Actualiteit
Welkom op onze actualiteitspagina
Ontdek hier het laatste nieuws, bekendmakingen, en publicaties op het gebied van internal audit
Nieuws
Publicaties
Liquidity is key to a robust and solvent financial sector. Supervisory principles hold boards accountable for an organization's liquidity adequacy assessment and advocate a relevant and active internal audit role in assessing an organization's liquidity risk management (LRM) process. To assure an institution's senior management and board that liquidity management is aligned to the business strategy and risk appetite, internal auditors need an approach that fulfills internationally supported standards and local regulations. This guidance, updated from the 2017 edition, gives an overview of international standards and best practices of LRM, including the use of an LRM framework. This is for members only. To access it and other valuable resources, become a member today. Nonmembers may purchase ($ 25,-) the practice guide, “Auditing Liquidity Risk Management for Banks, 2nd Edition."
Every year, the European Institutes for Internal Auditors work together to identify the most important risks for the coming calendar year. The results are intended as a tool for drawing up the audit plans for 2023 and give the governing bodies a good idea of what challenges they can expect in the coming year. Key findings Risk in Focus research The war in Ukraine has taken many organizations by surprise. Macroeconomic and geopolitical risk rose to third place this year (compared to seventh place in 2022). Due to the war and the pandemic, this theme has been given a lot of weight. For example, due to the pandemic, hybrid working has become more and more common, with consequences for Cyber ??security and data security and the war in Ukraine has made it clear that companies in a supply chain are increasingly at risk. In addition, companies run compliance risks in connection with the sanctions against Russia. Cyber security and data security retains the number one position of greatest risk. 82% of respondents consider it a top five risk. It is the area where internal auditors say they spend the most time. An example of why Cyber security and data security is number one is ransomware attacks. These have increased by 80%, as you can read in the report. Human capital, diversity and talent management rose to second place. This has to do with various aspects that now play a role in society. Think of scarcity on the labor market, diversity and inclusion. Climate change and environmental sustainability is becoming an increasingly important theme and has again risen in the top five risks. 37% of internal auditors named this theme a top five risk compared to 31% in 2021. Respondents themselves expect the risk to rise to third place in 2026. The risk of digital disruption and new technology has fallen from second to fifth place. It is expected that the importance of this will increase again in three years' time. During the pandemic, digitization efforts have moved to third place. The structure of the Risk in Focus 2023 report differs from previous years. Rather than a similar description of all top ten risks, the report focuses on those areas that are now of greatest importance to internal audit and its stakeholders. A Board Briefing is also available this year.  
Grootschalige complexe risico's zetten organisaties onder ongekende druk. De hoop was dat 2022 een geleidelijke terugkeer naar de normaliteit zou laten zien, maar het conflict in Oekranie heeft die veronderstelling op zijn kop gezet. Sinds februari 2022 zijn de prijzen explosief gestegen en is de onzekerheid sterk toegenomen. De wereld lijkt af te stevenen op een recessie, hoge consumentenschulden, historisch hoge rentetarieven en voedseltekorten met de verdere politieke onrust die die trends met zich mee kunnen brengen. Belangrijke bevindingen onderzoek Risk in Focus De oorlog in Oekraïne heeft veel organisaties verrast. Macroeconomic and geopolitical risk steeg dit jaar naar de derde plaats (ten opzichte van de zevende plek in 2022). Door de oorlog en de pandemie heeft dit thema veel gewicht gekregen. Door de pandemie is bijvoorbeeld hybride werken steeds normaler geworden, met gevolgen voor Cyber security and data security en heeft de oorlog in Oekraïne duidelijk gemaakt dat bedrijven in een supply chain steeds meer risico lopen. Daarnaast lopen bedrijven in verband met de sancties tegen Rusland compliance risico’s. Cyber security and data security behoudt de nummer één positie van grootste risico. 