Chapter 06. Managing the Internal Auditing Function

06.03. Strategic Planning for Internal Audit

Credit: Photo by fauxels from Pexels, used under the Pexels License.

Key Questions

Briefly reflect on the following before we begin:

  • How can strategic planning align the internal audit function with organizational goals and risks?
  • What are the critical components of an internal audit strategic plan?
  • What role does resource allocation play in fulfilling the audit plan?
  • What are the benefits of engaging stakeholders in the strategic planning process?

Strategic planning lies at the heart of effective internal audit management, guiding the direction and priorities of the audit function to align with organizational objectives and risks. This section explores the fundamental principles of strategic planning for internal audit, offering insights into critical strategies for developing a robust and adaptive audit strategy. Aligning the audit strategy with organizational goals and risks is a cornerstone of strategic planning, ensuring that audit activities are focused on addressing the most critical areas of concern. By conducting a strategic assessment, audit leaders can comprehensively understand the organization’s risk landscape, enabling them to identify strategic priorities and opportunities for value creation. Setting short-term and long-term objectives for the audit function provides a roadmap for achieving desired outcomes and measuring success over time.

Resource allocation is pivotal in strategic planning, requiring audit leaders to balance budgetary constraints and staffing needs with the breadth and depth of audit coverage. Developing a flexible and adaptive audit plan allows agility in responding to changing priorities and emerging risks, enhancing the audit function’s ability to deliver value to the organization. Engaging stakeholders in the strategic planning process fosters collaboration and buy-in, ensuring that audit priorities are aligned with the broader goals and objectives of the organization. Finally, monitoring and revising the strategic plan continuously enables audit leaders to adapt to evolving circumstances and optimize the effectiveness of audit activities.

Internal Audit in Action

Background

Greene Power Corporation, a global environmental technology company, has seen rapid expansion into new markets and technologies. With this growth came new risks, from cybersecurity threats to regulatory compliance challenges. The internal audit function needed to reassess its focus to ensure alignment with these evolving risks and organizational priorities.

Challenge

The primary challenge was developing a strategic audit plan that was aligned with Greene Power’s strategic goals and flexible enough to adapt to emerging risks and opportunities.

Action Taken

  • Strategic Risk Assessment: The CAE initiated a comprehensive strategic risk assessment with senior management and department heads to identify the most significant risks.
  • Aligning Audit Priorities: Based on the risk assessment outcomes, the CAE developed a strategic audit plan that prioritized audit activities around the key risks and areas of strategic importance to the company, such as new market entries and technology developments.
  • Resource Allocation: The CAE carefully allocated audit resources, balancing the team’s expertise and capacity with the strategic audit plan’s needs. This included decisions on when to co-source expertise for specialized audit areas.
  • Stakeholder Engagement: Throughout the planning process, the CAE engaged with key stakeholders, including the board of directors and audit committee, to ensure the audit plan was fully aligned with organizational goals and expectations.
  • Monitoring and Flexibility: The strategic audit plan was designed to be dynamic, with built-in mechanisms for regular review and adjustment in response to business environment or risk landscape changes.

Outcome

Greene Power Corporation’s internal audit function successfully implemented a risk-aligned strategic audit plan that significantly enhanced the organization’s risk management and governance processes. The focus on strategic risks and opportunities allowed the audit team to provide valuable insights and recommendations that supported Greene Power’s growth objectives and innovation efforts. The flexible planning and resource allocation approach ensured that the audit function remained responsive and relevant throughout the year.

Reflection

This scenario highlights the importance of strategic planning in internal audit, emphasizing the need for alignment with organizational goals and adaptability to changing risks. By taking a proactive, risk-based approach to planning and engaging with stakeholders, Greene Power Corporation’s internal audit function became a strategic partner, contributing to its success and resilience.

Aligning the Audit Strategy with Organizational Goals and Risks

Aligning the audit strategy with organizational goals and risks is a fundamental component of strategic planning for the IA function. This alignment is essential to ensure that IA activities directly contribute to the organization’s success and resilience by focusing on the most critical areas. Regular engagement with senior management and the board is crucial to understanding organizational goals. These discussions help the IA function grasp the organization’s strategic direction, encompassing key initiatives, growth areas, and potential challenges. Reviewing strategic documents such as strategic plans, annual reports, and other relevant documents provides further insights into the organization’s priorities, goals, and performance metrics.

Identifying key risks involves regular assessments to pinpoint current and emerging risks that could hinder the organization’s objectives. These assessments should consider internal and external factors, including market trends, regulatory changes, and operational challenges. It is essential to prioritize these risks based on their potential impact on the organization’s strategic goals, allowing the IA to focus on areas of the highest importance. The alignment of audit activities should ensure that efforts are concentrated on high-impact regions most relevant to the organization’s goals and present significant risks. Moreover, this strategic alignment needs to be dynamic; the IA strategy should remain effective as organizational goals and risk landscapes evolve.

Collaborating with other assurance functions like risk management and compliance can yield additional insights into strategic risks and areas of concern. This approach not only ensures a comprehensive view of the organization’s risk profile but also helps avoid duplication of efforts. Transparent communication of how the IA strategy aligns with the organization’s goals and risks is crucial for securing stakeholder buy-in and support for audit activities. Establishing a feedback loop with stakeholders, including management, the board, and audit team members, is vital for capturing insights on changing priorities and emerging risks, thus facilitating ongoing alignment. Regular reviews of the strategic alignment are necessary to ensure its continued relevance in a changing environment. This may involve adjusting audit priorities or reallocating resources to address new challenges or opportunities. Such diligent monitoring and adjustment ensure that the IA function remains vital in achieving organizational resilience and success.

The IA function can be a critical partner in an organization’s success by understanding the strategic direction, identifying and prioritizing key risks, and providing ongoing collaboration and communication with stakeholders. This alignment enhances the relevance and impact of audit activities and promotes a culture of proactive risk management and strategic focus across the organization.

Conducting a Strategic Assessment to Inform Planning

Conducting a strategic assessment is a foundational step in the strategic planning process for the IA function, aiming to create a focused and effective audit plan. This assessment ensures a deep understanding of the organization’s operational environment, strategic priorities, and associated risks. The first step involves gathering and analyzing pertinent information. This includes reviewing organizational strategies, such as strategic plans, goals, and objectives, to grasp the organization’s direction and priorities. Examining annual reports, strategic documents, and performance metrics is crucial. Assessing the external environment, including industry trends, regulatory changes, and economic factors, helps identify threats and opportunities that could impact the organization. Analyzing the internal environment by reviewing operational processes, control environments, and past audit findings is essential to recognize internal strengths and weaknesses.

This analysis identifies key strategic themes and areas critical to the organization’s success, such as innovation, expansion, efficiency improvements, or risk management. Alongside these themes, significant risk areas that could hinder the organization’s goals must be mapped out and prioritized based on their impact and likelihood. Engagement with stakeholders is crucial. Consulting with management and the board is necessary to validate the understanding of strategic priorities and risk perceptions. Collaboration with other assurance functions like risk management and compliance ensures a comprehensive view of risks and avoids duplication of effort.

Evaluating the IA function’s capacity and capabilities is also vital. Assessing the IA team’s skills, knowledge, and resources relative to the identified strategic themes and risk areas highlights gaps that may need addressing through training, recruitment, or co-sourcing. The adequacy of current audit tools and technology should be assessed to determine if new technologies could enhance audit effectiveness. Finally, documenting and prioritizing findings is critical. Compiling a strategic assessment report that outlines the key strategic themes, risk areas, stakeholder insights, and an evaluation of IA capabilities provides a structured overview of the assessment. Based on this, the team must focus on areas where the internal audit function adds the most value and aligns with organizational priorities. This prioritization informs the development of both short-term and long-term audit objectives, guiding the strategic direction of the IA function.

Setting Short-term and Long-term Objectives for the Audit Function

Setting short-term and long-term objectives for the IA function guides the direction of the IA team, ensuring their work aligns with the organization’s broader goals while also addressing specific risks and compliance requirements.

This strategic alignment illustrates the IA function’s relevance and the integral role that it plays in achieving broader organizational objectives. Internal auditors can accommodate unexpected changes or emerging risks by regularly reviewing and adjusting objectives to respond dynamically to new challenges and opportunities, ensuring the IA function remains effective and responsive.

Establishing Long-term Objectives

Long-term objectives reflect the overarching vision of the IA function. They are typically aligned with the organization’s strategic goals and focus on building a resilient, flexible, highly skilled audit team that adapts to changing environments. Long-term objectives might include:

  • Enhancing the Risk Management Framework: Working toward a more proactive and predictive risk management approach that aligns with the organization’s strategic objectives.
  • Developing Specialized Expertise: Focusing on building expertise in areas critical to the organization’s future, such as cybersecurity, digital transformation, and regulatory compliance.
  • Advancing Audit Methodologies: Incorporating advanced audit tools and techniques, such as data analytics, AI, and continuous auditing processes.
  • Strengthening Stakeholder Relationships: Establishing the IA function as a trusted advisor to the board and management, providing insights beyond traditional compliance and financial risk.

Setting Short-term Objectives

Short-term objectives are more immediate and tactical, typically spanning a fiscal year. They are designed to address current risks and compliance requirements, improve audit processes, and lay the groundwork for achieving long-term goals. Short-term objectives might include:

  • Conducting Targeted Risk Assessments: Identifying and evaluating emerging risks that could impact the organization within the year.
  • Improving Audit Efficiency: Implementing process improvements or new technologies to increase the efficiency and effectiveness of audit activities.
  • Enhancing Training and Development: Providing targeted training and professional development opportunities to address skill gaps and prepare the team for future challenges.
  • Increasing Engagement with Management: Working closely with management to understand their concerns and priorities, ensuring audit plans are responsive to departmental and organizational needs.

The Advantages of Setting Objectives

  • Effective communication of these objectives is fundamental to securing stakeholder buy-in. Communicating clearly with the board, management, and audit team members garners the necessary support and collaboration for IA initiatives.
  • Transparency in how these objectives were determined and how they contribute to the organization’s goals is vital. Providing clear rationales and being open about IA strategies fosters trust and encourages engagement from all levels of the organization.
  • Monitoring progress toward these objectives is essential to gauge the performance of the IA function.
  • Establishing specific metrics to measure progress helps maintain focus and accountability within the team.
  • Regular reporting on these metrics tracks achievements and areas needing attention.
  • Continuous improvement is a cornerstone of a practical IA function. Utilizing insights gained from ongoing monitoring activities allows for constantly refining objectives and strategies. This iterative approach ensures that the IA function adapts to changing organizational needs and remains aligned with its strategic direction, thereby maintaining its relevance and practicality in a dynamic business environment.

Resource Allocation: Balancing Budget and Staffing Needs with Audit Coverage

Resource allocation within the IA function is a critical aspect of strategic planning, requiring a careful balance between budget and staffing needs and the coverage necessary to address identified risks and organizational goals. This balance ensures that the IA function can operate effectively, providing the organization with the required advisory and assurance services.

Balancing budget and staffing needs with audit coverage is critical to effective resource allocation within the IA function. This process begins with a comprehensive risk assessment to identify the areas of highest risk to the organization. The results of this assessment inform the prioritization of audit activities and determine the depth of coverage required. It’s also important to consider the organization’s strategic objectives and any areas that might require special attention due to changes in the business environment, regulatory requirements, or operational challenges. When developing an operating budget for the IA function, fixed and variable costs should be accounted for, including salaries, technology investments, training, and external consulting fees. Performing a cost-benefit analysis for each proposed audit activity assesses the potential value added by the activity versus the resource expenditure, helping prioritize activities based on their strategic importance and potential impact.

Evaluating the skill sets within the IA team is necessary to identify gaps that need to be filled to meet the audit coverage plan. This may involve hiring new staff or providing additional training to existing members. Considering flexible staffing models, such as co-sourcing or outsourcing for specialized audits, can be a cost-effective way to manage expertise and handle peak audit periods without permanently increasing staff levels. With a clear understanding of risks, strategic priorities, and resource constraints, it’s essential to prioritize audit activities to focus resources on areas that will significantly impact the organization’s risk profile and strategic goals. Developing a strategic and flexible audit plan allows for adjustments as new risks emerge or organizational priorities shift, ensuring efficient resource allocation.

Regular communication with key stakeholders, including senior management and the audit committee, is essential to discuss resource needs, audit coverage plans, and any necessary adjustments due to emerging risks or changing priorities. Being prepared to justify resource requests is crucial, with clear demonstrations of how the resources align with organizational risks and goals and the expected value delivered by the IA function. Throughout the audit cycle, continuous monitoring of resource allocation, progress of audit activities, and the emergence of new risks or organizational changes is necessary. Maintaining the flexibility to reallocate resources to address new or changing priorities ensures that the IA function remains responsive and relevant, effectively balancing audit coverage with budget and staffing needs.

