Practices

 

 

CEO Message: Recruiting the Best for Internal Audit's Futurehttps://iaonline.theiia.org/2021/Pages/CEO-Message-Recruiting-the-Best-for-Internal-Audits-Future.aspxCEO Message: Recruiting the Best for Internal Audit's Future<p>​Since 2013, <em>Internal Auditor</em> magazine has been showcasing emerging leaders in the profession. Those chosen for this distinction each year are the 30-and-under trailblazers who are shaping and growing the profession through innovation, technology skills, ingenuity, and hard work.</p><p>The IIA’s celebration of youthful talent in the profession could be short-lived without a thoughtful approach to recruiting and serving the needs and expectations of even younger potential members. </p><p>The IIA’s Internal Audit Education Partnership program supports development of internal audit curricula at participating colleges and universities. The program helps ensure graduates have the skills to conduct basic internal audits and prepares them to achieve the Certified Internal Auditor designation. However, it is not designed to inspire young people to become internal auditors.</p><p>The changing dynamics of modern business demand that we do more. Change is occurring at lightning speed, and disruption driven by technology is part of the new normal. The next generation of internal auditors must possess innately agile, curious, and innovative minds, and encouraging young people who exhibit such drive to consider a career in internal auditing begins at the high school level. The IIA’s new strategic plan speaks directly to addressing this.</p><p>Data from the 2020 Career Interest Survey by the National Society of High School Scholars suggest we have some work to do. It finds medicine and health-related careers (37%) the top choice of the more than 14,000 respondents. Another 17% chose business/corporate as an expected career path, which tied for second with sciences and biology/biotechnology. More traditional career paths for internal auditors — accounting/tax and finance/fintech — ranked considerably lower at 4%.</p><p>In the coming months, we will explore new and creative ways to reach Generation Z and will develop strategies, tactics, and resources to address our opportunity as a profession. This must include supporting diversity, equity, and inclusion (DEI) efforts at all levels. I’ve noted before that beyond being the right thing to do, supporting DEI is as much a business decision as an ethical one.</p><p>With the guidance and support of our North American chapters and affiliates around the world, we hope to soon reach out to high school guidance counselors or their equivalents to boost knowledge of the profession, dispel negative stereotypes, and encourage the best and brightest to consider internal auditing as a career.</p><p>As you read about the impressive group of emerging leaders featured in this issue, I hope you’ll join me in seeking new ways to mentor and nurture the next generation. The IIA understands this begins at the local level, and we will work diligently with our members to build a pipeline of future-ready auditors.<br></p>Anthony Pugliese0
Editor's Note: Standouts Amid Crisishttps://iaonline.theiia.org/2021/Pages/Editors-Note-Standouts-Amid-Crisis.aspxEditor's Note: Standouts Amid Crisis<p>​At a time when there’s not a lot of good news in the world to report, we are very excited to be able to do just that by introducing <em>Internal Auditor</em> magazine’s 2021 Emerging Leaders. </p><p>As we’re all well aware, working during a worldwide pandemic has introduced a host of new challenges for internal auditors, including remote work, travel restrictions, and communication issues, not to mention helping their organizations form COVID-19 response plans. This year’s Emerging Leaders have been required to address these and many other issues while continuing to add value in their daily work. And, as you will read in “<a href="/2021/Pages/Emerging-Leaders-2021.aspx" data-feathr-click-track="true">Emerging Leaders: 2021</a>,” they have done just that. </p><p>As Bill Mulcahy, longtime practitioner and IIA volunteer, explained in his nomination of honoree Christy Beers, “She handled the ultimate audit double dip — a large company merger while managing the changes that come with remote work during the pandemic.” Bill, who sadly passed away earlier this year, was one of Christy’s biggest advocates. “I’m grateful for having known him,” she told us. “I wouldn’t be where I am today without his mentorship.”</p><p>Bill was also a big advocate of <em>Internal Auditor</em>’s Emerging Leaders, nominating a young professional each year. Whenever one of his nominees was chosen, Bill would be sure to take out a full-page ad to congratulate him or her. We will greatly miss his dedication to, and enthusiasm for, advancing the next generation of internal auditors. </p><p>Bill’s 2021 nomination is one of 15 Emerging Leaders who hail from across the U.S. and five additional countries — The Bahamas, Canada, Ghana, United Arab Emirates, and Vietnam. Five men and 10 women from a variety of industries and backgrounds share their stories of success. From using virtual meetings and telehealth systems for virtual walk-throughs, to creating a collaborative onboarding portal and team intranet site, to creating new opportunities to be agents of change during the pandemic, their stories are diverse and impressive. </p><p>And speaking of impressive, beginning on <a href="/2021/Pages/Emerging-Leaders-Where-Are-They-Now.aspx" data-feathr-click-track="true">page 41</a>, we check in with some of our past Emerging Leaders. Whether they continue to rise through the ranks of internal auditing or are using their audit experience to move into a new profession, many of our past Leaders, as expected, continue to excel in their chosen career paths. </p><p>Hear more from past and current Emerging Leaders about just what it takes to be a leader in a series of videos on <a href="/" data-feathr-click-track="true">InternalAuditor.org</a>. </p><p>Congratulations to our 2021 Emerging Leaders! You’ve persevered through a pandemic and are more prepared than ever to be leaders in your profession. <br></p>Anne Millage0
Emerging Leaders: 2021https://iaonline.theiia.org/2021/Pages/Emerging-Leaders-2021.aspxEmerging Leaders: 2021<p>​This year’s Emerging Leaders have been forged by a fire their predecessors could never have imagined — but one that will change, in profound ways, how the profession is practiced and how its practitioners fit into their organizations’ strategic planning and operations efforts. Some of the professionals profiled here did their part by masking, distancing, and working from home. Others participated along with top executives in plotting their companies’ responses to COVID-19 and in assessing the effectiveness of chosen interventions; now they’re making sure they all continue as planned. Their careers, all of the Emerging Leaders agree, will involve more geographic flexibility, smoother access to decision-makers, and in many cases, greater focus on the soft skills required for integration into more and more aspects of their organizations. They also will include greater attention to the technology that’s changing practitioners’ connectivity and revolutionizing internal audit processes. Even in a work-from-home environment, 2021’s Emerging Leaders led and assisted in remarkable reconfigurations of their organizations’ information technologies to improve the accuracy and stakeholder understanding of their audit results. They also led and assisted in massive individual audit projects to assess company leadership, switch to new audit tools, and integrate an acquisition’s audit processes. In other words, they did what internal audit leaders usually do — even though they had to do it from afar.<br></p><h3><img src="/2021/PublishingImages/Leonardo-Ferguson.jpg" class="ms-rtePosition-1" alt="" style="margin:5px;" />Leonardo Ferguson, CIA, CRMA</h3><p><strong>30, Supervisor, Internal Audit </strong><br><strong>Colina Holdings Bahamas Ltd. </strong><br><strong>Nassau, Bahamas</strong><br></p><p>Leonardo Ferguson likes reporting results to audit clients better than he anticipated. “I began my professional career in public accounting, and my charted course did not include internal audit,” the Tuskegee University graduate says. Now Ferguson finds it rewarding to engage and collaborate directly with stakeholders and deliver reports that meet their expressed needs. Indeed, Ferguson says one aspect of the profession he would change is enhancing its collaboration with other assurance providers, both internal and external. “Primarily, we all have similar goals,” he says, “and by fostering synergies and aligning our focus, we can be even more impactful to the organization.” A key project Ferguson worked on involved assessing his company’s board as part of a governance, legal, and corporate audit engagement, reports his supervisor, Giorgina Duncanson-Thompson, chief group internal auditor at Colina Holdings. He designed procedures to assess the board’s composition, finding best practices through research that would benefit the company’s strategic plan and direction. The lesson, Ferguson says: “Our true value to the company doesn’t lie in performing tasks, but in understanding the overall objective and delivering recommendations that are well-received.” Duncanson-Thompson adds that in reviewing inactive and dormant accounts at the organization, Ferguson worked with management to develop system-enhanced solutions to reduce the need for manual intervention. “His work highlighted areas for improvement with regulatory reporting, and his recommended solution directly addressed management’s concerns,” Duncanson-Thompson says. Ferguson pays it forward by mentoring university students, and one notable mentee merged passions for information systems and internal audit after hearing about the rewarding career path the latter offers. The student is now a Certified Information Systems Auditor and looks to become a Certified Internal Auditor (CIA) as well. Ferguson also volunteers for #HashtagLunchbag, a charity that provides free meals to the community, and has worked on projects for the Bahamian conservation charity National Trust. In his free time, he focuses on landscape and event photography, travel, and quality time with family and friends.<br></p><h2><img src="/2021/PublishingImages/Nicole-OBryant.jpg" class="ms-rtePosition-2" alt="" style="margin:5px;" />Nicole O'Bryant, CIA</h2><p><strong>28, Consulting Manager, Internal Audit</strong><br><strong>Postlethwaite & Nettervile </strong><br><strong>Baton Rouge, La. </strong><br></p><p>Nicole O’Bryant had six months under her belt at her current company when COVID-19 forced everyone to work remotely. As the pandemic unfolded, says colleague Jude Viator, consulting associate director at Postlethwaite & Netterville, O’Bryant “saw an opportunity and took the initiative to request, obtain, and analyze team feedback to reimagine team connection points and ongoing meetings.” The Control and Risk team’s 30-plus members, scattered across multiple locations, had remained productive, he says, but connections were becoming stale. O’Bryant refocused the connection environment, Viator adds, leading to a highly successful new meeting format. “While working from home during the pandemic, our team members have strived to stay engaged with one another to maintain our positive firm culture,” O’Bryant says, “for each other and for new team members.” Long-term, she anticipates the need for practitioners to leverage technology even more extensively to facilitate client engagements and interaction. The challenge will be continuing to discover ways to connect beyond the video screen. “Connection will be key in delivering our continued value-added services to the organization,” she says. O’Bryant will be fostering additional connections, within the profession, in her role as vice president of programming at IIA–Baton Rouge; her work there facilitates engagement with other internal audit professionals, she notes, and helps her better understand “the challenges and strengths they encounter in their daily work.” That understanding has served O’Bryant well as she helps her company rethink local intern learning through a refresh of its summer internship program. Beyond the profession, O’Bryant volunteers with her college sorority, Chi Omega at Louisiana State University. Free time is spent with Jake and Theo — husband and goldendoodle, respectively — traveling to see relatives throughout Louisiana and Texas. Post-pandemic plans include a honeymoon on Italy’s Amalfi Coast.