82% van de respondenten vindt het een top vijf risico. Het is het gebied waar internal auditors naar eigen zeggen de meeste tijd aan besteden. Een voorbeeld waarom Cyber security and data security op de nummer één positie staat is ransomware-aanvallen. Deze zijn met 80% toegenomen, zoals u in het rapport kunt lezen. Human capital, diversity and talent management steeg naar de tweede plaats. Dit heeft te maken met diverse aspecten die nu in de maatschappij spelen. Denk hierbij aan schaarste op de arbeidsmarkt, diversiteit en inclusie. Climate change and environmental sustainability wordt een steeds belangrijker thema en is wederom gestegen in de top vijf risico’s. 37% van de internal auditors noemde dit thema een top vijf risico vergeleken met 31% in 2021. Respondenten verwachten zelf dat het risico naar de derde plek zal stijgen in 2026. Het risico digital disruption and new technology is gedaald van de tweede naar de vijfde plaats. Verwacht wordt dat het belang hiervan over drie jaar weer toeneemt. Tijdens de pandemie zijn de digitaliseringsinspanningen naar de derde plaats gegaan. De opzet van het Risk in Focus rapport wijkt af van voorgaande jaren. In plaats van een soortgelijke beschrijving van alle top tien-risico's, gaat het rapport dieper in op die gebieden die nu van het grootste belang zijn voor internal audit en haar stakeholders. Er is dit jaar ook een Board Briefing beschikbaar.  
In 2022, a ‘perfect storm’ of high-impact, interlocking risks threw many businesses into a permanent state of crisis. Following an ongoing pandemic, the war in Ukraine intensified supply chain failures, fuelled inflation and energy price increases. Boards must rapidly adapt to the new reality of heightened geopolitical instability, climate-related natural disasters, looming recession, an accelerating cost of living catastrophe in Europe, food shortages, employee welfare and skills deficits, and a rapidly industrialising cyberattack landscape. This briefing summarises insights from the latest edition of our annual report, Risk in Focus 2023, which this year is a collaborative project between ten institutes of internal auditors from across Europe. The complete report Risk in Focus 2023 can be found as well on the IIA website.
Internal Audit in a Post-COVID World Part 3: Redefining the Resilient Organization This Global Knowledge Brief, the last in a series of three that examine risks in a post-COVID 19 environment, offers a careful review of lessons learned that may help internal auditors prepare for the next major disruption. Looking closely at three broad areas of consideration, in particular, yields practical insight: What are the attributes of a resilient organization? How can internal auditors help lead their organizations toward greater resilience? How can internal audit increase the resilience of the audit function itself? With the benefit of actionable steps distilled from each of these areas, auditors can better equip themselves to help address potential challenges. Understanding how to enhance resilience is essential as organizations confront large-scale disruptions that seem to occur at an increasing cadence. You can find part 1 here. You can find part 2 here.
Cybersecurity in 2022, Parts 1-3 This collection of Global Knowledge Briefs provides information and analysis on changes to the evolving cybersecurity landscape in 2022. Collectively, it provides practical information to help internal auditors: Anticipate and prepare for new cyber reporting regulations, Strengthen key relationships within the organization to boost ybersecurity effectiveness, and Respond to and recover from cyber incidents. PART 1: How the new SEC proposals could change the game PART 2: Critical Partners — Internal Audit and the CISO PART 3: Cyber Incident Response and Recovery
Internal Audit in a Post-COVID World Part 2: Supply Chain While the global supply chain has yet to recover fully from the pandemic, the internal audit community now has enough available hindsight to analyze what went right in the responses to the global supply chain crisis, what went wrong, and what actions organizations can take to help address any vulnerabilities the pandemic exposed. You can find part 1 here. You can find part 3 here.
Internal Audit in a Post-COVID World Part 1: Talent Management This Global Knowledge Brief looks at talent management in a post-COVID environment. What emerges is a picture of employers struggling to define a new equilibrium that embraces work-life flexibility to attract and retain top talent while maintaining productivity, resilience, and innovation in a rapidly changing world. This will invariably impact internal auditors, both in maintaining effective internal audit functions and delivering high-quality assurance and advisory services over this evolving risk area. You can find part 2 here. You can find part 3 here.
The Internal Audit Foundation and The IIA conducted a global survey to inform the new report, Internal Audit: A Global View, to gain a clearer perspective of our profession and its professionals. The report captures the breadth and depth of internal auditing and the nuances of industries, sectors, and regions with feedback from more than 3,600 auditors in 159 locations. The results reveal regional differences within a vibrant and diverse profession that’s not only broadly involved in traditional activities like compliance, risk, and fraud but also adding value for stakeholders through governance, sustainability, and IT/cybersecurity engagements. The report examines how internal audit functions are positioned differently within entities, explores how a function’s reporting line correlates with its funding and dives deeper into other regional differences. Within the report are 12 action items outlining opportunities for improvement and continued growth.
Hoe ziet de toekomst eruit voor het internal auditberoep? In de jaarlijkse ‘Internal Auditing around the World’ publicatie van Protiviti delen tal van leiders binnen het vak hun visie over de belangrijkste trends en ontwikkelingen. Het is alweer de achttiende keer dat Protiviti (een adviesbureau gespecialiseerd in onder meer risk, governance, finance en compliance) zijn jaarlijkse publicatie uitbrengt. Centrale onderzoeksvraag: hoe kan internal audit zich doorontwikkelen en blijven inspelen op de veranderende behoeftes binnen- en buiten de organisatie. Na gesprekken te hebben gevoerd met tien leiders in audit en internal audit, komen de onderzoekers tot een heldere conclusie: internal audit heeft een “belangrijke rol” gespeeld bij het helpen van organisaties tijdens de coronacrisis en bij het beperken van de financiële en operationele risico’s.
The World Business Council for Sustainable Development and The IIA collaborate to offer practical suggestions and examples for integrating sustainability considerations into the key roles and responsibilities within The IIA's Three Lines Model. This paper considers how environmental, social, and governance (ESG) threats and opportunities should be embedded into the Three Lines processes to ensure efficient and effective risk management and internal oversight.
Intended to serve as a practical, step-by-step approach for internal audit leaders, this guide summarizes the standards, staffing, and resources needed to successfully plan and implement or improve an internal audit activity in the public sector. It reviews existing literature, applicable IPPF guidance, and practical advice from experts who have been through the experience. This practice guide will help: Identify issues to address in establishing an effective internal audit operational delivery model or in improving an existing internal audit activity in compliance with the IPPF and national and local requirements. Apply practical considerations when establishing or improving an internal audit activity's processes such as: Creating a strategic plan. Establishing a delivery model and organizational position and relationships. Identifying necessary resources and competencies and hiring and training staff. Creating and carrying out an enterprisewide risk assessment and audit plan; performing and reporting on assurance services and consulting engagements including quality assurance. Reporting on internal audit performance and collecting feedback from stakeholders to help ensure organizational value. Recognize and handle the political dimension (or potential interference) on internal audit within the public sector, in its planning, performing, and reporting on assurance work in line with the IPPF. This is for members only. To access it and other valuable resources, become a member today.
In an increasingly complex cyber environment organizations require, clear, robust cybersecurity controls and processes built on core fundamentals, including continuous learning about the risk and its related regulations, as well as communication and alignment among the board, management, and internal audit. This Global Knowledge Brief focuses on the development and implementation of an organization's cyber incident response strategy, and more specifically where internal audit can provide organizational value in assessing the controls critical to quickly recovering from a cybersecurity breach. You can find part 1 here. You can find part 2 here.
Stability within the banking sector is crucial to preserve the trust that underpins a well-functioning economy. Government legislators and regulators globally have incorporated the Basel Framework, a composite of recommendations created after the 2007–09 financial crisis, into regulations for financial institutions.
The IIA's three-part Global Knowledge Brief series on cybersecurity presents an overview of the new SEC proposals, including the implications they have for cybersecurity reporting regulation in the U.S. as well as abroad. It also explores how internal auditors can play an important role in helping their organizations manage an altered compliance landscape that new regulations could soon create. You can find part 1 here. You can find part 3 here.