The recent spate of business crises and our organizational responses to them have highlighted a surprising misconception – that risk is the opposite of reward. It is not: loss is the opposite of reward. Risk simply represents the possibility that a loss or reward will occur.
For Chief Audit Executives and their staff, this point marks a crucial and highly personal distinction.
Just as business success will be determined by risk intelligence (see “Identifying the CAE’s Risk IQ” side bar) at the strategic level rather than risk aversion on a tactical level, so too, will internal audit’s ultimate value be determined by strategic contributions to the business rather than through tactical accomplishments (i.e., executing the annual audit plan) alone.
Amid the great economic uncertainties facing companies and the mounting pressures bearing down on internal audit functions, this much is certain: the Chief Audit Executive has a unique opportunity to assume and/or solidify their role as a strategic business partner to the CEO and CFO.
Those who leverage this opportunity through strategic risk management endeavors, innovation (such as continuous auditing activities or data analytics, etc.), board committee relationships and other strategic priorities1 will help lead their companies to greater success while enjoying more rewarding career opportunities. Internal audit executives and managers who choose to reside on the more tactical side of their job description may enjoy less financially rewarding career opportunities; however their services will remain in high demand for the foreseeable future. To be sure, both choices are valid and a matter of personal preference.
Regardless of which end of the positional spectrum internal auditors choose to occupy, the road ahead will be difficult. Given the regulatory and economic conditions, as well as the recent post-Sarbanes-Oxley focus on financial internal controls, all internal auditors will need to:
