Actualiteit
Welkom op onze actualiteitspagina
Ontdek hier het laatste nieuws, bekendmakingen, en publicaties op het gebied van internal audit
Nieuws
Publicaties
A premier source of data for internal audit leaders, the 2023 North American Pulse of Internal Audit report provides insights about internal audit budgets, staff, audit plans, risks, and more. This year’s report also features all-new data about audit frequency for key risk areas. Internal audit leaders can use this benchmarking report year-round as they plan and manage their internal audit activities. Learn about how internal audit functions are faring and continuing to evolve in key areas: Around 7 in 10 Pulse respondents say they audit high-risk areas such as cybersecurity and IT annually or continuously. Respondents reported that some areas are audited regularly, but not every year, particularly third-party relationships, ERM, and governance and culture. More than 8 in 10 respondents integrate fraud and IT considerations in audits generally. What’s more between 61% and 66% integrate cybersecurity, governance and culture, and third-part relationships into audits generally. The data reflect how audit leaders are effectively addressing critical risk areas even when they cannot dedicate a significant percentage of audit plans to them. On the staffing side, the post-COVID 19 recovery is showing steady improvements and appears to be on track to match the three-year recovery after the 2008 global financial crisis. The IIA produces the Pulse of Internal Audit report to provide internal audit leaders with a benchmarking tool that they can reference throughout the year as they plan and manage their internal audit functions. The Pulse report is designed to share with peers, audit committees, and executive management.
Fraud is a serious and pervasive risk for organizations. The consequences can range from disruptive to dire, including financial losses; inefficiencies that damage operations, revenues, or profits; the cancellation of projects; and potentially the failure of the organization. This Global Knowledge Brief, the second in a three-part series on fraud, examines the benefits of building a symbiotic relationship between internal auditors and Certified Fraud Examiners in the battle to detect and deter fraud. You can find part 1 here. You can find part 3 here. This is for members only. To access it and other valuable resources, become a member today.
This guidance fills a gap in the GTAG series by covering objectives, risks, and controls related to an organization’s communications ecosystem. By offering references to controls in widely used frameworks, this GTAG can improve an internal auditor’s familiarity with and use of such tools in their work. “Auditing Network and Communications Management” offers a broad set of related processes that internal auditors should consider when auditing controls over an organization’s communications ecosystem. This is for members only. To access it and other valuable resources, become a member today.
The future demands internal audit services that are timely, relevant, and impactful. This requires standards that are insightful, prescient, clear and direct. To meet that demand, The IIA will release a public comment draft that dramatically changes how the Standards and other elements of the IPPF are presented and explained. This SPECIAL EDITION of Global Perspectives & Insights provides an overview of the proposed new Global Internal Audit Standards, background on how they were developed, and considerations for how the updated Standards can be applied. It also examines how conformance to the updated Standards will help future generations of internal auditors meet and exceed the demands of our stakeholders and add value to their organizations.
Data Analytics, Parts 1-3 This Global Perspectives & Insights combines three Global Knowledge Briefs that explore the growing use of data analytics in modern business and where internal audit fits in. With proper understanding of the organization's data needs and strategies, internal audit can present a data analytics audit plan that is detailed, clear, and illustrates to the board a tangible return on investment. The three briefs are: PART 1: Literacy, Governance, and Management PART 2: Gathering, Analyzing, and Visualizing Data PART 3: Developing a Resilient Data Analytics Strategy
Fraud in the Cryptosphere The world fixated on the sheer spectacle of the FTX scandal in early 2023, but the event also raised greater questions regarding digital assets. With parallels the Tornado Cash and Bitzlato debacles, FTX’s collapse and the subsequent impact on the industry it represented has led many to question the long-term viability of crypto assets. Part I of this three-part series on fraud examines common fraud schemes seen in the early stages of a crypto-asset world. You can find part 2 here. You can find part 3 here.