<br></p><h3><img src="/2021/PublishingImages/Christy-Beers.jpg" class="ms-rtePosition-1" alt="" style="margin:5px;" />Christy Beers </h3><p><strong>30, </strong><strong>Vice President, Audit Manager</strong><br><strong>Truist Financial Corp. </strong><br><strong>Atlanta</strong> </p><p>Christy Beers aced her first internal audit competition. Her student team won at IIA–Atlanta’s 2015 Internal Audit Case Competition — and she received her first internal audit job offer on the spot. She accepted and has been with the firm ever since. In 2019, notes colleague Megan Beeston Panella, IT audit manager, Business Advisory Services, at Rausch Advisory Services, and a 2019 Emerging Leader, Beers became the first Audit Case winner to later judge for the competition; this year, she chairs the chapter’s virtual, renamed 11th Annual Bill Mulcahy Auditing & Advisory Case Competition. She’s been involved with planning, panel discussions, and leadership for numerous chapter events, and in 2018 she received IIA–Atlanta’s Mulcahy Leadership Award. “Through my involvement in chapter activities, I’ve met mentors who have helped me achieve my career goals,” says Beers, who’s pursuing the CIA credential. Those mentoring lessons were tested by COVID-19, of course. “She handled the ultimate audit double dip — a large company merger while managing the changes that come with remote work during the pandemic,” said colleague and longtime IIA volunteer Bill Mulcahy, who sadly passed away in May. “She adapted her work style to make sure audit objectives were met.” Mulcahy, Beers comments, was one of her biggest advocates. “He saw potential in me that I didn’t even see,” she says. “I’m grateful for having known him. I wouldn’t be where I am today without his mentorship.” After office hours, Beers spends time outdoors and enjoys running, walking, and hiking. She’s also been dancing since she was 4: “It’s a great way to work out and be creative — and have fun in the process.”<br></p><h3><img src="/2021/PublishingImages/Maureen-Cooper.jpg" class="ms-rtePosition-2" alt="" style="margin:5px;" />Maureen Cooper, CIA<br></h3><p><strong>29, Senior Manager, Technology Audit</strong><br><strong>Protiviti</strong><br><strong>Dallas</strong><br></p><p>Maureen Cooper’s status as an Agile expert at her company began with a third party’s test run. “A client was starting on its Agile audit journey and asked us to partner on executing a couple of pilot audits,” the University of Oklahoma graduate says. The Agile approach emphasizes enhanced flexibility and greater engagement with stakeholders. In 2018, Cooper was tasked by executives with helping to develop “Next-gen Agile Audit” materials for the company, reports Andrew Struthers-Kennedy, a managing director at Protiviti. Cooper has since led external-facing webinars, conducted virtual and internal self-study training, and contributed to educational blog posts on the topic, Struthers-Kennedy says. “She regularly interviews clients on their Agile audit journeys to provide consulting advice tailored to their size, risk profile, and complexity,” he adds. As the company’s Next-gen Agile Audit practice has grown, Cooper has joined the project management office leadership team, including bringing in a junior colleague to mentor. More broadly, she focuses on technology audits and general controls and cybersecurity across financial services, consumer products, and manufacturing sectors. From April 2020 to March 2021, she helped lead a global strategic initiative to innovate control testing services using emerging technology and alternative delivery models. She and two colleagues defined, established, and piloted the company’s Control Testing & Innovation Center, leveraging a standardized approach to increase the effectiveness of 70-plus controls. At her previous Protiviti post, in Chicago, Cooper led a wide range of local community service activities, including toy and book drives, gift bag events, and sponsored activities in support of nonprofits. Spare time is spent with “a very busy toddler,” her husband, and their dog, Murphy. <br></p><h3><img src="/2021/PublishingImages/Andrew-Goodman.jpg" class="ms-rtePosition-1" alt="" style="margin:5px;" />Andrew Goodman, CIA, CPA</h3><p><strong>29, Manager, Medicare Compliance-Continuous Monitoring</strong><br><strong>CVS Health</strong><br><strong>Hartford, Conn.</strong><br></p><p>Andrew Goodman started his career in public accounting before transitioning into internal auditing. “I did not realize that I would be able to interact with senior business leaders almost immediately,” the Bentley University graduate says now of his audit work. “That’s an opportunity few other early-career roles provide.” After five years in the profession, Goodman recently transitioned again — this time to Medicare compliance. He stresses that the skills he developed in internal audit prepared him to take on the new role. His stint in the profession included innovating an approach to auditing Medicaid processes following the $69 billion 2018 merger of Aetna, where he started in 2016, and CVS Health, where he still is, and the integration of the two companies’ internal audit departments. He and his team reviewed Medicaid contracts and identified the controls in place to ensure compliance with specific contract requirements, explains colleague Alex Rusate, senior internal auditor at the New York Independent System Operator and a 2017 Emerging Leader. “Where any gaps existed, they identified those and worked with their business partners to agree on sufficient corrective action — an approach to Medicaid that the internal audit department had never taken before,” Rusate says. Goodman’s time in internal audit also included providing key support services as the COVID-19 threat began to grow, validating the effective implementation of some of the company’s pandemic-related policy changes. Long-term, he says, internal auditors will continue to become more adaptable as circumstances change due to the pandemic. And they will embrace “the new environment of working with colleagues and business partners remotely rather than in person.” <br></p><h3><img src="/2021/PublishingImages/Than-Van-Nguyen.jpg" class="ms-rtePosition-2" alt="" style="margin:5px;" />Than Nguyen, CIA</h3><p><strong>28, Internal Audit Manager</strong><br><strong>Masan Group</strong><br><strong>Ho Chi Minh City, Vietnam</strong><br></p><p>Than Nguyen sees the silver lining: COVID-19 has changed the business environment, he says; it has created unique challenges that demand “new ways of working.” But the pandemic has also offered opportunities to explore ways to provide more value to the organization as agents of change, he adds, by sharpening the profession’s focus on consulting activities that identify improvement options, embrace innovation, and contribute to sustainable growth. “The pandemic will accelerate internal audit’s transformation journey in Vietnam toward best practices that will improve efficiency and effectiveness,” he says. Nguyen has led numerous successful transformation projects for financial institution and corporation clients, says colleague Thao Tran, internal audit assistant manager at Yamaha Vietnam, who adds that the Academy of Finance Vietnam graduate always “takes into account the nature of each business to come up with the best practical solution.” He says Nguyen also actively seeks opportunities to be part of the global IIA community. Indeed, Nguyen was chosen to be an IIA Global Professional Knowledge Group member as a subject matter expert, Tran adds, “exposing him to many different views, opinions, and skills.” Colleague Phuong Tran, a lecturer at Professional Training and Consultancy Company Ltd., notes: “Of course, there is no specific recipe, but I think that he simply always tries to find better strategies — he works hard, reads a lot, and thinks carefully before he carries out any task.” Nguyen recently participated in the SeABank Run for the Future and the BBGV Charity Fun Run, both fundraisers. In his spare time, he networks with friends and colleagues, and enjoys reading, watching news, traveling, and hiking.<br></p><h3><img src="/2021/PublishingImages/Jennifer-Anderson.jpg" class="ms-rtePosition-1" alt="" style="margin:5px;" />Jennifer Anderson, CIA</h3><p><strong>30, Senior Internal Auditor, International Ports & Terminals</strong><br><strong>DP World</strong><br><strong>United Arab Emirates</strong><br></p><p>Jennifer Anderson spends much of her time in the air. “I do a lot of aerial acrobatics, such as aerial silks, hoop, and trapeze,” the University of Glasgow graduate says of her free time. She has performed in circus shows and is now choreographing a routine for a virtual aerial competition. On the job, she’s in the air a lot too, spending about half of her time traveling internationally to audit DP World’s International Ports & Terminals portfolio. Her company specializes in cargo logistics and port terminal operations, and in one recent three-month spell, business took her to the U.K., Egypt, and Ukraine. When she’s on the ground, Anderson coordinates the Group Internal Audit flagship Guest Internal Auditor Program, which invites employees from all over the world to join the headquarters team on internal audits. Anderson also is helping establish Group Internal Audit’s Future Internal Auditor framework, an in-house development effort aimed at future-proofing the internal audit team, ensuring it stays relevant. And she enhanced her team’s capacity to deliver value by working with her company’s Human Capital department to develop an assessment tool enabling Group Internal Audit senior leaders to gauge their direct reports’ competencies and address any training needs. Moreover, the ground and the air are the focus of Anderson’s zeal for corporate sustainability — she incorporates elements of sustainability in all of her audit reports. “As auditors, we are in a valuable position to influence organizations to recognize the importance of environmental, social, and governance (ESG) elements,” she explains. Using audit practices and reports as a platform, Anderson notes, she can highlight those elements, which encourages the rest of the audit team to take ownership, too. “We can really enrich the operating environment with our unique perspective and capabilities — recognizing the importance of ESG elements is a crucial priority,” she says. Anderson also participates in the DP World Youth Council, which seeks to give youth a voice, empower them, and engage their thoughts. <br></p><h3><img src="/2021/PublishingImages/Andrew-Sherman.jpg" class="ms-rtePosition-2" alt="" style="margin:5px;" />Andrew Sherman, CPA</h3><p><strong>24, Advisory Senior Consultant, Assurance and Internal Audit</strong><br><strong>Deloitte & Touche LLP</strong><br><strong>Chicago</strong><br></p><p>Andrew Sherman’s dual degrees in accounting and business intelligence/data analytics provide an uncommon perspective on internal audit, risk advisories, and business scenarios. “He’s always challenging his core business background and traditional competencies with new concepts, tools, and methodologies in data analytics,” says co-worker Sarah Fedele, U.S. internal audit lead at Deloitte, “including statistical analysis, data visualization, Agile methodologies, and cybersecurity.” That’s part of the reason Sherman was promoted to his current post earlier this year, and he’s enthusiastic about the vantage point his role affords. “Internal audit provides an opportunity to interact with all levels of management across multiple functions,” he notes, “allowing me to identify and advise on issues that affect more than one function or process area.” He mentors new analysts on communicating with clients and team members in the remote virtual world, Fedele adds. Sherman says he hopes “internal auditors’ success at working remotely during the COVID-19 pandemic expands the talent pool of exceptional individuals who live and work outside more traditional commute ranges.” He also helped plan and design the Internal Audit Foundation’s Premier Research Study 2020: Assessing Competencies in Internal Audit. The Creighton University graduate, who’s pursuing the CIA credential, was “pivotal in extracting insights via data analysis and visualization and in writing the final research paper,” Fedele notes. The results aim to provide valuable and measured information that depicts competency across the profession in a meaningful way. Sherman ran the Chicago Marathon in 2019, fundraising for WorldVision’s global clean water-supplying efforts, and when local COVID-19 restrictions are lifted, he plans to get involved in local Endure2Cure cancer support programs. In his free time, he enjoys golfing, running, indoor rock climbing, and playing video games.