Archive | June, 2013

The internal audit ban could result in “two ships passing in the night” but may also be a chance for the emancipation of internal audit from financial auditing

21 Jun

The Financial Reporting Council has confirmed that it is to prohibit internal auditors from helping out the external audit team ( In today’s comment Richard Chambers fears that the new UK FRC restrictions on internal and external audit cooperation could result in “two ships passing in the night”. I share his concern.

This, however, may also be a chance for the emancipation of internal audit from financial auditing. To date, external audit often views internal audit as auxiliary to what external audit is tasked to do, that is auditing the financial statements. From that perspective, internal audit is not recognized – and will not be recognized – as a full profession but as a subordinate profession.

A PwC survey (2009) demonstrated, only 13% of internal audit functions spent 25% or more of their resources on strategic and business risks, while these two risk areas are the prime causes of value destruction (60%), followed by operational problems (20%), and only 15% stem from financial risks and a mere 5% from compliance-related risks. That signals that internal audit functions tend to allocate time and resources poorly, and may often examine the wrong issues, exerting too much effort towards auditing financial reporting and compliance controls at the expenses of more critical and relevant strategic, business and operational audit subjects. From that perspective, the internal audit ban represents an opportunity to clarify the internal audit value proposition in practice – which may well be quite different from what external audit is doing.

Please share your view on this.

The Three lines of Defence model for global assurance … Three is a big number.

18 Jun

The IIA and the ECIIA (Corporate Governance Insights | May 2012) position Internal Audit as the third line of defence. According to the widely known model, operational management represents the first line of defence. Functions like compliance, risk management, quality and other control departments are viewed as second line of defense. The 3rd line of defense shall be Internal Audit …

I have some doubts whether this is truly the best way of positioning Internal Audit. I see the risk that three may be regarded too big a number. I wonder, whether this model may be potentially confusing in the eyes of governance stakeholders, and might contribute to marginalize Internal Audit going forward. Is that what Senior Management and the Governing Body want/need?

I would value perspectives and re-assurance from peers in Internal Audit that the three line of defence model is the best way to communicate the value proposition of Internal Audit. What actually could an alternative positioning look like?

Louvain School of Management among the best management schools in the world

12 Jun

EQUIS (the European Quality Improvement System) re-accreditation confirms Louvain School of Managements’s international reputation. EQUIS testifies high academic quality and professional relevance provided by close interaction with the corporate world.