During the last years supply chains have faced many challenges, including the corona pandemic, the war in Ukraine and a move to more sustainable business models. The Committee of Professional Practices conducted research on the role of internal auditors in supply chain risks. Overall this research shows a great diversity in how internal audit departments deal with supply chains risks. Throughout the diverse range of companies and topics studied, few communalities were found. Despite that supply chain is identified as a top risk for organizations in 2023 by CAE's, 30% of respondents indicate not being involved with supply chain risks in any way. These 30% consists of IAFs of different sizes (from 0-5 tot 50+ FTE) and different industries (Construction, Finance and non-profit). A surprising finding given the attention the topic of supply chain receives in this day and age. It might explain why the internal audit literature contains few research and guidance on the topic. IAF's that do work on supply chain take different approaches and scopes tailored to the organization, taking into account different topics. Often these include the topics identified in the literature study underlying this survey. Additionally a diverse range of other topics are taken into account, including security and outsourcing. Another example of the diversity between IAFs found in this study. Future research could be performed on the diversity of subjects, and on providing a common analytical framework for operationalizing audits on supply chain management. Surprisingly, ESG related supply chain topics such as climate impact are not included by most IAFs. Only three IAFs indicate to include ESG topics in supply chain audits. With upcoming sustainability regulations (and broader societal developments) Internal Auditors have an opportunity to be a driver for ESG related supply chain topics in their organizations. A good chance to be a business partner preparing and navigating the organization through uncertain times!
Part 3, Developing a Resilient Data Analytics Strategy Due to a complex global business and political environment, as well as stakeholder expectations, business leaders are increasingly focusing attention on data analytics to montior risk and drive strategic decisions. Internal audit already adds value by offering perspective and insights that can help organizations develop forward-looking strategies. An appropriate and resilient data strategy can support and augment that effort. This Global Knowledge Brief examines how chief audit executives (CAEs) and their teams can craft data analytics strategies that enhance internal audit capabilities, determine what technologies best suit their needs, and enhance assurance on key areas of data protection, regulatory compliance, and effective overall data governance. This is for members only. To access it and other valuable resources, become a member today. You can find part 1 here. You can find part 2 here.
This paper, prepared by ecoDa on behalf of Governing Bodies, FERMA representing European Risk Managers and ECIIA representing Internal Auditors, focuses on good governance. Governance models such as the Three Lines foster cooperation among all functions and operations within a company, so that sustainability can be truly embedded in business operations and strategic sustainability-related objectives can be achieved. Risk Management (Second Line) and Internal Audit (Third Line) are key forces to support the Board and Senior Management as essential parts of the Three Lines model, and more broadly. It shows why Directors, Risk Managers and Internal Auditors should act now so their companies can fulfill their sustainability responsibilities and expectations. Embracing the European sustainability challenge will require a comprehensive understanding of the organisation, its strategy, business model and value chain; and the impacts, risks and opportunities that it faces. Cooperation between functions is more important than ever, particularly on ESG as it is a truly transversal topic. ESG embedding: are you ready? Press-release
Part 2: Gathering, Understanding, and Visualizing Data ?As organizations increase their reliance on data to enhance products and services, internal auditors are positioned to leverage this ever-growing resource. Data analytics, robotic process automation (RPA), artificial intelligence (AI), and other tools provide practitioners accessible and valuable avenues to improve efficiency and effectiveness in assurance services and increase internal audit's value to the organization. Areas where data analytics can improve internal audit services include performance reporting, fraud prevention and detection, continuous monitoring, and risk assessment. This Global Knowledge Brief, the second of three that focus on data analytics, explores data in its various forms, data gathering techniques, the importance of data validation, data analysis, and keys to effective storytelling with data. You can find part 1 here. You can find part 3 here.
Literacy, Governance, and Management Today, data analytics — the formal term for examining data sets to find trends and draw conclusions — is a key component of virtually all business strategies impacting all levels, from executive management decisions down to frontline workers. This means it must be a fundamental part of the internal audit universe as well, both as a tool and as a focus (directly or indirectly) of audits. In this Global Knowledge Brief, the first in a three-part series on data analytics, we provide an overview of the forms data takes in today's business landscape, as well as how this data must be accounted for in an effective data governance and management strategy. Without a foundational understanding of these topics, internal audit will find providing independent assurance over this critical area next to impossible. You can find part 2 here. You can find part 3 here.
