How does your organization assess the effectiveness of internal audits?
Typically, the stewardship responsibilities of a board of directors include the identification of an organization’s principal risks, the implementation of systems to manage them, and the integrity of internal control and management information systems. Typically, an internal audit function plays a key role in assessing and reporting on these areas.
In general, directors are expected to satisfy themselves that the internal audit function of an organization is done and effective.
But are these things happening for your organization, and how does your organization assess the effectiveness of internal audit?
“Good internal audit functions have processes for assessing their own effectiveness” says the response to question 14 of the Canadian Institute of Chartered Accountants publication, 20 Questions Directors Should Ask about Internal Audit, Second Edition.
The recommended practice further says those processes should include related performance measures that are developed by the chief audit executive in agreement with the audit committee.
Within the listed example measurement techniques are internal quality assurance reviews (e.g.).
At this juncture, it would be interesting to know (whether or not on the agenda for the upcoming national conference Sept 23, 2012), if many organizations have implemented IA quality reviews, perhaps using something like an internal audit quality assessment manual or quality assurance and improvement program.
It would also be interesting to know if those reviews suggest that anything different should be done to harness the full potential of internal audit or to address any inherent risk of future obsolescence such as unless IA takes on a more risk-centric mindset (e.g.).
As always, feel free to comment and to let us know what you think. Don’t hesitate to share with your peers what you are applying in your organization.
Quality Management Specialist
Latest posts by Ron Richard (see all)
- Change, exponential power, enterprise architecture, governance and stakeholder engagement - March 4, 2013
- Take testing activities up a level - February 4, 2013
- Your service-oriented architecture expert opinion - February 4, 2013