Developing a Flexible and Adaptive Audit Plan

A flexible and adaptive audit plan is crucial in today’s fast-paced and ever-changing business environment. An effective plan allows the IA function to remain responsive to emerging risks, organizational changes, and stakeholder needs while ensuring strategic alignment and resource optimization. The plan should begin with a risk-based approach with a comprehensive risk assessment considering internal and external environments. This assessment should be an ongoing process, with the risk landscape continuously monitored for changes that might necessitate adjustments to the audit plan. Based on this assessment, audit activities should be prioritized to address the highest risks to the organization or those risks that might impact the attainment of its strategic objectives.

Incorporating flexibility into the audit plan is essential. Adaptive planning should include reserving a portion of the audit resources—such as time, budget, and personnel—for emerging risks or unplanned audits that arise throughout the year. Consider structuring audits into smaller, more manageable modules that can be adjusted or re-prioritized without disrupting the overall audit plan. Engagement with stakeholders is a crucial element. Regular communication with key stakeholders, including management and the board, helps to ensure that the audit plan aligns with organizational priorities and stakeholder expectations. Establishing feedback loops will allow for ongoing stakeholder input throughout the audit cycle, providing valuable insights into areas needing attention and helping to refine the audit plan.

Leveraging technology enhances the efficiency and effectiveness of the audit process. Data analytics and automation tools support real-time risk monitoring and identify emerging issues that may require audit attention. Collaboration tools enable the IA team to adapt quickly to changes, share information effectively, and manage audit workflows dynamically. Continuous monitoring of the organization’s risk environment and the progress of audit activities allows for the timely identification of changes that may impact the audit plan. Periodic reviews of the audit plan should be scheduled to assess its relevance and effectiveness in light of new information, changes in organizational priorities, or emerging risks, with adjustments made to align with the organization’s needs.

Documenting the rationale for prioritizations, the scope of planned audits, and the basis for any adjustments made to the plan is crucial for maintaining transparency, supporting accountability, and facilitating stakeholder understanding and buy-in. Regular reports to the audit committee and senior management should provide updates on the status of the audit plan, including completed audits, key findings, and any deviations from the original plan. This comprehensive approach ensures that the IA function remains responsive and relevant in a constantly evolving risk environment.

By focusing on risk, engaging stakeholders, leveraging technology, and maintaining an iterative approach to planning and execution, the IA function can effectively navigate uncertainties and contribute to the organization’s resilience and success.

Engaging Stakeholders in the Strategic Planning Process

Engaging stakeholders in the strategic planning process of the IA function is essential for ensuring alignment with organizational goals, understanding stakeholder expectations, and securing support for audit initiatives. Initially, it’s necessary to identify all potential stakeholders, including the board of directors, audit committee, senior management, department heads, and external parties such as regulators or auditors. Understanding these stakeholders’ diverse needs, concerns, and expectations is fundamental, as this insight helps tailor the engagement approach and ensures that the audit plan addresses pertinent issues. Establishing effective communication channels is essential. Regular updates can be communicated through meetings, newsletters, or interactive platforms, allowing for ongoing dialogue. Organizing workshops or briefing sessions at critical stages of the planning process can also facilitate direct engagement, presenting audit findings, discussing risk assessments, and soliciting input on audit priorities.

Involving stakeholders in the risk assessment process is another critical step. Collaborative risk identification with stakeholders ensures that all significant areas are covered and that their insights provide valuable context. Seeking their input on prioritizing risks ensures that the audit plan is aligned with organizational priorities and addresses stakeholders’ critical areas of concern. Once a draft of the audit plan is ready, sharing it with key stakeholders to invite feedback on proposed coverage, priorities, and resource allocation is vital. Being open to making adjustments based on this feedback enhances the plan’s relevance and effectiveness. Ensuring ongoing engagement involves establishing mechanisms for continuous stakeholder feedback throughout the audit cycle. This continuing dialogue helps identify changing needs or emerging risks that may require adjustments to the audit plan. Providing transparent reporting on audit results, the impact of audit recommendations, and the status of the audit plan keeps stakeholders informed and engaged.