<br></p><h3><img src="/2021/PublishingImages/Mercedes-Washington.jpg" class="ms-rtePosition-1" alt="" style="margin:5px;" />Mercedes Washington, CIA, CFE CCSK</h3><p><strong>30, Internal Audit, Auditor I</strong><br><strong>Nielsen</strong><br><strong>Oldsmar, Fla.</strong> <br></p><p>Before her career in auditing began, Mercedes Washington learned how her company works. Starting with a bachelor’s degree in business management, the University of South Florida graduate “gained firsthand understanding of the equipment and software applications that support the company’s global business,” reports Kevin Alvero, senior vice president, Internal Audit, Compliance, and Governance, at Nielsen. She was promoted to project manager, working with stakeholders on implementing new measurement technology. Now, Alvero notes, she audits technology projects for process quality and standards compliance. “I love the granularity of internal auditing,” Washington says. “I thought it would be difficult to grasp the ins and outs of a company so large, but it has furthered my love of being in the weeds. Delving deep into the organization to fully understand processes and detect possible risk points is right up my alley.” Alvero adds that Washington created a streamlined process for internal audit’s walk-throughs — a standardized, digital data collection method that “eliminates the need for multiple back-and-forth emails and follow-ups with external auditors.” He says she also uses leadership of her professional development and growth “community of practice” at Nielsen as a platform for sharing insights on the internal audit profession with peers in other departments, and she’s active in business resource groups that help sustain active Black leadership and promote diversity. Washington is also working on adding a CIA and an MBA after her name. In her free time, Washington enjoys Brazilian jiujitsu, tumbling, indoor rock climbing, and 5K runs, and says she can “spend hours visiting model homes for decorating ideas.”<br></p><h3><img src="/2021/PublishingImages/Brooke-Schaefer.jpg" class="ms-rtePosition-2" alt="" style="margin:5px;" />Brooke Schaefer</h3><p><strong>28, Audit Manager, Controlled Substance Expert and Opioid Rx Product Specialist</strong><br><strong>Crowe Healthcare Risk Consulting LLC</strong><br><strong>Clayton, Mo.</strong><br></p><p>Brooke Schaefer never saw herself fitting into a professional box. “Instead of working on a wide variety of audits in the health-care sector,” reports her career coach, Tamara Mattox, audit senior manager at Crowe LLP, “she helped develop a specialized controlled substance pharmacy team and is now a subject matter expert.” The specialty: investigating drug diversion, which the U.S. Council of State Governments calls “the deflection of prescription drugs from medical sources into the illegal market.” Schaefer, who’s pursuing the CIA credential, says she expected her work to be high stakes, but adds: “I never anticipated being in a position that allowed me to have such an impact on society.” Working with pharmacy clients revealed all the manual processes in place to mitigate opioid prescribing and diversion risks, Schaefer explains, so her team built software to eliminate them — it analyzes prescribing data and uses proprietary complex algorithms to identify even the savviest of attempted crooks. The project was Schaefer’s introduction to software programming. “Internal auditors can be disrupters in the industry,” the graduate of both Maryville University and William Woods University says. “It’s pretty remarkable what we have been able to accomplish.” She’s also part of what Mattox calls a small, select group of auditors on an internal professional growth team tasked with “looking outside the box for supporting individuals on their internal audit career paths.” When the pandemic started to take its toll, controlled substances projects no longer could include travel to client sites — but the internal audit team could not postpone its work. Schaefer used virtual meetings and telehealth systems for virtual walk-throughs so business could continue. Outside of work, Schaefer volunteer fundraises for her community’s pool and park; she also loves spending quality time with family.<br></p><h3><img src="/2021/PublishingImages/Sabrina-Mongrain.jpg" class="ms-rtePosition-1" alt="" style="margin:5px;" />Sabrina Mongrain<br></h3><p><strong>28, Senior Manager, Global Regulatory Compliance Audit</strong><br><strong>Royal Bank of Canada</strong><br><strong>Toronto</strong><br></p><p>Sabrina Mongrain always wants to know the “why?” behind processes, controls, and risks; she regularly queries co-workers in the business to understand their problems and ensure internal audit’s alignment with their strategies. “She works to solution alongside the business, rather than solution at it, to ensure stakeholder buy-in and partnership,” says former manager-once-removed Sara Gelgor, chief compliance officer at Concentra. Indeed, Mongrain says the best part of internal audit is understanding processes end-to-end. “We are collaborators with the business on processes,” the Laurentian University graduate says, “not just reviewers after processes are in place.” She shared her forward-thinking ideas at a credit union group’s internal audit roundtable in 2020, encouraging attendees to challenge standard audit regimes. And at a former employer, Mongrain helped reengineer the regulatory compliance risk assessment process. She also implemented new technology for the audit team there that reduces the risk of missing audit observations, and she created a more analytical, numbers- and percentages-based audit format to identify areas of concern for senior management and the board. “I work to be as transparent and collaborative as possible,” says Mongrain, who’s pursuing a CIA. “Keeping secrets from the stakeholder in the engagement does not benefit anyone. That has certainly taken the ‘policing’ out of my style of auditing.” Beyond her audit work, Mongrain is a volunteer board member at Rituals for Recovery, an Ontario nonprofit that assists with trauma recovery, and a March of Dimes volunteer who “chats with folks who have been shut in through the pandemic to help uplift their days.” She also knits and crochets.<br></p><h3><img src="/2021/PublishingImages/Holly-Saville.jpg" class="ms-rtePosition-2" alt="" style="margin:5px;" />Holly Saville, CIA, CPA</h3><p><strong>27, Finance Manager, Commerce Finance</strong><br><strong>Microsoft</strong><br><strong>Redmond, Wash.</strong><br></p><p><span class="s1" style="letter-spacing:-0.1px;">When COVID-19 started to disrupt every aspect of commerce, </span><span class="s2" style="font-stretch:normal;font-size:8.5px;line-height:normal;font-family:interstate;letter-spacing:-0.1px;"><strong>Holly Saville</strong></span><span class="s1" style="letter-spacing:-0.1px;"> “proactively answered the new challenge of remote work by developing a team website,” says former supervisor Brian Salvador, director, Controls and Compliance, at NAES Corp. and a 2017 Emerging Leader. Saville, a University of Kansas graduate, explains that with Microsoft operating remotely since March 2020, she saw the need to foster digital collaboration. “I improved my team’s online documentation, including creation of a collaborative onboarding portal and team intranet site,” she says, “to centralize resources and facilitate the entirely remote onboarding of 15 new teammates.” Salvador notes that the website created “clarity and camaraderie,” adding that the guidance in it provided significant value to the onboarding process. She now supports a multibillion-dollar online financial platform, focusing on order-to-cash processes, to ensure accurate accounting and financial reporting. Day to day, she autonomously and directly supports management in developing complex and innovative solutions, which requires deep understanding of the company’s intricate systems to design and execute end-to-end processes and controls. Expertise in risk assessment and control improvement is a must, Salvador notes, because Saville “leads initiatives to drive process improvement across engineering, compliance, and finance.” Interestingly, risk management, now her favorite part of internal audit, seemed dense and abstract in academia, Saville says, adding that real-life practice has proved it to be “an area of immense impact.” Saville volunteers as a guest speaker at Seattle University and participates in alumni panels at the University of Kansas. She also is a member of a United Way committee at Microsoft that supports charity events, encouraging community engagement across her team; and she organized a volunteering program at a care home in a community struggling with homelessness and mental health issues. In her free time, Saville enjoys scuba diving and international travel.</span><br></p><h3><img src="/2021/PublishingImages/Clement-Osei-Agyemang.jpg" class="ms-rtePosition-1" alt="" style="margin:5px;" />Clement Osei Agyemang, CFE, CISA, CFIP, CCA</h3><p><strong>30, Founder</strong><br><strong>Global Independent Oversight Experts</strong><br><strong>Accra, Ghana</strong><br></p><p>Clement Osei Agyemang aims high. At one former employer, he made history. “I was the first person to properly set up an internal audit department among the company’s branches in Africa,” the University of Professional Studies, Accra, graduate says. While there, Agyemang established the Officer of Integrity award program to promote integrity among the entire staff, reports colleague Eric Odobai, manager at IIA–Ghana. The aim, he adds, was to “offset destructive behaviors with incompatible productive ones.” At another former company, Agyemang’s audit plan included assessing and advising on management interventions to contain the COVID-19 pandemic, among other approved audit activities. “He is great at coming up with new ideas,” Odobai adds. “He is a hope for the future of internal audit.” Now, Agyemang devotes his time and energy to a nonprofit organization he founded in 2020 to continue the internal audit services volunteering he’s been engaged in since he was in college, Odobai notes. Global Independent Oversight Experts provides free oversight services for businesses that can’t afford them, Agyemang says, but that need such services to survive the pandemic. “I believe there are a lot of organizations out there that need the services of highly objective, candid, and trustworthy people like myself to give them honest answers and solutions,” he adds. Internal audit’s assurance and consulting activities have improved the conditions of many companies, he says, adding: “If I could, I would make internal audit a global compulsory function in the corporate world, either in-house or outsourced.” Agyemang, who’s pursuing the CIA designation, also serves as a member of IIA–Ghana’s Certification and Professional Development Committee. <br></p><h3><img src="/2021/PublishingImages/Angie-Mauga.jpg" class="ms-rtePosition-2" alt="" style="margin:5px;" />Angie Mauga<br></h3><p><strong>25, Risk Advisory Services, Associate II</strong><br><strong>Weaver</strong><br><strong>Dallas</strong><br></p><p>Angie Mauga has combined academia and The IIA for much of her adult life. As a student at the University of Texas at Dallas (UTD), she was president of the school’s Center for Internal Auditing Excellence (CIAE) Student Chapter, notes center director Joseph Mauriello. And at 2018’s Internal Audit Education Partnership (IAEP) Student Exchange, he adds, Mauga conducted a 45-minute one-on-one interview with Naohiro Mouri, The IIA’s global board chair at the time, in front of more than 300 attendees — several of whom she later mentored. Mauga was also a student liaison for the IIA–Dallas<br>Super Conference and annual UTD Fraud Summit from 2016 to 2020, helping coordinate student volunteer groups to facilitate conference activities. As a graduate and professional, Mauriello says, Mauga — who’s working toward obtaining the CIA credential — still contributes to the success of the CIAE. “She used her experience as a student in IAEP courses to fine-tune the coaching methods used to facilitate student projects and papers,” he explains. “Her one-on-one coaching techniques, for which she pulled from her own experience as an internal audit student, resonated with her peers.” Mauga says: “My work with students has helped me develop my internal audit knowledge and improve my soft skills.” As a college student, she adds, she generally worked independently. “Now that I have started my career in internal audit, I have realized I enjoy the amount of collaboration this career requires,” she says. Mauga also volunteers at a local food bank, and in her free time she’s been learning to shoot skeet and “going on food adventures around Texas” with her husband.