lifelong learning as a strategic long-term solution for its predicted skill shortage. Regardless, every professional should recognize the value of continuing education and develop themselves accordingly. As a starting point, anyone can access a treasure trove of information simply by looking at his or her organization's annual report. These important documents contain edifying details on strategy, industry trends, key initiatives, and primary areas of business focus. Moreover, productive areas of learning and development could include cognitive technology, General Data Protection Regulation assurance, cybersecurity imperatives, culture auditing, integrated assurance, Agile internal auditing, data analytics, predictive analysis, and automated assurance methodology. <br></p><p style="text-align:justify;"><strong>2. </strong><strong>Don't </strong><strong>Equate Time With </strong><strong>Experience </strong>Professional<strong> </strong>experience should be based on competency and expertise, not on timelines. Thinking of experience simply as the number of years spent in a role or function is a dangerous mistake. In fact, with the speed of innovation and change in today's businesses, experience has become virtually meaningless as a measure of value. Nearly two-thirds of surveyed organizations from The Future of Jobs Report say that, as part of their learning strategy, they plan to invest in re-skilling current employees. Internal auditors should seek to build competencies and expertise for the future, learn as much as possible while working, and keep exploring new processes and technologies. They should pursue innovations in their work and in their engagement with stakeholders, and they should not be content with repeatedly doing the same thing the same old way.<br></p><p style="text-align:justify;"><strong>3. </strong><strong>Read at Least Five Hours a Week</strong> According to The World Economic Forum report, problem solving and critical thinking are among the key skills needed for 2022. With increasing geographical and cultural diversity in the workforce intermingled with higher use of disruptive technology for work across industries, such soft and behavioral skills will be in greater demand. Reading books can help enhance these skills. A daily reading habit, or any routine that would amount to at least five hours of reading each week, can open up new windows of thought and introduce unique perspectives. Broadened understanding and exposure to new points of view are essential to effective performance and growth as a professional.  </p><p style="text-align:justify;"><strong>4. </strong><strong>Get Trained and Certified</strong> More than a third of the desired core skills projected for 2022 are not yet considered crucial for today's work<strong>,</strong> according to The World Economic Forum report.<strong> </strong>Disruptive technological changes bring with them the demand for newer skills. For this reason, no one can afford to rest on past laurels and qualifications. Instead, internal auditors should research available training or certifications, enroll in their organization's in-house training programs, or request sponsorship for external training. Professional associations, roundtables, and clubs can also be valuable sources of knowledge, continued professional education, and connections to industry. <br></p><p style="text-align:justify;"><strong>5. </strong><strong>Accept That Change Is Inevitable</strong> To paraphrase the ancient Hindu text <em>Bhagava</em><em>d</em><em> G</em><em>i</em><em>ta</em>, what is born has to die. Nothing is permanent, including change, which itself is always changing. Moreover, no one is indispensable. The role you occupy today was likely held by someone else previously — and you may choose to leave that role soon, or the organization may replace you with someone better. Avoid becoming so emotionally rooted into your current role that uprooting or moving becomes onerous. Treat every change as an opportunity; prepare yourself and be ready to move on.<br></p><p style="text-align:justify;"><strong>6. </strong><strong>Embrace Change</strong> Many organizations are on a high-speed innovation path, and innovation is a catalyst for change. Be part of the change, not a roadblock to it. Rather than wasting time endlessly questioning change, be the first to identify the need for new competencies and upskill accordingly. Often, disruptive changes create an urgent skill gap inside organizations, thus creating new opportunities for early adapters. The key for internal audit to remain relevant to the organization is a willingness to use new technologies and quickly adopt new methods of working (e.g., Agile internal audit, integrated/automated assurance, alternative staffing models, etc.). Only those who keep pace with organizational aspirations can create real value for the business.<strong> </strong><br></p><p style="text-align:justify;"><strong>7. </strong><strong>Don't Fall Into the Supervisor Trap</strong> Many professionals share the common ambition of growing in the organization and advancing to positions of leadership. But focusing only on managing people, and neglecting to develop other skills, can be a professional death trap. The higher someone rises in the organization, the more vulnerable he or she becomes. Managers are closely watched, with every move analyzed in detail by subordinates and management alike. Hence, managers cannot survive for long on their strengths in resource administration, team management, and interdepartmental relations alone. They need to also focus continually on building depth of expertise. Managers need to explore the functional or technical aspects of the operations they manage, learning in detail about their operational area, business segments, existing and upcoming technology, and best practices. Doing so will earn both respect from the supervised team and the trust of management.  <br></p><p style="text-align:justify;"><strong>8. </strong><strong>Never Stop Asking for Feedback</strong> It's important to perform a job well and to be satisfied with it, but it's more important to ask clients whether the job was delivered as expected. Always look for genuine and constructive feedback — if it isn't provided voluntarily, seek it out. Take all feedback with an open mind, analyze it, and work toward improvement. Listening to the client is the only way to remain focused on what's important and to serve as a value creator for the organization. <br></p><p style="text-align:justify;"><strong>9. </strong><strong>Don't Overvalue Job Security </strong>As The Future of Jobs Report emphasizes, job security is in decline, whereas compensation and work-life balance have increased. While having a secure job can provide comfort, a strong desire for security may limit career potential and prevent exploration of new opportunities. A larva may be safe while remaining inside its cocoon, but to grow it must leave these safe confines and take flight. Likewise, internal auditors must resist fixating on security and seek broader professional horizons. Social networks such as LinkedIn and Xing and engagement with like-minded peers can present a wave of opportunities. Be ready to leave your safety net, remain alert to new opportunities, and take on new challenges. Always share knowledge or experience gained with peers, and learn from others. <br></p><p style="text-align:justify;"><strong>10. </strong><strong>Treat Your Job as an Investment</strong> Your current job should be an organizational ladder, not a plateau. Always view the time, effort, and energy put into your current role as an investment, and treat it as a stepping stone for the next position. Doing so will keep you motivated to work hard and perform better. At the same time, as with any investment, always assess the expected rate of return. Ask yourself what future role your current one will lead to. Does that role interest you? If the future path is hazy or undesirable, or if your career has become stagnant, continuing in the current role is pointless. Start looking for a more appealing position — one that aligns more closely with your interests and ambitions. </p><p style="text-align:justify;">As an overarching principle to these steps, every professional should consider what ultimately drives him or her. What would you do if you didn't have to go to work tomorrow? What makes you happy, sparks your interest, and ignites your enthusiasm? Perhaps there's an area you've always wanted to explore but for various reasons couldn't devote attention to it. Find your passion — a rewarding pursuit that excites and motives you. If you have one already, start thinking about how you might parlay that interest into a fulfilling vocation. If you don't have one, find your interest and explore the possibilities. Engaging in meaningful, stimulating work will uplift your professional life and bring long-term satisfaction to your career. <br></p>Parthasarathi Jha1
Auditor, Audit Thyselfhttps://iaonline.theiia.org/2019/Pages/Auditor-Audit-Thyself.aspxAuditor, Audit Thyself<p>How many times have you heard someone ask, “Who audits the auditors?” It’s a question frequently posed to practitioners, and for many of us there is a ready answer: “We go through an external assessment every five years to attest that we conform with the <em>International Standards for the Professional Practice of Internal Auditing</em>.”</p><p>That’s all well and good, and worthy of the associated bragging rights. But the audit department that assumes the pursuit of audit quality ends with conformance is fooling itself, its audit staff, and its organization. Conformance with the <em>Standards</em> should be considered a given — the audit department that wants to be seen as a trusted advisor and an invaluable stakeholder resource must hold itself to an even higher standard. The best way to achieve that is to turn audit techniques on our own operations — review our efficiencies and effectiveness; ensure we understand the risks to our objectives; and evaluate how well our strategies, objectives, and controls work together toward success.<br></p><p>There may be no more impactful place to start than taking a good, hard look at the culture within the department. Organizational culture is a major topic for board members, executives, and other stakeholders — it is the foundation for success and at the root of almost anything that goes wrong.</p><p>Internal audit is not immune. Success for an internal audit department relies on any number of elements, but foundationally sustained success cannot be achieved without the hallmarks of a healthy culture, including honesty, open communication, accountability (at all levels), and trust.</p><p>I have worked with audit departments that bragged about having “passed” their external quality assessment review, but subsequently learned through private conversations about the auditors’ discontent, disaffection, and distrust. The auditors reveal they don’t get the support they need, they cannot be honest with those in charge, they work in an atmosphere of negative competition, and, overall, they are working in an unhealthy environment. </p><p>Internal audit leaders should take steps to ensure their rose-colored perception of the department’s culture is real. If they conduct employee satisfaction surveys, the results should be taken seriously, not dismissed as the feedback of a few malcontents. Human resources should be used as a partner to better understand what is really going on in the department. But most importantly, leadership should be willing to talk with the staff. If audit leaders think such discussions will not provide real information, or if they are convinced it is a waste of time, then, yes, there is<br> a problem.</p><p>And one final note. If you are not in a position of authority but find yourself in a toxic culture, you can choose to live in pain or just escape. However, the more courageous tact may be to step forward, pointing out the deadly practices potentially destroying the department. <br></p>Mike Jacka1
Value Through Quantificationhttps://iaonline.theiia.org/2019/Pages/Value-Through-Quantification.aspxValue Through Quantification<p>A review of publicly available internal audit reports shows that most include qualitative assessments of value addition, even where quantitative assessments seem possible or advantageous. In fact, some audit reports show that an assessment of the audit recommendations’ net benefits had not been performed at all. Without a quantitative assessment, in many instances auditors cannot be certain their recommendations add rather than destroy value. While qualitative assessments are useful for analyzing simple issues, they could be misleading if used for complex, high-risk, or novel situations. Internal auditors should quantify recommendations applied to these types of areas — especially when aimed at improving processes or aligning with best practices.</p><p>Without quantification, auditors run the risk that seemingly beneficial audit recommendations may in fact be ill-advised. By using a qualitative assessment, especially one that is not adequately documented, an auditor could miss interdependencies and ignore relevant costs, thereby overstating net benefits. For example, consider a recommendation intended to improve transaction processing efficiency through a system enhancement. On the surface, such a recommendation would appear to create value. But what if over the lifetime of the system, estimates of benefits associated with processing-time savings totaled less than the cost of implementing and maintaining the enhancement? This drawback would not be apparent without quantification of benefits.</p><p>Quantifying also provides an effective way of getting buy-in from audit clients. Often, client inertia or resistance increases if recommendations provide questionable or unconvincing value. Clients may raise legitimate concerns about why they should dedicate scarce resources to recommendations whose value is unclear. By demonstrating quantitatively that the value addition is positive, audit client buy-in would be more forthcoming. </p><p>Additionally, quantification can help auditors provide assurance when recommendations involve unchartered waters for clients. In other words, audit recommendations may be untested in the specific environment in which they are to be implemented. Gaining reliable insight into the real net benefits can be difficult using only qualitative assessments, making quantitative data in such instances a<br> near imperative.</p><p>Lastly, when auditors provide quantified recommendations, they can better demonstrate the value of their work by tracking benefits realized post-implementation. With quantified net benefits of individual or aggregated recommendations, auditors could harvest the quantified data showing their recommendations’ impact on specific processes and functional areas, or at the entity level. </p><p>Under the right circumstances, a strong case exists for demonstrating the value of audit recommendations quantitatively. When used appropriately, quantification can shine a bright light on audit benefits, rather than leaving clients in the dark.  </p><p class="p4"><span class="Apple-tab-span"> </span></p>Solomon Chief Simutowe1
International Conference: Intelligent Leadershiphttps://iaonline.theiia.org/2019/Pages/International-Conference-Intelligent-Leadership.aspxInternational Conference: Intelligent Leadership<p>​<span style="font-size:12px;">In Wednesday's final general session, IIA President and CEO Richard Chambers recognized 2018–2019 IIA Global Chairman Naohiro Mouri for his tireless work during the last 14 months and recapped their time together traveling around the world promoting the internal audit profession.</span></p><p>Futurist Mike Walsh then took the stage to wrap up the 2019 International Conference with his session on "Reinventing Leadership for the Age of Machine Intelligence." According to Walsh, algorithms, automation, and artificial intelligence (AI) are becoming the deep infrastructure of our world. By 2030, he says, AI platforms capable of continuous learning and adaption will create an algorithmic world of seamlessly orchestrated and personalized experiences.<br></p><p>Walsh posed many questions to consider about the future: Are you thinking big enough about the risk and potential transformations associated with AI? What if we always knew exactly what to say and when? What if machines could recognize our emotions? How might facial recognition change our experience of applications? How can you create new experience by taking away the friction points? What if we no longer needed our devices at all? What if the biggest impact of AI was on our behavior and sense of identity?