Advancing the Practice of Internal Audit

As I mentioned earlier, I was honored to be a member of the Re-Look Task Force that has proposed changes to the IIA’s standards framework (IPPF).One of the changes is to introduce Core Principles f…

Source: normanmarks.wordpress.com

My comments in response to Norman’s blog post:

Why is internal audit needed?

– If it is required by law – but that doesn’t determine how much internal audit is required.

– If it provides value – but that depends on the amount of value provided and to whom.

I suspect that some management doesn’t find much value from internal audit, and might even find it intrusive. It is the board and its committees that really should benefit from internal audit. And it would help internal audit if regulators and other outside groups or organizations (proxy companies, perhaps?) started focusing some on the resources that companies are providing to internal audit – of course that might also lead to criticisms of internal audit itself.

Initially I did not believe that the new principles were very impressive. Norman, I appreciate your comments above. I see that from internal audit’s viewpoint at least a couple of the principles are improvements and forward looking. This was a step that internal audit apparently thought it needed to make in a formal manner. But this should be just a step – the promotion of internal audit is behind the times and opportunities, and should accelerate.

I have seen that there is a debate about just how far internal audit can go to not only audit but to also provide recommendations and improvements. Benefit added can be much greater with recommendations and improvements. It is for organizations like the IIA to determine how far internal audit can go with consulting, and making and perhaps designing recommendations and improvements, as long as internal audit isn’t auditing itself. For value added purposes internal audit should open up the opportunities for consulting, recommendations and improvements to the maximum extent that is deemed appropriate. Of course, the internal audit budget and personnel also need to be sufficient and qualified.

Thanks Norman for all your work.

Dave Tate, Esq. (San Francisco)
http://tatetalk.com

See on Scoop.itTate – Law, Liability, Risk Management, Governance, D&O and Business

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s