<br></p><h3><img src="/2021/PublishingImages/Gillian-Wayne.jpg" class="ms-rtePosition-1" alt="" style="margin:5px;" />Gillian Wayne, CIA</h3><p><strong>29, Vice President, Audit Supervisor</strong><br><strong>Bank of America</strong><br><strong>Charlotte, N.C.</strong><br></p><p>Gillian Wayne wanted to be a banker since she was 4; her parents fashioned a pretend drive-through ATM and used their real Bank of America deposit slips to complete transactions with her. In 2013, she lived that dream by interning in the audit department at Bank of America’s corporate office. “Internal audit has provided me a vantage point of the organization that few experience,” the Florida State University graduate says. “Practitioners work with people across the organization, at all levels, allowing us to appreciate interdependencies and what is truly important to the business.” Wayne joined the company’s central strategy team in 2019, adds manager Janet Jarnagin, senior vice president, audit director, at Bank of America, and now focuses on executive reporting, including creating reports and dashboards that summarize audit results, issue trends, and control environment indicators. In fact, she’s created new reporting to better highlight audit results and trends. Jarnagin points to one example: A section of the quarterly board report had a text-heavy narrative format. “She brought in more quantitative data points to provide a more holistic view of each segment’s control environment,” Jarnagin says. The process involved streamlining the text and reducing the risk of errors. “I carved out some time to experiment,” Wayne adds, “then pitched the redesign to senior leadership in my team.” Wayne also made time for volunteer work through her company, organizing a tree-planting event that spanned three metropolitan areas — Charlotte, N.C., New York, and Chicago. Free time no longer exists for Wayne, who’s focused on planning a Nov. 7 wedding and remodeling her home.  <br></p><p><img src="/2021/PublishingImages/Emerging-Leaders-2021-Judges.jpg" alt="" style="margin:5px;width:700px;height:463px;" /><br></p>Russell A. Jackson0
A Quiet Placehttps://iaonline.theiia.org/2021/Pages/A-Quiet-Place.aspxA Quiet Place<p><em>​“If one goes into a strange society and can do these three things, ask a question accurately, give a command accurately, and gloom and exclaim and enthuse at the proper moments, most of the rest of what you have to do is listen.”</em> — Margaret Mead<br></p><p>Why is it so hard for internal auditors to stay quiet? Why do we move from step to step in our process without providing the silence that allows others to fully communicate? It’s not that we’re nonstop prattlers, constantly running off at the mouth. But we seem to have a fear of silence — an inability to quietly sit back, allowing communication and information to flow without interjecting our own thoughts and ideas.</p><p>We are not the only ones; people everywhere seem to believe proof of their existence requires constant verbalization. But success in our profession can only be achieved when we develop a metaphorical quiet place — a time and space that allows for uninterrupted flow of communication from the person with whom we are working.</p><p>In the earlier quote, U.S. anthropologist Margaret Mead details our role in allowing sufficient space for silence. And while what follows primarily relates to interviewing, it is applicable to all audit activities, including meetings, testing, and even report writing.<br></p><p><strong>Give a command accurately.</strong> No, we are not literally giving commands when we perform audit work. But we do provide direction — specifically or by inference — that helps the client focus, move forward, and provide the communication we need. <br></p><p><strong>Gloom and exclaim and enthuse at the proper moments.</strong> Successful communication requires empathy. Not to be confused with sympathy, or feeling sorry for someone, empathy is the unfeigned ability to recognize and relate to another person’s emotions. And showing that empathy by responding with gloom, exclamation, or enthusiasm, as appropriate, builds the rapport necessary for effective communication with audit clients.</p><p><strong>Ask a question accurately.</strong> Mead listed this item first, but I saved it for last because of its importance. In our profession, we ask a lot of questions. But do we truly understand what we are asking, why we are asking it, and what we hope to gain? Before we begin any step in the audit process — before we open our mouths or begin a test or even place our fingers on the keyboard — we should pause to think about what we are about to express. We need to determine how it relates to what has happened before, how it applies to what’s currently happening, and how it will impact what happens next.</p><p>We have to know what to share, how to respond, and what to ask. But most importantly, we have to know when to say nothing at all. Silence is the opportunity we give others to provide the information we need. </p>Mike Jacka1
The Power of Integrated Auditinghttps://iaonline.theiia.org/2021/Pages/The-Power-of-Integrated-Auditing.aspxThe Power of Integrated Auditing<p>​Integrated auditing — a combination of financial, performance, and IT auditing — offers numerous benefits to an audit function, allowing greater impact without necessarily increasing headcount. Integration can help internal audit stay relevant in its role as trusted adviser in the rapidly changing post-COVID-19 environment.</p><p>Integrated auditing's strength is that it shows not just where money was spent, but how it was spent — an important consideration in the public sector, says Mara Ash, CEO of Business & Financial Management Solutions LLC of Austin, Texas. Taxpayers want government to spend their tax dollars prudently, efficiently, and effectively, and integrated auditing can provide this reassurance. It's a different concern compared with the private sector, which generally is more focused on making a profit. The public sector's concern, by contrast, is "Did you use my tax dollars efficiently?" Ash says.</p><p>The move to integrated auditing represents an evolution of internal audit, says Kip Memmott, audit director for Oregon's Secretary of State. Auditors — whether performance, financial, or IT — used to be more siloed into their respective areas. Now, each needs to know more about the others' areas. "It's an awesome opportunity for cross-training, not only from a technical skill set, but from a cultural area," he says, in terms of breaking down rivalries and developing understanding. While the performance, financial, and IT auditors all have different skill sets and work with different legal requirements and standards, they all are working toward the same end game — determining whether the client is executing its mission to the best of its ability, Memmott says.</p><h2>Benefits of Integration</h2><p>From the organization's point of view, the advantages are efficiency and effectiveness, says Domenic Savini, assistant director for the Federal Accounting Standards Advisory Board (FASAB) in Washington, D.C. For example, when auditors perform an integrated audit, they accomplish their objectives using coordinated audit processes and testing that typically cut across multiple audits and/or objectives during the audit cycle and yield results that are more comprehensive. The audit tests help satisfy multiple objectives and bring audit matters into sharper focus. This win-win situation keeps use of audit and client resources to a minimum and results in comprehensive recommendations and related solutions, says Savini, who notes his views are personal and do not necessarily reflect those of the FASAB or any of its members. </p><p>For Ash, integrated auditing allows public sector organizations to determine whether expenditures were made efficiently and whether they were effective. Determining effectiveness allows the organization to make good management decisions about the direction of the program. It also pushes auditors out of their comfort zones to look holistically at the organization and its processes, helping them to become more of a trusted adviser.</p><p>Integrated auditing exposes employees — especially those seeking management roles — to different operational areas, Savini says. This exposure helps them develop an understanding of their organization's various business processes, become more effective decision-makers, and hopefully, more well-rounded managers, he adds. </p><p>Integrated auditing also gives organizations a broader reach and more depth in its audits, and a powerful tool to look at complex issues, Memmott says. He notes both performance and financial audit standards require practitioners' data to be reliable, adding that IT can help make this determination. Meanwhile, the multiple concerns of a COVID-19 and post-COVID-19 work environment — managing a workforce, recruiting and turnover, telework, and flexible work schedules and work sites — all are areas in which internal audit should be involved, he says. </p><p>Bringing together performance, financial, and IT audits provides audits that are powerful, real-time, and proactive. Integrated auditing also pushes audit to take a more active role with its organization. "The idea with integrated auditing is to be more proactive, more strategic, and more forward looking," Memmott says.<br></p><h2>Barriers to Adoption</h2><p>Despite its advantages, integrated auditing is not often used in government, Memmott says. Many internal audit functions are small and do not have either the staff or the skill sets, especially for IT auditing. Risk aversion, the mindset of "this is the way we've always done things," also plays a part. </p><p>For Savini, having adequate and competent staff resources are a chief audit executive's primary concern, followed by efficient communication among the audit team members and management buy-in on the concept of integrative auditing. Management needs to understand that what may appear to be "scope-creep" is actually an investment toward future resource savings and better, more focused audit results, he says. </p><p>Integrated audits take longer because of their broader scope. Some areas may take longer than planned or newly discovered areas may need to be addressed. Integrated audits can be budget-eaters, especially if they are not well designed and coordinated, Memmott says. Conversations with the audit committee during development of the audit plan are important. "Because of the cost, it's got to be the right area," Memmott says. </p><p>The silos that can exist between different areas, such as between different types of auditors, also can be a barrier, Memmott says. Differences in expectations and relationships may need to be worked through with clients as well. "There's a lot of education, not only internally, but externally, that should go into integrated auditing," he says. </p><p>While not necessarily a barrier, auditors in the public sector need to stick to the facts, be aware of topics that might be politically sensitive, as well as avoid political groupthink and the influences of politics or political ideology, Savini says. Auditors in the public sector as well as those with highly engaged audit committees typically do not have the luxury of picking and choosing their audits. As a result, these auditors need to be clear and know how their results will be used. "We can't hide from doing an audit, but we have to do it in an apolitical and unbiased manner," Savini says. "We must protect the integrity of the internal audit profession."