Building solid relationships with stakeholders is foundational to effective engagement. Demonstrating integrity, professionalism, and a commitment to adding value through the IA function fosters trust and encourages open dialogue. Additionally, deepening the IA team’s understanding of the business and its challenges can improve stakeholder engagement, showing a commitment to supporting the organization’s objectives beyond the traditional audit scope. Regular evaluation of the effectiveness of stakeholder engagement strategies is essential to ensure they remain effective. Soliciting feedback on how the IA function communicates and involves stakeholders in planning and adapting engagement strategies based on feedback and changing organizational dynamics is crucial for continuous improvement. This constant improvement in stakeholder engagement leads to more effective audit planning and execution, ultimately enhancing the value the IA function adds to the organization. Engaging stakeholders throughout the strategic planning process ensures that the IA function remains aligned with organizational objectives, responsive to stakeholder concerns, and focused on areas of most significant impact. This collaborative approach enhances the credibility and relevance of the IA function and strengthens its role as a trusted advisor and critical contributor to organizational success.

Monitoring and Revising the Strategic Plan

Monitoring and revising the strategic plan ensure that the IA strategy remains aligned with the organization’s evolving goals, risks, and operational environment. This ongoing process enables the IA function to adapt to changes and deliver value. Establishing robust monitoring mechanisms is the first step. Key Performance Indicators (KPIs) should be developed to measure the IA function’s performance against its strategic objectives. These KPIs might include audit coverage completion, stakeholder satisfaction levels, and the impact of audit recommendations. Implementing a regular reporting schedule to review these KPIs with the audit committee and senior management is crucial. These reports should highlight achievements, identify areas for improvement, and note any deviations from the plan.

Understanding that the risk landscape is dynamic is essential for continuous risk assessment. Regular reassessment of risks should be based on changes in the external and internal environment, including new regulatory requirements, market conditions, and operational challenges. Insights from ongoing risk assessments should be used to adjust audit priorities within the strategic plan, ensuring that the IA function focuses on the most current and emerging risks relevant to the organization. Stakeholder feedback helps to evaluate the IA function’s performance and the relevance of its strategic focus areas. Continuously engaging with stakeholders to gather feedback, whether through formal surveys, meetings, or informal discussions, is necessary. Incorporating stakeholder feedback helps identify opportunities to enhance the IA strategy, and adjustments should reflect stakeholders’ evolving needs and expectations.

Periodic reviews of the strategic plan are essential. Conducting these reviews annually helps assess the relevance and effectiveness of the plan, taking into account the latest risk assessments, performance data, and stakeholder feedback. Staying flexible and making adjustments to the strategic plan based on these reviews is crucial. Changes might involve reallocating resources, reprioritizing audits, or introducing new audit areas to address emerging risks. Leveraging technology can significantly enhance monitoring and revision processes. Utilizing data analytics and AI tools can help monitor trends, risks, and performance more effectively, providing early warning signals of emerging risks and helping assess the impact of audit activities. Collaboration and project management tools are also essential for tracking the progress of audit activities and facilitating communication within the audit team and with stakeholders.

Fostering a culture of continuous improvement within the IA function is vital. Encouraging an environment of continuous learning and regularly reviewing audit processes and methodologies for potential enhancements are essential. Staying abreast of audit practices and technological innovations and experimenting with new approaches can improve the effectiveness and efficiency of the IA function. Finally, documenting any changes to the strategic plan, including the rationale for adjustments, supports transparency and accountability. Communicating updates to the strategic plan and any changes in audit priorities to all relevant stakeholders ensures they remain informed and engaged. This comprehensive approach to monitoring and revising the strategic plan ensures that the IA function continues to align with organizational goals and adapt to changing conditions.

Internal Audit in Action

Background

Yochem Health, a healthcare provider, faced increasing operational complexities and regulatory scrutiny. The internal audit function was traditionally focused on financial and compliance audits, needing more opportunities to address operational efficiency and strategic risks.

Challenge

The challenge was transforming the internal audit function into a more strategic entity that could provide insights into operational improvements and strategic risk management beyond compliance and financial integrity.