<br></p><p>"Now is the time to reinvent, redesign, and reimagine," he says. "The future of analyzing risk is data and the data relationships you can build." To survive the disruptive future, he adds, organizations will need to get ready to be more flexible, responsive, and adaptive. <br></p><p>Walsh encouraged the audience to constantly challenge their assumptions about the future. Are you thinking big and fast enough about the transformative potential of the algorithmic age? The next action would be to have discussions with the youngest members of your team to learn how to better include their frame of reference into ideas or strategy.<br></p><p>But how do organizations need to transform for the 21<sup>st</sup> century? Walsh says the key is to get others to see you as a different kind of organization. You have to make culture your operating system — the system of interactions that governs how your people collaborate. "It's the most difficult to change but it's the blueprint for true transformation," he says.<br></p><p>When it comes to leadership in an age of algorithms, automation, and AI, leaders are more important that ever, Walsh adds. They need to upgrade their approach to making decisions and solving problems — this means exploring how to start re-skilling teams, migrating talent to new roles, and preparing for the new types of challenges they'll face, he says.<br></p><p>"The future is not anything as simple as an upgrade," Walsh says. "It's an invitation for all of us to think in an entirely new way. Think big, think new, think quick."<br></p>Shannon Steffee0
International Conference: Economic Disruptionhttps://iaonline.theiia.org/2019/Pages/International-Conference-Economic-Disruption.aspxInternational Conference: Economic Disruption<p>​<span style="font-size:12px;">"Geopolitics and the Global Economy" was the hot topic closing out day two of The IIA's 2019 International Conference in Anaheim, Calif. Peter Zeihan, a geopolitical strategist who specializes in global energy, demographics, and security, laid out the history of U.S. foreign policy and gave an overview of trade relations since the end of World War II.</span></p><p>"We are in the midst of a great transition," Zeihan explains. "We are looking at the end of our economic model."<br></p><p>With supply chains facing disruptions from these geopolitical risks, especially the U.S.-led trade wars, internal auditors should pay attention. Zeihan says countries that have seen this coming and have worked to diversify their supply chains and into more concentrated zones near points of consumption are definitely at an advantage. <br></p><p>"What you're looking for is a place where inputs, production, and consumption are both secure and hopefully co-located," he warns. "Right now, the only place that happens en masse is in North America."<br></p><p>Zeihan offered this assessment of today's post-order American foreign policy: "If you want something that's positive, you need to bring something to trade."<br></p>Shannon Steffee0
International Conference: Audit Leaders Discuss Challenges and Opportunitieshttps://iaonline.theiia.org/2019/Pages/International-Conference-Audit-Leaders-Discuss-Challenges-and-Opportunities.aspxInternational Conference: Audit Leaders Discuss Challenges and Opportunities<p>​A leadership panel on "Challenges, Opportunities, and the Path to Success" opened the final day of The IIA's 2019 International Conference in Anaheim, Calif. Panelists included Theresa Grafenstine, managing director and chief auditor, Information Security & Continuity of Business, at Citi; Kiko Harvey, inspector general, United Nations World Food Programme (Italy); and Jenitha John, chief audit executive, FirstRand Ltd. (South Africa). </p><p>Each panelist talked about her background and what led her to become an internal auditor. Ultimately, it was a passion for all of them. </p><p>Asked by moderator Scott Bloom how internal audit can help organizations and executives prepare for technological advances and risks, Grafenstine said auditors need to look at the technology and ask questions. "Our biggest gift is that we're critical thinkers and we break things down into critical controls," she explained. "Who has control over this algorithm? What can it do? What if it goes wrong? Can we stop it?" When approaching cyber risk, asking basic control questions can go a long way, she added.</p><p>The discussion then turned to building an audit function and the competencies that would make it a high-performing department. "I ask a lot of questions about team building, and I expect technical skills to be there," Harvey said. </p><p>She added that she looks for the abilities to listen, think critically, and see and solve problems, as well as how engaged auditors will be. "We feed the world's starving, so is that their passion?" Harvey asked. "Are they joining my team for the right reason? Do they want to make things better or are they there for the benefits?" </p><p>On the topic of skills internal auditors need to evolve with the business, John said auditors must stay attuned to the evolving risk landscape. "Many organizations experience changes in digital, data, customers, competition, conduct, compliance, and cyber," she said. It's important for internal auditing to transform as a profession, refresh its methodologies, and use hindsight and foresight. She says auditors also need to be agile and nimble, harness innovation, and foster a creative mindset. </p><p>Grafenstine detailed how audit leaders can be more influential in educating boards and gaining their trust. As a former inspector general for the U.S. House of Representatives, "I had to translate things into terms that were meaningful for them," she said. "In working with politicians, what became clear was that I needed to package my message for who was listening to it. I needed to make sure the person listening understood what I was saying and what I was asking them to do." Whether it is verbal conversations or written reports, Grafenstine says auditors need to keep their audience in mind. </p><p>As female leaders, each woman touched on the challenges they've faced in their careers. John explained that women tend to experience a lot of guilt about working so much, but she's found that organizations are becoming more flexible. She said people should be managed by outputs, not by time, and encouraged women to "be selfish with your time, prioritize your personal life." Leveraging technology also allows women to be present in many forms, she noted. </p><p>Grafenstine recalled that her time as one of the first three female auditors hired in the field office for inspector general was a growth opportunity. "In the tech area, instead of focusing on being the only female, think, 'I am a professional and bring a different perspective to the table,'" she advised. </p><p>Grafenstine also admitted that her biggest challenge was herself. Her glass ceiling was fear. "I always felt like I didn't belong," she said. "Until I tackled that, I was going to hold myself back. Whatever you're afraid of, you need to tackle it. Once you attack that, you can be a leader."</p><p>Harvey noted that she's always felt welcome in her working situations, but she said she missed a lot of family and school events because she made that choice. "In my generation, I felt that I had to be present at work or people would say 'we can't rely on her because she has young children,'" Harvey said. </p><p>Harvey said she took bold moves by moving her family around for her career, although it was difficult on her children and her. "Organizations are becoming much better at this and there's no excuse anymore," she said. "It's easier now than it was before." </p>Shannon Steffee0
International Conference: Dynamic, Disruptive Diversityhttps://iaonline.theiia.org/2019/Pages/International-Conference-Dynamic-Disruptive-Diversity.aspxInternational Conference: Dynamic, Disruptive Diversity<p>​<span style="font-size:12px;">Closing day one of the 2019 International Conference on a high note was Jade Simmons, a classical pianist, who spoke about "Dynamic, Disruptive Diversity: A Bold Approach to Harnessing the Power of Differences." Simmons combined music and storytelling to explain how she approached diversity in transforming her career and how the same approach can apply to business.</span></p><p>As an African American classical pianist in a traditional industry, Simmons said she spent all of her time trying to be perfect to attract a more diverse audience. But, she says, "When we talk about diversity, we have to throw the idea of being perfect out of the window." She realized that opportunity lies in providing variety in what we do. <br></p><p>Pursuing diversity, Simmons says, requires going beyond ethnicity and gender. This includes diversity of thought, diversity of background, diversity of experience, and diversity of talents. "When we think of diversity of talents, what we're doing is opening up different opportunities to let people shine," she says. "We can't start from a place of initiatives and benchmarks. You're going to have to begin to believe that people want a different offering than what they are seeing." <br></p><p>Simmons wanted diversity of experience to be a part of what she was offering, so she began storytelling during her concerts. People began latching on to the stories. "What you do isn't about getting things right but about moving things so people can feel drawn to the space they want to be in," she explains. Diversity should never be about obligation, she adds — It should be about exploration. <br></p><p>"You need to shift your mindset," Simmons says. "At the end of the day, you should be able to look differently at how you see yourself and how you see others and how you value them." <br></p>Shannon Steffee0
International Conference: Haig Wins Internal Auditor’s Thurston Awardhttps://iaonline.theiia.org/2019/Pages/International-Conference-Haig-Wins-Internal-Auditor’s-Thurston-Award.aspxInternational Conference: Haig Wins Internal Auditor’s Thurston Award<p>​Awards can enhance a professional's personal brand. Ask author and internal audit executive Nancy Haig, winner of <em>Internal Auditor</em> magazine's 2019 John B. Thurston award for her February 2018 feature article, <a href="/2018/Pages/Your-Personal-Brand.aspx">"Your Personal Brand."</a> Haig received the award today at The IIA's International Conference in Anaheim, Calif.</p><p>The Thurston Award recognizes the most outstanding feature article published in <em>Internal Auditor</em> during the previous year. Haig has been an internal audit professional for more than 20 years, most recently as director of internal audit and compliance for a New York-based global consulting firm. </p><p>In her article, Haig explains that just as a strong brand can be an organization's strongest asset, a personal brand is critical for an internal auditor. "Developing a strong personal brand can benefit an internal auditor's career in many ways," Haig writes. In addition to professional achievement and recognition, it can help auditors determine their career direction and assess whether they are in the right role. Importantly, she adds, "Through consistent use of his or her brand, (an internal auditor) will be seen as a trusted advisor."</p><p>In presenting the award, IIA Global Chairman Naohiro Mouri noted that Haig's own brand includes playing an active role in supporting the internal audit profession, including as 2019-20 senior vice chairman of The IIA's North American Board.</p>Tim McCollum0
