A few years ago, I was privileged to be a member of the Institute of Internal Auditors’ Relook Task Force.
It had a couple of objectives, including reviewing the Definition of Internal Audit (which it decided did not require updating, although we did decide to add a Mission of Internal Audit), and answering the question of whether the IIA’s International Standards for the Professional Practice of Internal Auditing should be principle or rules based. We quickly agreed they should be principle based, but what are the principles? That lead to the development of the Core Principles of Internal Auditing, which were published after approval by the IIA’s board.
One of the points that was made by one of the other members was that while there is value in formal communications by internal audit, such as the audit report, in many cases management and the board obtain immense value when internal audit shares their less formal insights. That sharing is often not included in formal audit reports. These insights may not be backed up by “evidence” that would stand up in a court of law, but are instead the professional opinions and observations of the internal auditors.
We are Entitled to Professional Opinions!
The Task Force was unanimously of the opinion that insight was not only of great value but sharing it should be included in the Core Principles. Most of us were experienced chief audit executives (CAEs) and knew that the audit committee’s questions usually asked for insights that went beyond the content of any audit reports, beyond what we could prove with evidence.
One of the members of the IIA staff has said that the IIA’s Standards Board doesn’t see a difference between advice and insight. Which takes me to my point: What is the difference between advice and insight?
I asked Google’s new artificial intelligence engine, Bard, this very question, and it had a very good answer:
“Advice is a suggestion or recommendation on what to do in a particular situation. Insight is a deep understanding of a situation or problem.
Advice is typically based on the advisor’s experience, knowledge, or expertise. It can be helpful in providing a new perspective or a solution that the advisor has seen work in other situations. However, advice should always be considered carefully, as it may not be the best solution for everyone.
Insight is often gained through experience, but it can also be gained through research, reflection, or simply being open to new ideas. Insight can help you to understand the root cause of a problem, identify your options, and make a decision that is right for you.”
An audit recommendation is advice. We have been doing it forever, and we even talk about consulting or advisory services. Our assessments and any advice we provide should be based on our insights, our understanding of the operation, its objectives, its risks, its organization, its people, its processes, its systems, and its controls.
Practitioners often shy away, however, from sharing their insights beyond what they are prepared to put in their audit reports. Maybe they are afraid of being wrong. Maybe they don’t know how to address challenges by management, because they don’t have sufficient evidence to prove they are right. Maybe they don’t see it as their job! Maybe they don’t see the value of a discussion, open and constructive.
The members of the Task Force would disagree. We all believed that: (a) as experienced professionals we have insights that management values, and (b) we have a professional obligation to share them with management.
Examples of Sharing Insight
We could all tell stories of insights we have shared outside the formal audit report. Let me tell you some stories of my own.
At Tosco, early in my time with that company as CAE, I saw that several direct reports to the refinery manager disliked each other and did not work well together. I shared that in a confidential discussion with the refinery manager. I told him that I thought this was a problem, but I didn’t give him a specific recommendation. He appreciated the insight and worked to address it.
Years later, also at Tosco, my team and I found that the root cause of several accounting issues was a manager who didn’t trust his staff. He refused to delegate any decisions, instead taking them on himself. As a result, he burned the candle at both ends and made serious tired mistakes. We talked to his staff and found them to be experienced and competent—contrary to what the manager believed. I shared that insight with management. They told me they suspected something like that, but didn’t have the insight we did, and they appreciated it. We didn’t make a specific recommendation; we let them figure out (with HR) the best course of action.
At Maxtor Corporation, I was very impressed by the accounting team in Singapore, especially the Controller and Assistant Controller. I shared this insight with management and also with the audit committee. It was information of value to them.
At Solectron Corporation, my team audited procurement practices at several of our global locations. Penang was clearly the best and was obtaining the same materials at better prices than anybody else. They should have been a role model for the other locations. We shared that insight with management, and they appreciated it.
At Business Objects, I noticed that members of the audit committee were grilling the CFO more than I had seen before. I shared that insight with one of the members who confirmed that they weren’t totally confident in the CFO. I also observed that other executives were including the CFO’s #2 in meetings rather than inviting the CFO himself. I shared these insights with the CEO, who said he was aware of the problem. However, my noticing it and telling him what I saw was valuable information to him. He had confidence in the CFO and needed to make sure others did as well.
