Like me, you probably have recently read a few articles and blogs about the political pressure on internal auditors including the IIRF
report. You may, or may not, have first-hand experience with pressure, but you know that it is a fact of life!
And you probably agree with me that the CAE* should have the courage to tell things as they are. After all, courage is one of seven traits of top audit executives
according to the President and CEO of The IIA. He says :
"Internal auditing is not for the faint of heart; it requires courage — real courage. Doing the right thing is not always easy, especially when pressured by circumstances and those holding the power. And yet having courage is one of the CAE’s highest callings.
The top CAEs have the courage of their convictions, the courage to call it as they see it, and the courage to step out and step up with a proactive approach to both existing and anticipated risks. They are integral to their organization’s decisions, their executive management’s knowledge and their audit committee’s confidence and peace of mind."
I couldn't agree more.
A Harvard business review article entitled
"Courage as a Skill
" says :
"In business, courageous action is really a special kind of calculated risk-taking. People who become good leaders have a greater than average willingness to make bold moves, but they strengthen their chances of success—and avoid career suicide—through careful deliberation and preparation. Business courage is not so much a visionary leader’s inborn characteristic as a skill acquired through decision-making processes that improve with practice. In other words, most great business leaders teach themselves to make high-risk decisions. They learn to do this well over a period of time, often decades."
The question is how do you balance between being a courageous CAE* and avoiding career suicide! A courageous CAE that does not bow to political pressure may end up being fired, downgraded or forced to resign. Do you think there should be an external mechanism of protection for the CAE? I believe the IIA chapters should take the lead in discussing with the local regulators, insurance companies and other relevant parties the introduction/improvement of suitable legal and financial protection plans if such plans do not exist.
These are my thoughts, please share yours!
* I use the CAE as a symbol of all internal auditors!