New Survey Sheds Light on Shifting Internal Audit Priorities

As internal audit emerges from the long, dark winter of COVID-19, a recent survey of Chief Audit Executives performed by AuditBoard has revealed two timely and compelling observations. First, internal audit’s overall resources remained mostly stable throughout the period of disruption. Second, internal auditors are prioritizing their resources to address cybersecurity and other critical risks confronting their organizations to a degree that has never before been seen. 

New survey data illuminates internal audit’s recent and upcoming resource levels as well as the top seven critical risks auditors are honing in on for the remainder of 2021. Download the full report, Internal Audit’s Top 7 Risks for the Remainder of 2021, to learn how internal audit can begin to confront these risks strategically and effectively.

A Positive Forecast for Internal Audit Resources

Despite widespread speculation throughout 2020 that the pandemic crisis would negatively impact internal audit’s resources, internal audit functions have emerged in relatively healthy shape. A June 2021 AuditBoard survey of almost 200 Chief Audit Executives across various sectors in North America revealed the majority of audit department budgets stayed about the same over the past year, while only 17% experienced budget decreases. Responses regarding staffing were even more encouraging. Only 11% of respondents reported staffing reductions over the past 12 months, while 18% reported their staffing levels had actually increased over the same period. The remaining 71% are continuing to function at pre-COVID staffing levels.

Source: AuditBoard Poll, June 2021

Source: AuditBoard Poll, June 2021

Looking ahead, the picture is even brighter. 21% of CAEs anticipate their budgets will increase in the next 12 months, while only 8% anticipate a decline. Similarly, 20% of CAEs project increased staffing over the next 12 months while less than 6% expect decreased headcounts in their internal audit departments. 

Source: AuditBoard Poll, June 2021

Source: AuditBoard Poll, June 2021

As encouraging as this resource outlook is, astute internal auditors must weigh it against the rapid emergence of new risks and those on the horizon. A heightened regulatory environment and dramatic increases in government spending will likely add to the crowded risk portfolios of organizations across all sectors. To protect and enhance value for the organization it serves, internal audit must be vigilant in focusing on new and emerging risks. The profession will need not only increased resources to succeed in the current environment, but also a strong emphasis on agile risk management practices that enable more accurate, more intelligent, and faster responses that can help to preserve and enhance organizational value. 

2021’s Biggest Risks: Cybersecurity – and Everything Else

AuditBoard’s CAE survey reveals that internal audit leaders have a clear grasp of the top risks confronting businesses for the remainder of 2021. 

Source: AuditBoard Survey, June 2021. Weighted average on a scale of 10. 

At the forefront is cybersecurity, a risk that has increased exponentially due to a series of highly publicized cyber attacks on infrastructure and other high profile targets in the first half of 2021. Data privacy risks and third-party risks are also top priorities as cyber criminals and others have exposed data vulnerabilities. In addition, post-pandemic workforce turnover and rapid digitization is heightening talent risk for organizations in all sectors. Concurrently, organizations must continue to manage supply chain risks that contributed to pandemic-induced disruption and compliance risks that are emerging in a heightened legislative and regulatory environment. 

For a deeper dive into the top seven risks with actions internal auditors can take to help organizations confront these risks strategically and effectively, download the full report, Internal Audit’s Top 7 Risks for the Remainder of 2021.