Action Taken

  • Conducting a Strategic Assessment: The CAE led an assessment to identify the organization’s strategic objectives and the risks that could hinder the attainment of these goals, including operational inefficiencies and emerging healthcare regulations.
  • Developing a Strategic Audit Plan: The audit plan was developed to focus on areas of strategic importance, such as patient care processes, technology adoption, and regulatory compliance strategies. This plan was closely aligned with Yochem Health’s long-term goals and operational priorities.
  • Engaging with Stakeholders: Regular engagement sessions were held with management and the board to ensure the audit plan’s objectives were aligned with stakeholder expectations and the organization’s strategic direction.
  • Resource Optimization: Resources were optimized by aligning audit team skills with the plan’s priorities and supplementing the team with specialized co-sourced auditors for areas requiring specific expertise.
  • Plan Adaptability: The strategic audit plan included provisions for mid-year reviews to adjust audit priorities based on any significant changes in the organizational risk profile or strategic direction.

Outcome

The strategic transformation of the internal audit function led to significant improvements in Yochem Health’s approach to risk management and operational efficiency. The audit function provided valuable insights that helped streamline patient care processes and enhance regulatory compliance strategies, supporting Yochem Health’s mission and strategic objectives. The strategic audit plan’s adaptability allowed the function to remain relevant and responsive to the organization’s needs.

Reflection

Yochem Health’s experience demonstrates the transformative power of strategic planning within the internal audit function. By aligning audit activities with organizational strategies and ensuring flexibility to adapt to changes, the internal audit function can significantly contribute to achieving strategic objectives and enhancing organizational performance. This approach reinforces the role of internal audit as a valuable strategic advisor in dynamic and complex environments.

Key Takeaways

Let’s recap the concepts discussed in this section by reviewing these key takeaways:

  • The IA function must align its audit strategy with the organization’s strategic objectives and target risks that could impact those goals. This requires ongoing communication with senior management and the board, a deep understanding of the organization’s strategic direction, and prioritization of audits that address significant risks.
  • Thorough evaluation of both internal and external environments is crucial. This assessment helps identify the organization’s key risks and challenges, providing a foundation for a responsive audit strategy that directly addresses these issues.
  • Establishing short-term and long-term objectives for the IA function is vital. Short-term objectives should focus on immediate risks and compliance needs. At the same time, long-term goals should enhance the resilience and capabilities of the IA function, aligning with the organization’s growth over time.
  • Effective strategic planning involves balancing budget and staffing needs with the necessary audit coverage. This includes making informed decisions about resource distribution to ensure that the IA function can effectively cover identified risks without overstretching its capabilities.
  • Developing an adaptive audit plan that can respond to emerging risks and organizational changes is essential. This flexibility, supported by a risk-based approach and continuous stakeholder feedback, ensures that the IA team remains focused on areas of highest impact.
  • Regular stakeholder engagement is crucial for aligning the IA team’s priorities with broader organizational expectations. This engagement helps gain insights into emerging issues and secures support for audit initiatives, enhancing the relevance and effectiveness of the IA function.
  • Strategic planning for IA should be an iterative process. Continuous monitoring of performance, risks, and feedback is necessary to make timely adjustments to the audit plan, ensuring it remains relevant as organizational needs and priorities evolve.

Knowledge Check

Review Questions

  1. Why is aligning the audit strategy with organizational goals and risks essential for the IA function?
  2. Describe the role of a strategic assessment within the IA planning process.
  3. How does the IA balance resource allocation with audit coverage needs?
  4. What is the significance of developing a flexible and adaptive audit plan?
  5. Why is engaging stakeholders in the strategic planning process necessary for the IA function?

Essay Questions

  1. Explain how the strategic planning process within the IA function can adapt to significant organizational changes, such as mergers, acquisitions, or shifts in market strategy. Please include in your answer the steps the IA team should take to ensure its strategic plan remains aligned with the organization’s new direction and priorities.
  2. Discuss the role of technology in enhancing the strategic planning process within the IA function. How can IA leverage technology to improve risk assessment, audit planning, and stakeholder engagement throughout the strategic planning process?

Mini Case Study

You are a multinational corporation’s CAE operating in various industries, including technology, finance, and manufacturing. As part of your role, you are responsible for strategically planning the internal audit function to ensure alignment with organizational goals and risks.

Recently, the company has expanded into emerging markets and faces increased competition and stricter regulatory requirements. As a result, the board of directors has tasked you with conducting a strategic assessment to inform the planning of the internal audit function for the next fiscal year.

Required: As the CAE, how would you align the audit strategy with the organization’s goals and risks? Provide a step-by-step explanation.

definition

License

Icon for the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License

Internal Auditing: A Practical Approach Copyright © 2024 by Amit M. Mehta is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License, except where otherwise noted.

Share This Book