Companies Expect to Increase Risk Management Activities

A groundbreaking study from the Institute of Internal Auditors (IIA) shows that companies are continuing to focus attention on risk management activities.

The 2010 Global Internal Audit Survey, released by the IIA last week, marks the culmination of a two-year effort to collect and analyze responses from 13,582 practitioners in 22 languages and more than 107 countries. According to the IIA, it's the most comprehensive global study ever conducted on the practice of internal auditing.

The results show that:

80 percent of respondents foresee an increase in their risk management activities.


Nearly one quarter (23 percent) project more corporate governance reviews in the next five years.


Survey participants attributed this heightened focus to: (1) the increasing frequency and complexity of major risk events, (2) the fact that internal audit activities have stepped up their coverage of many risks in response to serious control breakdowns in the financial services sector, (3) the rethinking of risk oversight by audit committees and boards, and (4) The IIA's International Standards for the Professional Practice of Internal Auditing (Standards) requirement that internal auditors evaluate governance and risk management capabilities.


Roughly half of those who participated in the study expect to recruit more staff during the next five years, and the two skills in greatest demand are: (1) understanding the business, and (2) knowledge of risk analysis and control assessment techniques.


IIA researchers also identified a growing need for specialized training in data collection and analysis, operational research, and new audit tools and technologies due to the changing nature of internal audit procedures and their increasing automation.


"(This study) provides an empirical demonstration of the dramatic shift we've seen take place since the financial crisis. Organizations are recognizing the harmful impact of inadequate corporate governance and the significant risk it poses to the effectiveness of the risk management function; internal auditors are naturally following the risks and aligning their coverage in response to their stakeholders' changing expectations," IIA President and CEO Richard Chambers, CIA, CGAP, CCSA, said.