International Conference: IIA Accomplishments, Awards, and Performance Excellencehttps://iaonline.theiia.org/2019/Pages/International-Conference-IIA-Accomplishments-Awards-and-Performance-Excellence.aspxInternational Conference: IIA Accomplishments, Awards, and Performance Excellence<p>​IIA President and CEO Richard Chambers opened day two of the International Conference in Anaheim, Calif., highlighting Institute accomplishments during the past year. Some noteworthy items include:</p><ul><li>The IIA surpassed the 200,000-member milestone.</li><li>It welcomed its 150,000th CIA recipient.</li><li>All North American conferences sold out.</li><li>The IIA's governance structure underwent restructuring.</li><li>Advocacy efforts are going strong around the world.</li><li>Publicly listed companies must disclose whether they have internal audit functions.</li><li><p>The IIA began its digital transformation. </p></li></ul><p><span style="font-size:12px;">Following Chambers' opening remarks, IIA Global Chairman Naohiro Mouri presented three awards in front of a crowd of 2,500 attendees. Nancy Haig won the John B. Thurston Award for her article, </span><a href="/2018/Pages/Your-Personal-Brand.aspx" style="font-size:12px;">"Your Personal Brand,"</a><span style="font-size:12px;"> in the February 2018 issue of </span><em style="font-size:12px;">Internal Auditor</em><span style="font-size:12px;"> magazine. Lawrence Harrington and Philip Tarling both received the Victor Z. Brink Distinguished Service Award. Gerald Cox received the William G. Bishop III, CIA Lifetime Achievement Award.</span><br></p><p>Moments later, Dennis Snow, president of Snow & Associates Inc., took the stage to talk about "Performance Excellence: The Employee Factor" and how to engage employees to deliver outstanding customer service. Snow, who had a 20-year career with Walt Disney World, focused on customer experience, performance excellence, and leadership. He outlined four principles that can create loyalty and performance excellence that is "worth every moment of effort you put into it."</p><h2>Principle 1: Clearly Define the Customer Experience </h2><p>Snow advised attendees to ask themselves, "Who are my stakeholders within the organization? What do we want their experience to be?" </p><p>"That's your brand," Snow says. "What three things do you want your stakeholders to say about the value you bring to the organization in the service you provide?" Is it that you're highly responsive? Your follow-through was outstanding? Do you anticipate their needs?</p><p>The customer experience must be defined in terms of employee behaviors, Snow explains. "What needs to happen to have them say those three things?" He says those behaviors need to be embedded in the culture. </p><h2>Principle 2: Know What Frustrates Your Customers — and Do Something About It </h2><p>Snow says far too many organizations know exactly what frustrates customers but don't do anything about it. He suggests meeting quarterly as a team to ask, "What things frustrate our stakeholders and what can we do about it?" A better question might be, "What keeps our stakeholders up at night and what can we do about it?" </p><h2>Principle 3: Hire the Right People </h2><p>Before interviewing people, leaders should determine what qualities make a superstar a superstar. Snow says identifying those qualities the organization wants in an employee can create a benchmark in the hiring process. For example, are managers seeing and hearing those qualities through the candidate's behavior in the interview? </p><p>"The interviewing selection process should model the culture of your organization," he says. "Every detail enhances or detracts from the culture of the organization. Are you demonstrating your values and culture during the interview process?"</p><h2>Principle 4: Train and Communicate Relentlessly </h2><p>Organizations can never assume their people get it, Snow warns. They can't put posters on the wall and say that's it. </p><p>"You have to be relentless about training and communication," he stresses. "You need to be very clear about what your expectations are." Snow says effective training and communication builds pride in the organization, ensures that the employee understands the true product, and guarantees that the employee knows what's expected.</p><p>When it comes to training, never let a coaching moment go, Snow advises. And it's important to never let a recognition moment go. "When our people feel like we sincerely appreciate what they do, the most powerful thing we can do is acknowledge that performance," he says. "The most effective recognition is all about emotion. We lock in performance excellence."</p><p>Whether it's at Disney World or within internal audit, these are the principles that create loyalty. "When we do these things consistently and well, the outcome is stakeholder loyalty," Snow says. </p>Shannon Steffee0

  • Birmingham City Univ_August 2019_Premium 1
  • IIA Training_August 2019_Premium 2
  • IIA CIA_August 2019_Premium 3