Christophe Quiévreux
1996…
1998…
2000…
2003…
2005…
2006…
2008…
2008…
2010…
Where did we fail? Where did we fail?
Changing paradigms? Not really. Our environment changes. Not our objectives. And Coso is still there…
Still an undefined function? For a part. Often a transition job, not a career => too few
« heroes » or « champions » which could set the tone at the top
Lack of competence? We are strong in methodologies, weak in business knowledge & technology
Lack of shareholders support? Could be, but sometimes an easy excuse. Legitimation is key
Internal Competition ? We have competition big time. But it is a thread, not a cause of the problem.
What ’s coming up What ’s coming up
« Internal Audit mandates is becoming very large. They are expected to be everywhere. No matter the methodology ».
IT risks are high on the agenda of Audit Committees. Because they feel they loose control (cloud, social network… )
« Auditors should not look at transactions. They should ensure someone looks at it. They should have the broadest perspective ».
« Internal audit should be more involved in due diligences, M&A, and in organisational changes ».
“Internal Audit’s involvement in corporate governance processes will grow”.
Cost Effectiveness of Internal Audit will be more regarded.
One More Try One More Try
Alignment with stakeholders needs Auditing is not consulting Proficient in business and in
technology Talk straight & Courage
One More Try One More Try
Alignment with stakeholders needs Who is your ultimate buyer? What is the (real) motivation for
internal audit? Don’t stay in a « pro forma » position
(if you can)
One More Try One More Try
Auditing is not consulting Current IA definition is misleading Rather : internal audit is an assurance
activity (…), performed by professionals, who can also, occasionally, provide consulting services
One More Try One More Try
Proficient in business and in technology
Train auditors on business, not on audit
Raise the bar of quality standards Become « legitimate » to the CxO’s
to discuss/ assess their risks
One More Try One More Try
Talk straight & Courage Heros needed (e.g. Cynthia Cooper) Dare to raise red flags, to walk the
« last mile » Develop your own integrity. There is
a true north ! Recognize your conflicts of interests
(do you serve your organization or your career?)
=> Need to protect the profession
Conclusion Conclusion
Going beyond compliance (esp.in public sector) , NOT beyond assurance (vs consulting)
Provide new assurance services, beyond regulation (both on effectiveness and efficiency): Financial processes Information systems Business performance Assets protection Governance Sustainability
Need for new benchmarks (assurance against which standard?) and another revolution…
Top Related