Vaktechnische Publicaties

This publication is a comprehensive overview of IIA NL’s research into non-traditional auditors. It provides a comprehensive overview of better practices identified related to competence, quality, independence, objectivity, selection and reward of non-traditional auditors. For readers interested in a more extensive publication; please read the extended edition with more guidance and background or a scientific version published in MAB.

To bring a high level of expertise on-board IAFs increasingly include persons that are not trained as auditor and/or have no experience in performing internal audits. These non-traditional auditors, often named rotational auditors, guest auditors or ‘subject matter  experts’, function as part of the IAF for a specific period of time and come from within the organization or are hired from the outside. The use of non-traditional auditors has several advantages for the non-traditional auditors themselves, the IAF and the organization. The purpose of this document is to share better practices regarding the use of non-traditional auditors in the IAF. These real-life examples are recommended protocols put in place to profit from the advantages of using non-traditional auditors, to ensure their valuable inputs contribute to the objectives of the audit function without compromising the quality of the audit process and its outputs.   You can read the comprehensive overview here  

Without question, 2020 was defined by the global coronavirus pandemic (GCP). By March, as the research for Risk in Focus got underway, Europe had become the epicentre of the biggest public health crisis in living memory. This caught most countries and businesses off guard, despite the fact the World Economic Forum and others had already been sounding the alarm on global health security and the probability of a pandemic event.  Not only has the virus had huge public health consequences, social distancing and lockdown measures have had profound economic impacts. The GCP is the most significant and far-reaching event for businesses since at least the global financial crisis of 2008, and is expected to cause a deeper recession, higher rates of unemployment and bigger increases in public debt.  Businesses and their risk profiles have been significantly affected by coronavirus. The safety of workers has been a priority, with staff sent home to work in the first half of 2020 under orders from governments and employers. Lockdowns inevitably caused immense operational disruption as companies were forced to rapidly adjust and sectors including manufacturing, construction and industrials had to reduce output in order to maintain distancing measures within their core business. The beginning of summer 2020 was marked by an easing of restrictions as governments managed the delicate balance of kickstarting their economies with resurgences in infections. It is expected that this challenge will have to be managed throughout 2021. Although the exact course of the pandemic’s development is uncertain, it was continuing to accelerate in the second half of 2020. The longer-term implications of this exceptional scenario are less clear. Lessons will be learned over the coming months and years by governments and businesses. Internal audit can and should assist in this regard. Its unique 360-degree view of the business and risk-control mindset can help organisations identify their blind spots and opportunities to improve their operations. Looking ahead to 2021, internal audit’s enterprise-wide perspective has never been more necessary. Boards and executive management teams will depend on this independent top-down viewpoint for insights into the business and its risks during what remains a significantly challenging period. This is the exceptional backdrop against which this year’s Risk in Focus is set. Also available: Board briefing Guidance Cybersecurity and data security Webinar Cyber and Data Security  Guidance Macroeconomic and geopolitical uncertainty Guidance Climate change and environmental sustainability

Putting risk into focus for the board Board members must be aware of their organisations’ principal risks (and opportunities) and the external threats to their operations and strategies. They should also have confidence that internal audit is prioritising these. Especially now. The risk landscape has taken a dramatic and unexpected turn. Looking ahead to 2021 we see that the global coronavirus pandemic (GCP) is likely to shape the risk profiles of organisations in many ways. Rather than posing a novel risk, the pandemic has exacerbated and magnified existing risks as well as opportunities that you as a board member should be mindful of.  This briefing summarises insights from the latest edition of our annual report, Risk in Focus 2021 (RiF21), which this year is a collaborative project between ten institutes of internal auditors from across Europe.

The internal audit function has an important role to play in providing assurance over the effectiveness and security of key processes outsourced from (re)insurance undertakings to third parties. It is crucial that key stakeholders, including management, the board and the (re)insurance undertaking’s supervisors can place reliance on the work of internal audit in respect of the risk management of third parties, while at the same time maintaining a reasonable expectation of the extent of the internal audit function’s responsibilities in this area. This paper sets out the view of the ECIIA Insurance Committee (the Committee). It is based on the position paper on Internal Audit Oversight of external outsourcing issued by the ECIIA Banking Committee, on best practices that could be adopted by internal audit functions in respect of the audit of externally outsourced services. This paper was adapted to the specifics of the (re)insurance undertakings, in particular the regulatory requirements of Solvency II. This paper does not consider: Outsourcing of internal audit as a function Internal outsourcing (from one legal entity to another within the same group), albeit many of the same concepts could be applied