- Risk management: the world is changing, new risks emerge and with that the challenge of Internal Auditors to know how to manage them. They key point here is: how to manage something that you don’t understand or know? If you are in that case, it’s very unlikely to assess risk in an effective way and to show concrete results of Internal Audit's work. Target: helping the company to be able to adapt to any risk in a quick way before it concretes. Solution: understand how the company works and its associated risks.
- Cybersecurity, technology and data analytics: with all the attacks some big companies faced this year, it is mandatory to have controls in place to guarantee that the information is protected and of course that business continues… with the minimum harm to its image and reputation. Think about ransomware, data breach…they are dangerous for companies and individuals and are becoming more sophisticated. Target: have at least one expert in technology within the Internal Audit team; in this way can also be covered new technologies and data analytics. Solution: hire someone expert in technology and teach that person to be an auditor…it is simpler in this way!
- Regulation: new rules are arising, new rules will arise… the first challenge is to understand what should be done, secondly, train staff about it. Target: implement new regulation in time to comply with deadlines and avoid sanctions. Solution: have a multidisciplinary team composed by: Compliance, Legal and Internal Audit who analyzes how to do it; they’ll complement each other by their expertise. Add any other area needed according to the subject.
- Skills: an Internal Auditor should have several skills but one that is imminent: manage conflict. Tip: listen more than talk. Show with evidence your position. Be fair.
Above all: you are not alone; this affects all the Internal Audit profession. See them as opportunities to grow, to make a bigger role for Internal Audit in 2018!