How can HoA's improve their internal audit function?

The internal audit function is increasingly being recognised as a crucial one, with businesses keen to ensure that they have strong processes in place to measure risk and assess best practice inside their organisation.

However - as with so many other corporate concerns - recognising a problem is not the same as solving it.

In a 2012 whitepaper from EY, 75 per cent of heads of audit (HoAs) accepted that internal audit has a positive impact on their overall risk management - but 80 per cent admitted to having room for improvement in this area.

Key recommendations from the consultancy organisation included the need to tie in internal audit with overall business aims and the implementation of a risk-based audit plan to be assessed each year.

However, making both of these developments work effectively can prove difficult, even for firms that already have a clear idea of the potential risks they are facing.

Marks Sattin has noted a number of key trends within the sector in recent years as organisations attempt to respond to the kind of challenges outlined by EY in 2012.

IT audit skills are becoming more common among workers as the number of firms facing technology risks increases; given how much information is now stored online for the majority of industries, people with experience in this field are likely to find themselves in demand over the coming years.

This is also reflected in a growth in the size of internal audit teams - risk-conscious firms are obviously keen to cover themselves as closely as possible and are willing to spend on talent in order to do so.

Following the high-profile issues that affected the banking sector over the last few years and the stricter compliance regulations that have emerged in the wake of the financial crisis, it seems logical that more companies are keen to develop their risk management.

In the past, audits tended to be given a narrower, more specifically financial focus - however, this also appears to be changing.

With new areas such as the aforementioned IT security and the now omnipresent energy efficiency also coming under the radar of business executives, professionals working in the internal audit sector need to have a wider range of skills and a broader knowledge base.

Because of the sector-specific risk-based functions now carried out by internal auditors many promotions and new roles are filled by people already at a company, who have gained the necessary expertise to focus on certain areas.

While this can make finding senior-level positions harder, it is good news for junior staff looking for a new role as internal audit teams align with operational rather than financial teams, adding to their options.

Admittedly, this isn't true everywhere - for instance, in the US, many auditors are asked to focus more heavily on SOx due to regulatory necessity, meaning they offer less value-adding or complementary input.

However, there is no doubt that we have seen major changes in the internal audit sector over the last few years. Have candidates noticed similar shifts? Comment below to let us know!