</p><h2>Real-time Auditing</h2><p>Typically integrated auditing is done at the end of the fiscal year to coincide with the annual financial audit, Ash says. (An internal auditor typically would not perform the annual financial audit; however, internal auditors may be involved in providing assurance over internal controls affecting financial statements.) That said, real-time auditing has benefits, she notes, given that government entities are moving to integrated audits for their grant programs. They are doing so because grantees are required to show the outcomes associated with the funding they received, and federal guidance requires them to share new ideas or efficiencies. Real-time auditing enables grantees to make course changes during the performance period to ensure desired outcomes, and the results can be applied to other programs.</p><p>Integrated auditing, working hand-in-hand with real-time auditing, brings more muscle and provides greater assurance. The key, Memmott says, is in structuring the real-time audit to ensure that, even with the larger scope of the integrated audit, information is disseminated in a timely fashion.</p><h2>Implementation</h2><p>In looking to implement integrated auditing, "my advice is always to start at the top," Ash says. She recommends making sure that management is on board and understands internal auditing as well as integrated auditing. With integrated auditing, it's a matter of breaking down the mindset of separation — financial and performance audits and understanding how they are integrated — then putting it all together with the organization's existing work tools and programs.</p><p>Second, Ash suggests looking at major, high-dollar-value programs, especially if they are subject to federal funding regulations, or if they are actively monitored at the state/county/local level. These programs provide a great starting point, because stakeholders and others will want information about program outcomes, Ash says. Third, she advises looking at high-visibility programs, the ones that are in the public eye. <br></p><p>In terms of helping teams work together, "data analytics is a magical tool," Memmott says, noting that it has the power to bring financial, performance, and IT teams together, even though they have different objectives. In addition, when building an audit plan, he says auditors should think about the objectives and the steps to meet those objectives, and build the plan specifically around integrated auditing. </p><p>In addition, a good onboarding program can help with recruiting and retention, break down the silos between disciplines, and build understanding across disciplines. Memmott notes that his department has a rotational program, for example, where performance auditors could rotate through IT. </p><p>Diversity within a team is critical as a means of supporting candid discussions on different issues, Savini says, and to help ensure audit stays apolitical and true to its objectives. He stresses the importance of hiring not based just on demographics, but hiring for diversity of thought, opinion, and experiences.</p><p>When working with public governing bodies such as county commissions and city councils, "integrated auditing is your friend," Ash says. An integrated audit can answer the organization's bottom-line concern — what it got for its expenditure on a project. With an integrated audit, Ash says she can tell the governing body that money spent on allowable costs and controls was effective, detail programmatic outcomes, and discuss what improvements might be needed. </p><p>While implementation of integrated auditing can have higher initial costs, the return on investment will pay for itself down the road, Savini says. In this current environment, organizations need to leverage every resource to get "mean, lean, and green," so it is an advantage to leverage the skills of auditors. "If they're ready, willing, and able, you have got the most important part of the battle won," Savini says. </p><p>Integrated auditing also will help organizations cope with possible cuts in federal funding and develop better programs, Ash says. "Integrating performance and fiscal auditing is something that we are going to have to get comfortable with now, because in the future it's something we are going to have to do to survive."<br></p>Geoffrey Nordhoff1
A New Runwayhttps://iaonline.theiia.org/2021/Pages/A-New-Runway.aspxA New Runway<p>​I have been an internal auditor for most of my career, and from the beginning, it has been fulfilling, challenging, and interesting. Internal auditing has played to my strengths of curiosity, focus on continuous improvement, building risk assessments, and developing business relationships. I have enjoyed partnering with process owners, learning about their challenges, and highlighting risks and improvement opportunities.</p><p>Yet, one day early in my career, the company's chief financial officer (CFO) asked me a question that had rarely crossed my mind: "So, what do you want to do with the rest of your career, or would you like to be a career auditor?" It was a big question and I answered it honestly; I loved audit and believed in the value a solid audit team could bring to an organization. Just six years out of college, I felt I still had quite a bit to learn before needing a change.</p><p>I continued my audit journey and soon switched to a different company with an opportunity to rebuild a part of the internal audit team that had recently experienced significant turnover. For the next six years, I had an amazing run, leading audit teams on three continents, building strong relationships with process owners, and partnering with various departments to enhance the value the team delivered.<br></p><p>But still, the CFO's question gnawed at me. Did I want to be a career internal auditor? Would I have the courage to leave the comfort of my chosen profession to broaden my horizons and reap the potential benefits of following the path unknown? What lessons could I learn by stepping outside of my comfort zone and career? I faced a decision that most internal auditors contemplate during their career, and this is what I learned on my journey.</p><h2>A New Direction</h2><p>For me, the CFO's question raised other questions. Was I missing something by not stepping out of my comfort zone and "going into the business"? Was it right to question my chosen career path? I had the opportunity to work with many departments and often had wondered whether I could leave internal audit behind to do something else. Most times, the answer was a fairly definite "no," while a couple of times I could have been tempted by job openings on other teams.</p><p>That temptation first arrived when I was presented an opportunity to join the Financial Planning and Analysis (FP&A) team with the company's largest division. The new vice president of Finance was shaking things up and already had proven to be the kind of leader many aspire to be — authentic, visionary, intelligent, supportive, and thoughtful. Her goal was to elevate the finance department to the next level after a recent large acquisition. The proposition was that my audit skills in process review and analysis, focus on improvement, and problem-solving abilities would benefit the team in performing a value chain analysis, building efficiencies, and strengthening controls.</p><p>The opportunity seemed to finally answer my question of whether I could have a career outside of audit. I was excited at the prospect of learning from a respected leader, expanding my skills, and supporting process improvement initiatives I believed in. Finally, I would be able to see what life was like outside of internal audit.</p><p>And so, I started a new career. It was a thrilling new runway to take off in a new direction, exciting albeit slightly intimidating. Things were changing fast at the division, and my role was reimagined shortly after I joined the team.</p><p>I didn't mind. At last I had the coveted seat at the table. I was included in strategic planning discussions, helped create analyses that would drive capital investment decisions, and contributed to presentations that would be shared with senior executives. I worked with everyone from engineers to demand planners; dove deeper into business operations; and lived and breathed waterfall bridges, economic value-added calculations, and cash flow analyses.</p><p>It was an incredible amount of hard work. The deadlines were rigorous; the pressure was intense.</p><p>During this time, I realized that my internal audit team had been rather sheltered. Although the run up to the audit committee meetings could be hectic, and report issuance could get contentious, it was nothing compared to the amount of scrutiny that was placed on FP&A. Every number, every word mattered. If a forecasted result was missed, FP&A was the first to be held accountable. We equipped the vice president of Finance with every bit of information we could think of in anticipation of senior leadership questions. Our team was on call and always ready.</p><h2>Lessons From the Other Side</h2><p>I spent two years in FP&A. During that time, I learned several valuable lessons that helped me grow professionally and deepened my appreciation of how a strong internal audit team can effectively support the organization.</p><p><strong>Internal auditors are uniquely positioned to support business initiatives and ad ho</strong><strong>c projects.</strong> Although internal auditors often are viewed as generalists, their skills can be successfully applied in other parts of the business. I found FP&A fulfilling because the projects complemented my natural curiosity, as well as my ability to ask the right questions, dig into details, and make connections between varied parts of the process to pinpoint improvement opportunities.<br></p><p><strong>Understanding business drivers and their correlations is imperative for a successful audit. </strong>Being in FP&A showed me facets of core operations I had not seen before. Audit teams often review downstream processes, such as accounting, without fully grasping the dynamics of the operational strategy, which could lead to a misaligned audit scope or lackluster observations. Internal auditors should seek to understand the organization's core operations and risk profile to better align the entire audit cycle, from organizational risk assessment to audit procedure design.<br></p><p><strong>Respect and understanding of business activity cadence garners g</strong><strong>oodwill. </strong>I gained greater respect for the complexity of business processes and urgency of timelines. I also have a better appreciation of the importance of teamwork and the incredible amount of dedication and hard work that the accounting, finance, and operations teams put in to drive the business forward. Proactively planning around a month-end close, a quarterly reforecast, or strategic planning doesn't mean constantly pushing projects to the side. However, general awareness and accommodation in the audit plan can yield higher engagement from business partners.<br></p><p><strong>Recognizing the deeper impact of an audit observation and audit as a whole is vital. </strong>Business partners often are stretched thin working their "day jobs," as well as on special projects and new initiatives. An audit can be a disruption, especially if it is broad in scope and lasts several months. However, a bigger nuisance and disappointment is an audit that misses the mark on its objectives and does not deliver the insight business process owners are yearning to know.