Archive | October, 2016

Sharing online access to fresh article – up to 50 downloads

20 Oct

50-pdf

Up to 50 downloads free of charge

Sarens, G., Lenz, R. & Decaux, L. (2016) Insights Into Self-Images of Internal Auditors, EDPACS, 54:4, 1-18

EDPACS, 54:4, 1-18

manuscript_insights-into-self-images-of-internal-auditors_2016

Abstract

The purpose of this paper is to critically analyze self-images of internal auditors in the light of the metaphors and short descriptions they give about their own role(s) in their organization. Worldwide data have been collected via a forum for internal auditors on LinkedIn where they were asked “If you were asked to write down a catch-line to sum up your role as internal auditors in your organization, what would it be?” The analysis distinguishes five clusters of self-images whereby some of these self-images could be self-inflicted pitfalls creating the wrong expectations and perceptions within the organization: (1) negative self-images that may create distance and form the basis of non-acceptance; (2) overly modest self-perceptions; (3) use of self-evident and empty words that could lead to marginalization in the eyes of internal auditors’ stakeholders; (4) overly ambitious claims, Superman-like, creating the basis for disappointment as internal auditors all too often over-promise and under-deliver. Eventually (5), we also find original and helpful self-images that point to positive characteristics and differences, which should help in creating a unique and sustainable identity, and also support internal audit’s pursuit of greater effectiveness. The analysis of how internal auditors view themselves may explain why some internal auditors are on a route to marginalization and disappointment, while others embark on a more promising path creating a positive, unique and sustainable identity as suggested by recent studies. Ultimately, we suggest that viewing internal auditors as farmers is a promising metaphor with which to position internal audit and strengthen its value proposition.

Keywords: Internal audit, self-images, metaphors, identity

Advertisements

What is the most significant internal audit event in the last 30 years?

7 Oct

See discussion in Chief Audit Executives Group @ LinkedIn (Tom McLeod)

There are excellent proposals, including the Cadbury report in the UK, Cynthia Cooper as Vice President of Internal Audit at WorldCom, or the integration of Risk Assessment /Management into the internal auditing function and so forth.

Here is my suggestion:

I can imagine that COMBINED ASSURANCE could become a watershed event, a true game changer. That concept has come on the agenda via the King code on corporate governance for South Africa (also known as King III). Combined Assurance is still pretty fresh and hardly implemented, yet, certainly outside of South Africa. However, I see much value and potential in that concept, possibly upgrading Internal Audit (IA) into INTEGRATED ASSURANCE (IA), eventually: that is, speaking with one solidified voice, providing an holistic perspective on residual risk and so forth. IA would then render potentially much more (perceived) value to the board and senior management, once silos and the 3+ lines of defense have become more integrated. This forthcoming trend – as I see it – may help the IA profession, provided internal auditors can step up to the plate and lead that change. That, however, remains to be seen. Who will drive that change? Change possibly towards establishing a “Corporate Governance Officer” or so someday. Who will be taking that seat at the table? There is competition … IA may come out stronger or IA may be further marginalized. Action is needed.

Views welcome.

SARENS, DECAUX & LENZ (2012), COMBINED ASSURANCE

Audit cycle – How we actually work

7 Oct

I value this diagram from Scharmer’s “Theory U” (2009) and recommend it for use within the Internal Audit (IA) community:

ia-practice-pic

Based on the insight that IA is not the decision maker, IA is not the one that will ultimately change things, IA can only inspire people to change. That requires a healthy level of modesty; asking questions rather than assuming expertise; being open-minded and respectful in regard to the organization; and acknowledging that IA is just one part of the organization, requiring the rest of the organization in order to succeed.

On that basis, this audit cycle starts with appreciating what is:

1 – SEE WHAT WE DO:

IA first sees and appreciates what the company (the process owner/s) do (does). IA is on site and views via, for example, talk-through and document based walk-through what is actually happening, not what should be happening.  Then,

2 – RECOGNIZE WHAT WE SEE:

IA puts things into perspective, compares observed practices with company standards or best practices (to extent known), analyzes, summarizes, synthesizes etc. When possible, in doing so leveraging IT, e.g. via using Process Mining as a tool analyzing big data and unearthing patterns in the digital traces in the ERP systems. Then,

3 – SAY WHAT WE THINK:

IA then states what it saw and thinks it says, thereby pointing out control weaknesses and/or unexploited performance potential. The written audit report is the typical vehicle for doing that. IA considers providing other means of communication as appropriate.  Eventually, and that matters most,

4 – DO WHAT WE SAY:

IA then follows-up on topics and actions as ultimately agreed with management in the closing meeting. In doing so, IA can only trigger action, and help remediation and improving things, but it cannot act on behalf of the key process owners themselves as it has no operational responsibility.

Views welcome.

Who wants (needs) the Qualification in Internal Audit Leadership (QIAL)?

2 Oct

qial-dia

This new Internal Audit qualification (QIAL brochure) was introduced in 2015. About one year on, in Germany, only 1 person is qualified as QIAL:

qials-in-germany

My little poll from September 2016 indicates that there is very little interest – if any – among practitioners in Germany to pursue this qualification.

Is that different anywhere else in the world? I would be keen on getting a broader picture from the Internal Audit (IA) community. My concern:

Does the plethora of IA degrees and designations dilute the value such certification could have and impair the identity of IA professionals on whom they are bestowed?

Views welcome.