Applying Key Governance Tools and Frameworks Organizations of all sizes and from all sectors are experiencing growing pressure to demonstrate how they manage sustainability risks and opportunities and report them publicly. The focus of this paper is to show how integrated thinking and reporting, effective internal control, enterprise risk management (ERM), and independent assurance provided by internal audit functions align to help organizations achieve their objectives and meet stakeholder expectations. It is critical to long-term value creation to apply ERM broadly, including to environmental, social, and governance (ESG)-related risks, to understand their impacts and interdependencies throughout the value creation process, and to embrace the value of independent assurance. The paper's objectives are to: Increase understanding and awareness of integrated thinking and reporting. Demonstrate parallels among the COSO frameworks (Internal Control and ERM), The Institute of Internal Auditors' (IIA's) Three Lines Model, and the International Integrated Reporting Framework, in terms of: Informing the content, preparation, and presentation of an integrated report. Reinforcing the role internal audit plays in ensuring the integrity of information underpinning integrated thinking and reporting by providing independent assurance over that information. Helping organizations embed integrated thinking into their approach to ERM.
This release shows the alignment of governance structures in the public sector to The IIA’s Three Lines Model. This paper, created in collaboration with INTOSAI, applies the principles of the model to the public sector, with specific emphasis on the role of internal audit activities, supreme audit institutions, and other external audit providers. Additionally, IIA members may access the Global Knowledge Brief, The IIA's Three Lines Model: An update of the Three Lines of Defense, for further information.
In deze Internal Audit Monitor 2021 schetsen we opnieuw de belangrijkste ontwikkelingen van IAF’s bij in Nederland beursgenoteerde vennootschappen. We staan, evenals afgelopen jaren, stil bij de ontwikkeling in het aantal en de verschillende verschijningsvormen (intern, uitbesteed, gecombineerd) van internal audit functies over de boekjaren 2016 – 2020. In de herziening van de Nederlandse Corporate Governance Code (de Code) in 2016 werd de Internal Audit Functie erkend als essentiële schakel in de besturing en beheersing van de organisatie. Het realiseren daarvan is niet echter niet altijd makkelijk, met name voor de kleinere beursfondsen, en zeker geen ‘eenheidsworst’. IIA Nederland heeft sinds 2017 de realisatie van dit principe uit de Code gevolgd met de Internal Audit Monitor. Niet alleen om dit in beeld te hebben, maar vooral om bestuurders en commissarissen handvatten te bieden de IAF binnen hun organisatie zo goed mogelijk in te richten, en daarmee de kwaliteit van de governance waar mogelijk te verbeteren. Klik hier voor de Internal Audit Monitor 2017
Organisaties moeten zich razendsnel en frequent aanpassen aan drastisch veranderde omstandigheden waarin zich nieuwe risico’s manifesteren en nieuwe kansen voordoen. Traditionele benaderingen volstaan niet meer; de nieuwe werkelijkheid vereist een nieuwe kijk op die werkelijkheid. Internal auditors spelen hierin volop mee en zijn meer dan ooit een waardevolle bron van informatie, een zintuig zo u wilt, voor het bestuur van de onderneming en hun toezichthouders. Zij moeten antwoord kunnen en durven geven op die ene vraag: is onze organisatie in staat te floreren in deze turbulente wereld? En ook zij zullen zichzelf steeds opnieuw moeten uitvinden, de ontwikkelingen een stap voor moeten blijven. De bijdragen in dit themanummer beslaan twee invalshoeken. Enerzijds nieuwe blikken vanuit andere, misschien verrassende disciplines. Anderzijds ontwikkelingen binnen en buiten onze organisaties, en de nieuwe blikken die internal auditors daarop moeten werpen om hun rol goed te kunnen blijven spelen. De rode draad in deze bijdragen blijkt die allesbepalende factor, de oorzaak van veel problemen en ook de sleutel tot succes: wijzelf, onze waarden, ons gedrag. Wie goed leest, ziet in dit eerst schijnbaar gefragmenteerde geheel vanzelf een samenhang ontstaan: verandering en vernieuwing door diversiteit en een open mind.