</p><p><strong>Business partners are looking for meaningful support from internal audit. </strong>Pointing out the obvious, low-hanging fruit may be helpful when business partners are looking to bring more focus to completing action plans for shortcomings they know about. But what they are more interested in is something they may be missing altogether — something that may be material and impactful to the way they do their work. A thoughtfully planned internal audit can deliver that impact, so the audit team should ensure the audit scope and objectives resonate with business partners and clearly articulate the root cause and impact of every observation.<br></p><p><strong>Internal audit should stay close to the business and remain agile. </strong>Internal audit's business partners often are working to solve urgent and unexpected problems. A well-respected internal audit team can provide independent, objective, and competent support. The ability to modulate the audit plan to address emerging risks, adapt the audit approach, and incorporate lessons learned and observations in real time can help auditors and business partners focus their efforts on the most relevant topics and, more importantly, provide timely insight to the organization. It also mirrors the focus on business success through agility, nimbleness, and responsiveness to today's fast-paced environment.<br></p><p><strong>Diverse skills are key to a successful internal audit team. </strong>Rotational programs can help diversify internal auditors' experience and provide invaluable insight into the mechanics of business processes. However, a small internal audit department may not be able to sustain a rotational program. Allowing auditors to provide short-term project support can create a learning opportunity and a chance to strengthen relationships, which could benefit the team in the long run. Even if teammates choose to pursue a more permanent assignment outside of audit, the audit team will gain an advocate and a sounding board in the business.</p><p>I have often thought that a measure of an internal audit team's success was the number of times business partners reached out with a request. It is the ultimate sign of alignment, engagement, and trust that internal auditors bring value through the independent and objective evaluation of processes, while keeping continuous improvement opportunities in mind.</p><p>Being "in the business" reaffirmed my belief that to succeed, internal auditors must understand the organization's operations and priorities, be aware of emerging risks, appreciate the cadence of business processes, and have effective relationships with process owners. This, in turn, pivots the risk assessment and audit planning conversation from "What are your initiatives?" and "How can we help?" to "Understanding your business priorities and process changes, this is how we can support you." Doesn't that sound like a more exciting way to begin a dialogue?</p><h2>My Return to Internal Audit</h2><p>In the end, I returned to internal audit and have been back for two years now. I missed the diversity of work, having a broader view of the organization and its risk universe, and leading a team. Yet, the lessons I learned on "the inside" made me a better auditor and leader. I have a deeper appreciation for a holistic approach to auditing — the need to understand before making a judgment — and I am better equipped to ask the right questions and discern what matters.</p><p>Moreover, I am grateful to the leaders who challenged me to push beyond the boundaries of my professional comfort zone. Internal auditors should not be afraid to broaden their horizons, offer their expertise, and gain new skills, whether through supporting a project, participating in a rotational program, or exploring a new career path.<br></p>Agnessa Vartanova1
The Future-ready Internal Auditorhttps://iaonline.theiia.org/2021/Pages/The-Future-ready-Internal-Auditor.aspxThe Future-ready Internal Auditor<p>​As a child, I was a big fan of the animated TV series, <em>The Jetsons</em>. As those of you who watched the show know, the Jetsons were a futuristic family with a robot maid, video conferencing, ubiquitous automation, and a flying car — along with many other gadgets that were pure science fiction in the 1960s.</p><p>As a lifelong tech enthusiast, I've watched technology progress toward this Jetsons ideal. While we don't yet have robot housekeepers like Rosie, we certainly have any number of robot-like gadgets that do our bidding at home — from Roombas, to Alexa, to "smart" appliances, for example. Communicating Jetson-style from almost anywhere and via video went mainstream in 2020. And automation is cropping up everywhere — not just in grocery stores and warehouses, but also in robotic process automation (RPA), chatbots, and personalized product recommendations. Some technology has advanced more slowly than I anticipated — I fully expected to see flying cars by now. While we do have semi-autonomous cars, and there are several global startups working on "urban air taxis," the general public still can't purchase a fully autonomous vehicle. But we are getting closer to that reality every day.</p><p>The Jetsons wasn't able to predict everything, of course. In fact, there are many ways in which technology has surprised us with totally unexpected developments. What we <em>can</em> predict is that the pace of technological change is going to be dizzying over the next decade and internal auditors are going to have to keep up. As the 2021–2022 chairman of The IIA's Global Board, I will encourage internal auditors to be future-ready. Organizations and audit functions that are not nimble and adaptive will have a difficult time surviving in this world of constant change. However, I believe internal auditors have the skills and experience to look out for what's next and to take five key steps to meet this moment.</p><h2>Supercharge Internal Audit With the Right Technology Resources</h2><p>Even for someone who has spent a career working with and implementing new technologies, these dramatic changes can seem overwhelming. But there's much internal auditors can do to ensure we are future-ready. Continuous learning is going to be more important than ever, and IIA President and CEO Anthony Pugliese is positioning The Institute as a critical resource for internal auditors.</p><p>The IIA is focused on transforming its technological capabilities, delivering new and relevant training, providing important guidance through resources like the Global Technology Audit Guides (GTAGs), and establishing a new IT certificate. IIA members should take advantage of these resources, and they should develop habits like reading this magazine, which regularly covers technology topics; listening to technology podcasts; and following technology experts on social media.</p><p>One of the attributes board members value most from internal audit is insight. In an era where disruptive technology will need to be factored into every audit, it is imperative that internal audit leaders staff their functions with people who have technology insight. There are several ways to ensure the audit team has optimal technical skills, but here are a few ideas:</p><ul><li>Rotate auditors into a more technical role for a year or two, and then bring them back into the audit function.</li><li>Be purposeful with the training budget to ensure team members are obtaining training in the skills of the future.</li><li>Consider creative activities like gamifying training or holding online competitions that encourage use of interactive and collaborative software.</li><li>Recruit technically competent people who may not have audit experience. Then, train them to perform the audit work.</li></ul><h2>Build Stronger Relationships With Partners and Extended Third Parties</h2><p>As today's organizations focus on enterprise risk management (ERM) and interdependent risks within the company, it is also important to consider interdependencies with specific third parties and the aggregated risks of multiple third parties. As the march toward the cloud and numerous "everything-as-a-service" providers create greater reliance on external providers, third-party risk will become even more prevalent. Maintaining transparency of third-party risks and controls is critical as supply-chain vulnerabilities continue to be heavily targeted by malicious attackers (e.g., in the SolarWinds and Colonial Pipeline events).</p><p>As more organizations move into the cloud, relationships with third parties become more opaque. Cloud providers — and every third party the organization deals with — are relying on other third parties for services, supplies, and data. Internal audit needs to work with the legal department, establishing models now that allow it to audit through a third party to obtain certain types of information about a fourth, or even a fifth, party.</p><p>Another technology with built-in third-party risk is blockchain, which is a decentralized network of distributed users who have agreed to trust each other for certain types of transactions. These networks can be as small as two or three or could include millions of participants. Blockchain will require organizations to work together to create automated contracts and online and real-time approval processes for an immediate exchange of value. While data can be restricted and encrypted, it will still be vulnerable to inadvertent exposure. All the organizations in the network will need to address the confidentiality risks, ensuring that personally identifiable information is not compromised or stolen. Some participants — banks, other businesses, buyers, sellers, and regulators — will require access to sensitive information. These situations will have to follow defined controls, regulations, and protocols to ensure compliance with laws and to meet the expectations of customers who are now, more than ever, demanding privacy and confidentiality.</p><p>Internal auditors need to be prepared for completely different testing of distributed and shared data and will need to consider questions like:</p><ul><li>How will internal audit obtain and test information that is buried in some third party's database?</li><li>How will auditors test data that is being used on one of the blockchain consortiums?</li></ul><table cellspacing="0" width="100%" class="ms-rteTable-default"><tbody><tr><td class="ms-rteTable-default" style="width:100%;">​<p><strong>My Circuitous Path to Internal Auditing</strong><br></p><p>Like many internal auditors, I arrived at the profession from a somewhat indirect route. After graduating high school, I planned to be a high school teacher and coach. I was good at math, I liked kids, and while I wasn't really built for basketball, I had learned to play because it was the only sport my little Oklahoma high school offered. But after about three semesters at Oklahoma State University, I figured out that wasn't really the right path for me. I dabbled in engineering, and then made my way to accounting and computer science. I loved the business side of accounting, and in computer science I found that I really enjoyed the fast-changing world of technology. Particularly with coding, things have to be very sequential and ordered to work, and I could appreciate that. I ended up receiving two degrees: one in computer science and one in accounting.</p><p>I worked as an auditor for a certified public accountant for a couple of years but then jumped back into IT and became a computer programmer. Even in the mid-1980s, technology was advancing quickly and I didn't want to lose the computer science training I'd gained in college. So, I took a job with a Tulsa-based energy company, working my way up to technical services supervisor. While there, I developed billing applications and was the IT project leader for the implementation of new financial systems.