View from the top: Share – lessons from the A&R Awards

There is no single right or wrong way to carry out many common internal audit tasks, but every internal audit team is trying to cover more areas and add more value while aiming for greater efficiency. With the risk landscape shifting constantly and the pace of change increasing, we are all being challenged to develop new skills and transform the way we work.

This is why it was particularly interesting to be a judge on this year’s Audit & Risk Awards. It was the first time I had been involved in the awards this way, as I have only recently returned to internal auditing in the UK. I enjoyed having the opportunity to review the shortlisted submissions and gaining an insight into what audit leaders and teams are doing in different types of organisation and sector, along with functions of varying sizes and maturity.

Overall, I was impressed at the quality of the nominations and the level of detail they included. They were generally thoughtful and well-structured and it was clear that, no matter what their starting point, all the teams shared an objective to grow and develop and broaden their experiences.

One of the best things about the awards is that they aim to connect internal audit professionals with what is going on in other organisations and to encourage them to share the ways they are dealing with new opportunities and challenges. For me, the strongest entries were generally those with endorsements from senior leaders in the organisation that sounded personal and genuine and demonstrated a close relationship with, and understanding of, the internal audit function.

I was also reminded of a common challenge for all internal audit teams, which is to ensure that we put ourselves in a position where we are judged just as rigorously as we evaluate our auditees. We all need to know how we are perceived and valued by the organisation and whether we are fulfilling our remit and meeting evolving needs as our organisations and the world they operate in change.

Having read this year’s award entries, I could see there were many exciting projects and transformations going on and I took some ideas away to explore with my team. However, it made me wonder why far more internal audit teams aren’t using the awards as an opportunity to capture and record their most interesting or innovative projects and share these with management and the wider internal audit profession.

We are all under pressure to develop and change and the past couple of years have thrown up huge challenges. If teams have found ways to tackle new and emerging risks, or improved the way they monitor the risk environment and offer assurance, then why not use the awards as an opportunity to reflect on your achievements and record them succinctly as you have to on the nomination form? This is a useful exercise in itself, since, if you conclude that your team has done nothing transformative in the face of so many new risks and opportunities, you should be asking why not.

The nominations also demonstrated some clear themes that are taxing the imaginations of internal audit leaders at the moment. First among these is the challenge to upskill team members and improve the function’s capabilities. We are all looking for internal auditors with business acumen, the ability to use technology, experience with data analytics and a wide range of interpersonal skills, as well as technical internal audit knowledge. Sharing how we are approaching team development with others in the same situation is always helpful.

It was also clear that culture is moving up internal audit’s agenda. It’s always been embedded in what we do, but is often implied rather than explicit. The increasing value placed upon internal audit by its stakeholders is reflected in more demands to get involved in consultancy and advisory work. The ability to meet that expectation and secure the cherished position of “trusted adviser” cannot be done without demonstrating a deep understanding of the culture of the organisation.

Internal auditors can’t be experts in everything, but we do need the capability to provide assurance across a growing range of areas – which is especially problematic when it comes to technology. I was, therefore, surprised not to see more award nominations focusing on how teams are developing their ability to audit technological advances.

Many teams seem to focus on how they use technology, especially data analytics, within their audits. However, while that is important, a broader issue is how internal audit is involved in the organisation’s use of technology and what this means for its risks. This is a huge challenge for internal audit. How do we develop ourselves to ensure we can offer advice and assurance over our organisation’s use of new technologies and the risks this creates? Organisations also continue to increase their reliance on outsourcing contracts for technological support, which adds another layer of complexity and risk that internal audit needs to understand.

It is good that organisations are demanding more of internal audit functions and, as the endorsements for the award nominees show, senior managers are recognising the value they get from excellent teams. However, we face significant challenges to meet this demand and ensure we offer the best service possible.

To do this, we need to take every opportunity to share our experiences, our ideas and our successes, to do so as widely as possible and to learn from each other. The awards are an excellent way to achieve this, so I hope many others will be inspired by the work of the winning teams and will consider entering their own nominations next year. 

This article was first published in July 2022.