Also at Business Objects, when I visited our shared service center in Ireland, I found morale to be low, the staff were young and inexperienced, and the managers overwhelmed and of doubtful competency. I discussed these insights with the regional controller in Paris, who was not fully aware of the problem. Changes were made.
See It, Say It
Sometimes, we can see things that management cannot. Our perspective is objective and free from bias (I hope). People will tell us things that they won’t to tell their own management. When we share our professional insights with management, we get their respect. They listen to us and may grant us a seat at the table.
Recently, I was in London and traveling on the Underground. There are frequent announcements asking people to be alert to something possibly wrong: “See it; Say it; We will sort it!” If an internal auditor sees something that management should know, “say it” so they can sort it. Good or bad, they will value the insight.
Norman Marks is an internal audit and risk management expert and author of the blog, “Norman Marks on Governance, Risk Management, and Audit.” He is also the author of several books, including World Class Risk Management, Risk Management in Plain English: A Guide for Executives, and Auditing that Matters.
Note: This article was republished with permission from Norman Marks on Governance, Risk Management, and Audit.
16 Comments
Psychic Parties
naturally like your website but you have to check the spelling on several of your posts. A number of them are rife with spelling issues and I find it very bothersome to tell the truth nevertheless I?ll definitely come back again.
Psychic Parties
Heya! I just wanted to ask if you ever have any issues with hackers? My last blog (wordpress) was hacked and I ended up losing a few months of hard work due to no backup. Do you have any solutions to prevent hackers?
strippers fort lauderdale
Good site! I really love how it is simple on my eyes and the data are well written. I am wondering how I might be notified whenever a new post has been made. I have subscribed to your RSS feed which must do the trick! Have a nice day!
solo male jerking off
Fantastic beat ! I wish to apprentice while you amend your website, how could i subscribe for a blog site? The account helped me a acceptable deal. I had been tiny bit acquainted of this your broadcast provided bright clear idea
strippers florida
Thank you, I’ve just been looking for info approximately this subject for ages and yours is the best I have discovered till now. But, what about the conclusion? Are you positive in regards to the source?
graliontorile
Very interesting info!Perfect just what I was searching for!
Lost mary
Thank you, I have recently been looking for info about this topic for ages and yours is the best I have came upon so far. But, what in regards to the bottom line? Are you certain concerning the supply?
fort lauderdale strip club
Another important part is that if you are a senior citizen, travel insurance with regard to pensioners is something you ought to really think about. The older you are, the more at risk you’re for getting something awful happen to you while abroad. If you are not really covered by several comprehensive insurance plan, you could have several serious challenges. Thanks for revealing your advice on this web blog.
bokep indo
It?s really a great and useful piece of info. I?m happy that you shared this useful information with us. Please stay us informed like this. Thank you for sharing.
local strippers
Awesome blog! Do you have any tips for aspiring writers? I’m planning to start my own blog soon but I’m a little lost on everything. Would you advise starting with a free platform like WordPress or go for a paid option? There are so many choices out there that I’m completely overwhelmed .. Any ideas? Many thanks!
link bokep
I have observed that wise real estate agents all over the place are Promotion. They are acknowledging that it’s in addition to placing a poster in the front property. It’s really pertaining to building associations with these suppliers who at some time will become purchasers. So, while you give your time and effort to serving these traders go it alone – the “Law associated with Reciprocity” kicks in. Good blog post.
best ISO agent program
Superb website you have here but I was curious if you knew of any user discussion forums that cover the same topics talked about here? I’d really like to be a part of group where I can get opinions from other experienced people that share the same interest. If you have any recommendations, please let me know. Thanks a lot!
credit card processing agents
I?d should examine with you here. Which isn’t something I often do! I get pleasure from reading a publish that may make individuals think. Also, thanks for allowing me to remark!
iso vs payment processor
I’m amazed by the quality of this content! The author has clearly put a great amount of effort into researching and organizing the information. It’s refreshing to come across an article that not only gives useful information but also keeps the readers engaged from start to finish. Kudos to him for creating such a remarkable piece!
paper bag
I was wondering if you ever considered changing the layout of your website? Its very well written; I love what youve got to say. But maybe you could a little more in the way of content so people could connect with it better. Youve got an awful lot of text for only having 1 or 2 pictures. Maybe you could space it out better?
male strippers nashville
I get pleasure from, result in I discovered just what I used to be looking for. You’ve ended my 4 day long hunt! God Bless you man. Have a great day. Bye