</p><p>In 1991, I decided it was time to get back to the accounting world, and I went to work for American Airlines. By then, I was leading people, so I started running large accounting processing systems, such as payables and receivables, revenue accounting, and interline accounting. Even though I was no longer a computer programmer, in my various leadership roles, I still helped build and design large, integrated, and technologically sophisticated accounting systems.</p><p>At that point, while technology, leadership, and accounting had been ongoing themes in my life, I had no interest in internal auditing. However, that changed after Sept. 11, 2001. American Airlines had two planes involved in the terrorist attacks, and the effect on the company was immediate. The federal government shut down the national airspace, cancelling thousands of flights. Exactly a week after 9/11, I received a call from my boss, the chief financial officer at American Airlines: My job was being eliminated, but I was being offered a new role as the chief audit executive (CAE), if I was willing to move to Dallas. My response, "Sure, boss, I'd be glad to take that job in Dallas."</p><p>After I'd been doing the job for just a few months, I realized that internal auditing was not what I'd expected. I loved the service aspect of the work — the ability to help other people succeed. I also enjoyed the consulting side of it, as I've always liked fixing problems. I decided to stay on that career path, and I eventually went on to work for Devon Energy as its CAE.</p><p>Today, I'm the chief risk officer at Jack Henry and Associates, a fintech company, where I oversee the CAE. All the work I'd done previously — the accounting work, the big process work, the computer programming, the leadership roles — it all came together for me in the remarkably satisfying profession of internal auditing.<br></p></td></tr></tbody></table><h2>Use Data Management As a Catalyst for Change</h2><p>As with disruptive periods throughout history, organizations are going to encounter both risks and opportunities. One of those opportunities relates to the most valuable asset in the digital world, data. As organizations move data into the cloud, collect data about their customers and employees, and find even more ways to use that information, data custody and privacy will become more important than ever. Consumers understand the risks to their privacy, so governments are responding with new laws and regulations that punish organizations that aren't handling their responsibilities well. Internal auditors need to be more analytical and understand that the organization's data will be quickly downloaded, thus heightening data privacy issues. Data privacy begins with identity management, so a great place for auditors to start is to review identity governance, administration, and privileged access management.</p><p>More data moving around more quickly means an accelerated use of big data and greater demand for data analytics. Internal audit needs to ensure there is governance over that data. Auditors will need to focus on database management and ensure policies, procedures, governance, data stewardship, privacy controls, and classification schemes are in place and functioning effectively.</p><p>To leverage data appropriately, the entire audit planning process needs to be redesigned to integrate a focus on data. Part of the scoping and objective-setting process — which has traditionally occurred on the front end of planning — should now include a focus on identifying potential data analysis that might add value in the audit.</p><p>The results of this effort should be used to refine and enhance the scope of the audit. Audit sampling — or 100% testing where possible — will then allow internal audit to provide more accurate insight into the area being audited. As auditors approach the end of the audit, they can convert the data into storyboards and visualization to tell a more impactful story.</p><h2>Reimagine How to Deploy Technology Within Internal Audit</h2><p>Some internal audit functions are well-suited for RPA and artificial intelligence (AI), machine learning, continuous auditing, and anomaly detection tools. With RPA, internal auditors can more easily move from testing a sample of internal controls to testing the entire population. Programmable bots can be used to test controls in minutes and feed the results to management dashboards. Bots also can monitor configurable controls, report on results outside of specific thresholds, and even prepare and document workpapers.</p><p>Auditors can leverage machine learning to simplify grouping and categorization tasks. Another example would be to teach a tool to predict who should have approved a particular invoice and then run the tool against the entire population of invoices to identify discrepancies. These technologies will expand the potential to perform the testing much more effectively.</p><p>Internal auditors may find useful a practical, three-part series of reports from The IIA's Internal Audit Foundation, in collaboration with Deloitte, on Moving Internal Audit Deeper Into the Digital Age. Part 1 offers a structured methodology for leveraging automation within the internal audit function. Part 2 considers six critical components of RPA and cognitive intelligence and examines their output to determine the greatest risk areas and how to audit them. And, Part 3 looks at how internal auditors can take automation capabilities beyond theory to practice. The reports, as well as numerous other technology-related publications and resources, are available via resource exchanges on The IIA's website, including the Artificial Intelligence and Data Analytics resource exchanges.</p><p>Another option for auditors looking to educate themselves on the latest technologies is to attend The IIA and ISACA's annual GRC Conference. This year's conference, being held Aug. 9-11 virtually and in Denver, Colo., has tracks focused on cybersecurity, data, and technology trends, among many others.</p><h2>Prepare for the Democratization and Convergence of Technology</h2><p>As mobile technologies become cheaper and more ubiquitous, the benefits of technology are going to become more common and impact many more people. With so many important technologies currently evolving, the impact will begin to grow exponentially.</p><p>The foundation of this concept is built on Moore's Law, an idea I first encountered as a computer science student. Moore's Law is based on American engineer Gordon Moore who in the 1960s predicted that because manufacturers were able to make smaller and smaller transistors, the number of transistors added to silicon chips would double every 18 to 24 months. This has given rise to exponential growth in computing power that has continued for the last six decades.</p><p>This increasing computing power means that technology will continue to quicken its pace, and we'll see the knock-on effects in areas like AI and machine learning, blockchain, robotics and autonomous vehicles, 3D printing, 5G, nanotechnology, and virtual and augmented reality.</p><p>One result of all of this extra computer power and storage is that scientists now have the capability to access and store more data related to the Internet of Things (IoT). With more access to the IoT, robotics can be deployed to automate activities and processes. And by applying AI, the robots can be trained to perform certain tasks and ultimately learn and make improvements to their own software. With all the technologies improving at a near-exponential rate, the cycle of improvement will be extraordinary.</p><h2>A Future-ready Response</h2><p>We don't need a quantum computer to tell us there is going to be a lot of change over the next several years, or that that change will dramatically impact internal auditors and the organizations they serve.</p><p>While I am still disappointed that we don't yet have flying cars, I am amazed with the size and speed of our computer chips, our ability to work on the scale of a nanometer, the advances in the 3D printing of human organs, and our understanding of the human gene. Moreover, I am continually impressed with the number of people around the globe who now have access to the wealth of information on the internet via mobile devices. These advances are incredible, but we are still early in a digital revolution that will truly change the world for the better. Internal auditors have the opportunity to lead our organizations into the extraordinary unknown that tomorrow will bring. It's time to get future-ready.<br></p>Charlie Wright1
CEO Message: Aligning Toward the Futurehttps://iaonline.theiia.org/2021/Pages/CEO-Message-Aligning-Toward-the-Future.aspxCEO Message: Aligning Toward the Future<p>​When I was approached about sharing my thoughts in a CEO Message in each of <em>Internal Auditor's</em> digital editions, I saw it as an opportunity to discuss with our members what we're thinking about, how our profession is undergoing change, dealing with the risk and opportunity of emerging trends, and so much more. What better way to accomplish that than through one of the most popular benefits offered by our organization? <em>Internal Auditor </em>magazine, which has been around almost as long as The IIA, itself, is a respected source of professional insights, information, and thought leadership that guides our members through their careers. I'm genuinely excited to contribute to that legacy.<br></p><p>My initial letter provides a glimpse into The IIA's new strategic plan. But let me offer a little background first. Since taking on my new role at The Institute in March, I've spent hundreds of hours talking to global board members, staff, key volunteers, and leaders in our North American chapters and global affiliates. The passion and dedication to the profession I found at all levels is truly inspiring.</p><p>These conversations were important in helping shape a new strategic plan that will ensure alignment between ongoing work at The IIA and our desired future state. While the new plan and all its related goals, objectives, and tactics are not quite finalized, we know several key components it will address.</p><p>We want to make sure our strategic plan is as future-proof as it can be, continually updated for necessary changes, and aligned with what we know is going on in the marketplace. It also must drive a culture within headquarters that encourages innovation, diversity, and a global perspective. We also know that the strategic plan must capture opportunities for expanding, reimagining, and modernizing our training and education portfolio; organizing our efforts around global advocacy in a way that enhances member engagement; and reaching a younger audience of future practitioners, among others.</p><p>Clearly, these are high-level descriptions of the strategic plan, but I hope they reflect two things. First is a thorough examination of how we operate as an organization. If we are going to grow The IIA and meet the challenges of a complex and rapidly changing marketplace, we must have a realistic assessment of what we do well and where we need to improve. Second is the drive to reimagine and reinvent ourselves. I believe strongly in opportunity, innovation, and a commitment to self-improvement. We must be ready, willing, and able to embrace change and growth.</p><p>I look forward to providing these regular updates to our IIA community. Ultimately, you are the reason The IIA exists, and our promise is to keep you informed, prepared, and inspired.<br></p>Anthony Pugliese0
Update: The Intelligent Automation Barrierhttps://iaonline.theiia.org/2021/Pages/Update-The-Intelligent-Automation-Barrier.aspxUpdate: The Intelligent Automation Barrier<p>​More than one-third of internal audit executives surveyed by Deloitte say lack of a clear strategy is the biggest challenge to adopting intelligent automation as part of their operations. It is a finding that runs counter to the commonly held belief that lack of access to data and of technology-enabled tools are the big roadblocks, says Sarah Fedele, Deloitte Risk & Financial Advisory's U.S. internal audit leader, based in Houston.</p><p>Nevertheless, digital transformation of an internal audit function takes a holistic strategy, she says. That holistic strategy needs to consider factors such as organizational culture, leadership mindset, and IT skills, as well as technological tools and architecture.</p><p>Only 8% of respondents say they currently use intelligent automation, according to the survey of more than 250 audit executives during a March webcast. Another 39% say they plan to begin using intelligent automation sometime after March 2022. Those findings parallel the extent that their organizations have adopted these technologies.</p><p>Among other findings, Fedele says she was struck that 19% of executives say they do not use intelligent automation for internal audit nor have plans to do so. Given the increased demands on internal audit for greater assurance and better advisory services, "you'd think intelligent automation would be a fairly critical component of those efforts," Fedele says. It has benefits as a quick win and from a strategic perspective, she adds.</p><p>The audit executives surveyed recognize the need to monitor automation at the enterprise level because the technology is not foolproof. More than half (52%) report they plan to increase their use of such technologies as artificial intelligence, machine learning, and robotic process automation to test how intelligent automation is used enterprisewide. <strong>—</strong><strong> </strong><strong>G. Nordhoff</strong></p><h2> <img src="/2021/PublishingImages/Update-aug21-factoid1.jpg" class="ms-rtePosition-2" alt="" style="margin:5px;width:154px;" />Forced Labor in Supply Chain<br></h2><h3>Worsening labor practices fuel supply chain risk.</h3><p>A combination of tighter governmental scrutiny and an uptick in forced labor globally could create more supply chain risk for businesses. For instance, a new study from the University of Sheffield in the U.K. found that garment workers in Ethiopia, Honduras, India, and Myanmar are at increased risk of forced labor due to the pandemic.<br></p><p>Risk factors the 1,140 respondents experienced include wage declines, increasing indebtedness, worsening conditions of verbal abuse, and threats or intimidation, according to The Unequal Impacts of COVID-19 on Global Garment Supply Chains study. The number of child laborers has risen to 160 million, the first increase in 20 years, according to an International Labour Organization and UNICEF report, Child Labour: Global Estimates 2020, Trends, and the Road Forward.</p><p>Meanwhile, U.S. Customs and Border Protection (CBP) has stepped up enforcement efforts related to goods made with forced labor. Between 2020 and 2021, the U.S. issued withhold release orders on apparel, consumer goods, electronics, pharmaceuticals, tomato and cotton products, palm oil, silica-based products, and seafood. In March, the CBP seized latex gloves at the Port of Kansas City, Mo., after it received evidence that the producer had engaged in forced labor practices. "CBP will not tolerate forced labor in U.S. supply chains," says Port Director Steven Ellis. <strong>—</strong><strong> </strong><strong>C. Janesko</strong><br></p><h2>Workplace Culture and Well-being</h2><h3>Culture is essential to employee mental health and hybrid work success.</h3><p>As the world continues to emerge from the COVID-19 pandemic, workers are reporting high levels of burnout and "negative emotions," defined as "worry, stress, anger, and sadness," according to Gallup's State of the Global Workplace 2021 Report. The advisory firm says reversing this trend requires creating inspiring workplace cultures that maximize employee potential and well-being. The report derives its data from Gallup World Poll surveys and interviews of nationally representative samples of adults in more than 116 countries.</p><p>Gallup acknowledges record levels of negative emotions globally in 2020, with roughly seven in 10 employees identifying as "struggling" or "suffering" rather than "thriving" in their overall lives. Yet, the firm points out that negative emotions have been increasing over the past decade in parallel with a decline in global gross domestic product (GDP) per capita. Gallup says that 80% of employees are disengaged from work, resulting in a loss of 10% of global GDP, or $8.1 trillion, annually from the global economy.</p><p>There may be a link between the increase in negative employee emotions and declining economic dynamism and innovation. "Successful corporations of the future not only will generate profits, but also will generate thriving employees who are capable of weathering crises," Gallup advises.</p><p>Additionally, recent research by Gartner suggests that organizations must apply radically flexible, or "composable," thinking to more quickly and effectively adapt to shifting employee needs and expectations. In a recent e-book, <em>C-suite: 7 Myths Standing Between You and the Hybrid Future of Work, </em>the research firm posits that businesses should be "made up of interchangeable building blocks that can scale up or down or swap out." Gartner maintains that existing remote work strategies should be replaced by deliberate, innovative hybrid workforce approaches that tackle three key issues: 1) evidencing tangible economic benefits, 2) investing in the employee experience, and 3) supporting the workforce operating in a hybrid model. <strong>—</strong><strong> </strong><strong>L. Nelson</strong><br></p> <h2><img src="/2021/PublishingImages/david-yamada-215x240.jpg" class="ms-rtePosition-1" alt="" style="margin:5px;" />Reckoning for Abusive Bosses<br></h2><h3>Bullying employees can negatively impact productivity and well-being, says David Yamada, director of the New Workplace Institute at Suffolk University Law School.</h3><p><strong>Broadway producer Scott Rudin recently resigned from his productions amid allegations of physical and verbal abuse of employees. What impacts can workplace bullying have on employees and organizations? </strong></p><p>The Scott Rudin story offers a prominent example of how workplace bullying can be so destructive. It's premature to say whether it will become a so-called poster case of horrific, toxic worker abuse, but it certainly qualifies as a leading candidate.</p><p>Workplace bullying is the classic lose-lose scenario. Negative impacts on employees include stress-related physical and psychological impairments, symptoms consistent with post-traumatic stress disorder, and even suicidal ideation. These impacts often affect job performance and relationships with co-workers, family members, and friends. Obviously, the effects on one's livelihood and vocation can be significant.</p><p>Negative impacts on organizations include reduced productivity from bullied workers and bystanders, lower morale, and higher absenteeism and attrition. Negative reviews on third-party social media sites can impact applicant flow. In especially toxic situations, negative media coverage may enter the picture.</p><p> <img src="/2021/PublishingImages/Update-aug21-factoid2.jpg" class="ms-rtePosition-2" alt="" style="margin:5px;width:134px;" /> <strong>For internal audits, what are the indicators of an abusive leader or workplace and what types of controls should organizations have in place?</strong><strong> </strong></p><p> <strong></strong>Internal audits that incorporate climate surveys and 360 feedback need to distinguish between incivility and abuse. The former is bad, but the latter can be devastating. Productivity, morale, absenteeism, and attrition indicators concentrated in certain departments, working groups, etc., may serve as indirect signs that bullying behaviors are part of the mix.</p><p>Some employers have added workplace bullying or generic abuse to policies and training that cover and prohibit sexual harassment and forms of illegal discrimination. Of course, such policies are effective only if taken seriously by organizational leadership. Above all, top-level leadership treating workers with dignity and practicing the old-fashioned Golden Rule trickles down in positive ways.<br></p><h2>Tips for Energized Meetings</h2><h3>Simple strategies can boost meeting productivity.<br></h3><p>Internal auditors are familiar with the traditional flow of business meetings — a few minutes of spirited small talk before getting down to business. That's typically the time when energy levels plummet.<br></p><p>The key to keeping the energy of meetings going beyond those first five minutes is giving the meetings focus, says author Elizabeth Doty in a recent PwC <em>Strategy+Business </em>article. That in turn provides participants something to direct their ideas toward.</p><p>For example, leaders should choose a prompt that will help focus the discussion, says Doty, former lab fellow at Harvard University's Edmond J. Safra Center for Ethics. "Usually framed as a question," she says, "a strong prompt is specific enough that people can respond without too much effort, and broad enough to invite diverse views and new thinking."</p><p>Doty also recommends choosing an effective stimulus that provides context, orients participants toward the task, and adds new elements to their thinking. <strong>—</strong><strong> </strong><strong>L. Wamsley</strong></p>Staff1
Are You Emotionally Intelligent?https://iaonline.theiia.org/2021/Pages/Are-You-Emotionally-Intelligent.aspxAre You Emotionally Intelligent?<p>​Knowledge and traditional skills are essential to success, but they can only take an auditor so far. Even for the most adept practitioners, objectives cannot be achieved merely with intelligence, technical proficiency, and expertise. To work effectively with clients, internal auditors need strong soft skills — many of which fall under emotional intelligence, or emotional quotient (EQ). Emotionally intelligent people understand, accept, and manage their own emotions, and they can read the emotions of others. Internal auditors with high EQ treat people with empathy and can manage feelings and relationships just as well as objective, quantifiable engagement goals. Emotional intelligence is vital to fulfilling our professional responsibilities.</p><p>Perhaps most importantly, having a high EQ enables practitioners to communicate effectively. Assessing the organization’s risk management framework, developing a risk-based audit plan, obtaining management agreement in response to audit results, and reporting to the audit committee all require extensive, careful interaction with stakeholders. Internal auditors need to communicate well across all levels of the organization, ensuring a robust understanding of their value proposition. </p><p>To ensure communications are well-received and acted upon, internal auditors also must be able to build relationships — another area requiring high EQ. Audit engagements are a team effort between auditor and client, requiring practitioners to balance professional skepticism with the need for rapport. They must ask probing questions related to risk and controls but avoid putting clients on the defensive. Taking the right approach requires empathy and social skills — key elements of EQ. </p><p>Delivering quality work, and maintaining engagement schedules, also requires auditor EQ. Multiple deadlines, heavy workloads, and other pressures can take a toll on audit performance — and even lead to burnout if not managed correctly. But according to The Impact of Emotional Intelligence on Auditor Judgment, published by Virginia Commonwealth University, auditors with a high degree of EQ manage pressures and timelines better, exercise superior judgment, and maintain professional skepticism. The result is a better experience for both auditor and client, and a superior outcome for the organization. </p><p>The World Economic Forum’s 2020 Future of Jobs report ranked EQ among the top 10 high-demand skills for organizations; just five years ago, it was absent from the ranking. High-EQ professionals are sought more than ever for the value they can deliver to stakeholders. And in an era of increasingly sophisticated technologies such as artificial intelligence, the ability to manage and respond to emotion is a key trait separating the work of people from that of machines and automation. EQ-related competencies need to be an integral part of every role in an organization, and they must certainly be a top priority for internal auditors. <br></p>Bhavin Raithatha1

  • PwC-October-2021-Premium-1
  • FastPath-October-2021-Premium-2
  • AuditBoard-October-2021-Premium-3