Saturday, November 15, 2014

Absence and Absenting of Internal Audit !

A recent tweet by Richard Chambers, Global CEO of IIA, has inspired me to write this post. His tweet read as follows :

"Absence of an internal audit function is a leading indicator of a company headed for risk management and control calamity "

I certainly strongly agree with this statement. I would like to add that there are two types of absence :
  • Actual absence: meaning that internal audit function does not exist 
  • Intentional absenting of internal audit by management: meaning that internal audit is disempowered and constrained by management.
Actual absence, when internal audit is not mandatory,  maybe due to : 
  • Size of organization
  • Available  resources
  • Assurance is provided by other sources such as external auditors, risk management and management monitoring
  • Management does not appreciate the value of internal audit
Absence. when internal audit is mandatory, is the failure to comply with regulations for reasons that may include the above or simply an indication of a possible act or intention of misconduct!

Absenting may be due to :
  • Management not believing in internal audit ( whether as a philosophy or based on past experience).
  • Failure of internal audit to be relevant and to add value
  • Possible management misconduct or intention to commit one!
In my opinion, absenting of internal audit is far more dangerous than its actual absence. It should raise a big red flag!

We all know the consequences of not having an effective and efficient internal audit function. The question is how the absence or absenting of internal audit is treated by boards, regulators and those in power to make things happen!

 These are my thoughts, please provide yours!

No comments:

Post a Comment

Takeaways from my 2023 ethics CPEs

 As you are aware, licensed CIA's are required to take at least two hours of training in the field of ethics. I have just completed mine...