Protiviti’s research train keeps on rolling! Today we released the results of our latest Internal Audit Capabilities and Needs Survey. We’ve been conducting research to identify internal audit priorities and trends for eight years and have been very pleased with the response we continue to receive from the market. In looking at the major findings in our 2014 study, I expect this year will be no different. And kudos are due to our survey participants; they are the real “stars,” for without them studies of this nature would not be possible.
Internal audit functions today must anticipate and respond to a constant stream of new challenges – many of which deliver uncertain and still unfolding risk implications, from emerging technologies and new auditing standards to rapidly evolving business conditions. For example, in nearly every company over the past 12 months, the use of mobile and social media apps has presented new challenges, many of which are still emerging. Organizations’ growing reliance on cloud computing and data, in general, poses similarly complex challenges. Yet, these issues represent only a portion of those crowding internal audit’s 2014 priority list.
Our findings show that:
- Social media, mobile applications, cloud computing and security (specifically with regard to the NIST Cybersecurity Framework) are critical areas of concern – Social media applications and related risks are top priorities for internal auditors to address, as are risks surrounding mobile applications, cloud computing and security.
- CAATs and data analysis remain on center stage – As indicated in past years of our study, internal auditors plan to strengthen their knowledge of computer-assisted auditing tools, and continuous auditing and monitoring techniques.
- Fraud management efforts focus more on technology as well as prevention – Auditors are concentrating more time and attention on fraud prevention and detection in increasingly automated business environments and workplaces.
- “We have to keep pace with a raft of regulatory, rules-making and standards changes” – The updated COSO Internal Control – Integrated Framework represents a major change for internal audit, with significant implications for many financial, risk management and compliance activities. However, strengthening knowledge of the new COSO framework ranks as a lower priority compared to other critical rules-making changes internal auditors are digesting, including new Standards from The IIA and the new NIST Cybersecurity Framework.
- Internal auditors want to take their collaboration with business partners to a new level – Internal audit’s longstanding desire to improve collaboration with the rest of the business has intensified, as is evident in the priority that CAEs and respondents place on communicating, and even marketing, the expertise and value that internal audit provides to the rest of the enterprise.
For more information and to download a copy of our full report, visit www.protiviti.com/IAsurvey. And I also encourage you to watch our short video: