A few weeks ago, Audit International met with a self-described “introverted” business leader. This business leader confided to us that introverted individuals have a harder time climbing the corporate ladder. The individual went further in claiming that recent research shows that it is worst for women, as introverted women are seen as less assertive and lacking in leadership traits.

Conversely, the business leader pointed out that recent research also shows that introverted individuals actually make better leaders, but because they are not as assertive as their extroverted counterparts, they are not equally represented in leadership positions. That took a minute for us to reflect on. It was one of the most thought-provoking discussions we’ve had in recent weeks.
Curious by the proposition and wanting to see what statistics we could get on the topic ourselves, we set out to create several online polls. Initially, we just asked a simple question:

Do you consider yourself an introvert or an extrovert? Here are three things we learned from asking that and some follow-up questions:

People Do Not Like Binary Options on Personality Traits
In two separate polls across different platforms, we received similar feedback:

“No room for those who don’t fall into these binary groups?” was one of the first responses.

“Some people vary based on their environment,” and “I believe there should be space in between the two,” were two responses that quickly followed.

“Do you have a definition of introverts and extroverts?” was the last question.

Even when we tried to foolishly define the terms we were met with a big, “it depends.”

Lastly, we received the one-word response that took my approach in a different direction: “ambivert.”

The Power of the Ambivert
A full 70 to 80 percent of internal audit professionals considered themselves introverts when only given two choices on the introvert vs. extrovert spectrum. However, in follow-up polls, when the ambivert option was introduced, the results were different. Vastly different. Nearly half of the introverts from the initial polls now classified themselves as ambiverts. Ambiverts were now, in two separate polls, the largest group.

So, what does that mean?

Maybe we’re being foolish again, but here is our theory: Introverted ambiverts are those who usually keep to themselves and don’t brag about their accomplishments, but when the stars align and the spotlight is on them, they shine.

When Audit International first started in the internal audit profession, we worked with two introverted gentlemen. They generally kept to themselves in the day-to-day audit process. But, when they led projects, they had absolute killer instincts.

In that group, they audited the Latin America region, so depending on the country visited they would switch from English to Spanish or Portuguese and back to English with pure finesse. Audit clients would be at ease with their approach and communication style. Anyone who had only known them for that period would swear they were extroverted individuals. But they were not. They were ambiverts.

And that is the power of the ambivert: Killer instincts when it matters.

Extroverts Are Disproportionately Represented in Leadership Positions
Back to the business leader’s proposition that introverted individuals get the short end of the stick when it comes to leadership positions. Was that the case? Based on my poll results, yes.

Extroverts represented approximately one-fourth of the sample population of internal audit professionals. However, they represent one-third of those professionals in leadership positions. Introverts, excluding those with ambivert traits, represented over a third of the sample population of internal audit professionals, but only 10 percent of those in leadership positions. These statistics can be even more accentuated when it comes to female leaders.

A burning question then came to mind. Do extroverts make better leaders? Would that be the reason they are overrepresented in those positions?

Audit International set out to attempt to answer that by asking the community about their experience with their previous leaders. Were their best leaders introverts or extroverts? For this last poll, we purposefully left the ambivert option out.

The results? Extroverts were slightly at an advantage, 53 percent versus 47 percent. In other words, the “best” leader being an introvert or extrovert had close to the same likelihood as the flip of a coin.

How come we don’t have more introverted leaders if they are just as good as extrovert ones?

We don’t have any statistics there but, in my opinion, it’s likely because extroverts are seen as better communicators, and being a good communicator is a sought-out trait in effective leaders.

Should Introverts Lose all Hope?
No. Introverts in some circumstances may have an advantage over extroverts. Another reason is that in [internal audit], passion for the role is important to the impact that you can have on the organization. An introvert has to put a bit more effort into the work than an extrovert does, and I’ve seen several times where this translated to the level of commitment and effectiveness to the role.”
It might even be concluded that an introvert displays more active listening skills and empathy, which is also essential in leadership roles.

Audit International are specialists in the recruitment of Auditors and various Corporate Governance Professionals including Internal Audit, Cyber Security, Compliance, IT Audit, Data Analytics etc. across Europe and the US.

If you would like to reach out to discuss your current requirements, please feel free to reach us via any of the following:
Calling
– Switzerland 0041 4350 830 59 or
– US 001 917 508 5615
E-mail:
– info@audit-international.com

Here at Audit International, we understand that virtual interviews have become the go-to method of interviewing. So how do you prepare?

Lights! Camera! Action! Are you mastering virtual interviews in your job search?

According to this survey, 33% of employers have an exclusively remote interview process with 21% holding in-person interviews for the final round only.

Audit International might be being “Captain Obvious” here, with a list of the five ways to avoid sabotaging your interview:

1. COMMUNICATE YOUR CALENDAR
If you live with others, let them know when you have a scheduled interview to prevent any interruptions. Take a step further with a sign on the door, locking the door to prevent people from barging in and closing windows to prevent outside noise.

2. FIND A NEUTRAL BACKDROP
Create a distraction-free environment. Test the audio and video to ensure sound is clear, lighting is strong, and the laptop is the right height. In addition, consider purchasing a ring light that attaches to your laptop for optimal lighting. Best to use a natural background rather than a filter.

3. CLEAR YOUR SCREEN
Close all windows and applications on your laptop. Mute any default notifications on all nearby devices so your interview is uninterrupted by pings or ads popping up on open tabs.

4. ESTABLISH GOOD EYE CONTACT
Make eye contact during the interview to establish trust, convey confidence, demonstrate professionalism, and indicate interest.

5. PREPARE FOR THE UNEXPECTED
“If you take these steps to rid your interview space of potential distractions, you’ll be able to focus on what really matters—connecting with the interviewer across the screen, demonstrating your qualifications, and learning more about the opportunity to determine if it’s right for you.”

Are there any other top tips you can think on to add to the list?

Audit International are specialists in the recruitment of Auditors and various Corporate Governance Professionals including Internal Audit, Cyber Security, Compliance, IT Audit, Data Analytics etc across Europe and the US.

If you would like to reach out to discuss your current requirements, please feel free to reach us via any of the following:
Calling
– Switzerland 0041 4350 830 59 or
– US 001 917 508 5615
E-mail:
– info@audit-international.com”

In this final article of the series, Audit International focus on the third element of ESG- Governance risk. This differs from the first two elements – Environmental and Social – in that several governance risks have long been recognized and included in our audit plans. However, many more have recently gained prominence. Therefore, it is important that internal audit understands these risks and is well positioned to provide assurance.

Governance risks :

Some governance risks are broad in nature. Others, are very narrow. Some have little in terms of universal benchmarks, while others have well-established frameworks or regulations. Here are some of the main risks that should be considered:

– Shareholder rights and engagement – are there any limitations on certain classes of shareholders, and does the business engage effectively on important issues?
– Board structure and diversity – are there independent directors, and does the board have sufficient diversity of experience, style, and background? Increasingly, neurodiversity is a consideration, and in some countries a workers’ representative is a requirement.
– Executive compensation – is this structured to be in line with corporate objectives, and is it consistent with peers in comparison to the wages of other staff?
– Anti-bribery and corruption – many countries have a comprehensive legal framework.
– Tax transparency and policy – what is the organization’s approach to tax, and particularly the jurisdictions it operates and pays taxes in?
– Ethics and culture – a broad topic, ethics encompass all the above and more. Culture has become a hot topic over the past 15 years with the link between a strong organization-wide culture and performance becoming increasingly apparent.
– Data protection – often also included as a social risk, good information governance is relevant here as well.
– Typical impacts for the organization will be reputational, legal and regulatory, people, financial, and ultimately strategic.

Getting started – Determining the key risks :
Compared with environmental and social risk, it is much more difficult to take a holistic approach to governance risk, given the breadth of topics. However, it is likely that many activities and risks are already in your audit universe. A governance code may have been adopted by your organization, although these may only cover some of the issues described above. Understanding the relevant governance code(s) –mandatory or optional – is a good starting point. This will depend on jurisdiction(s), market listings, regulators, and industry practices. Governance codes can be principle-based or more prescriptive, and will typically define some or all of the following, often on a “comply or explain” basis:

– Clarity of purpose
– Leadership
– Integrity
– Board composition and division of responsibilities
– Board effectiveness
– Decision making
– Risk management, internal controls, and audit
– Accountability, transparency, and reporting remuneration

In understanding governance risks, you should also take into account what specific legal or regulatory requirements there are around any of these issues. This may include reporting requirements around diversity or executive pay or matters which must regularly be reported and considered by the board. Also, consider what other stakeholder expectations are relevant. This is likely to focus on investors, as they have been increasingly vocal and prepared to vote against boards that do not adequately address specific issues.

With this background information, along with your consideration of the issues highlighted earlier in this article, you can ensure your risk assessment incorporates relevant governance risks.

How internal audit can make an impact :
As always, we should leverage work done by the first and second lines in considering where we can make the biggest impact. We should consider our risk assessment alongside any new information we have about regulatory changes, emerging issues in our sector, or jurisdictions, and investor interest.

Some Examples :
– Governance framework
– Governance codes were mentioned earlier in this article. Whether your organization has adopted a code in full or developed its own framework, it will need to produce a regular (typically, annual) report of compliance with the code. Assessing the processes supporting this reporting is often a good way to execute broad audit coverage of governance risks. Such reports are expected by regulators, provide assurance to the board, and are sometimes published (at least in part in the annual report). – Therefore, it is important that they give an accurate picture.

Reports may take many forms and will often include qualitative assertions and specific data or examples. It is important that any data reported is accurate, but equally as important that narrative assertions or examples are supported by evidence. Internal audit can provide assurance over the processes to collate this evidence, ensuring it is complete and accurate and that the right oversight controls are in place. We can also review the report and verify that the conclusions reached fairly reflect the evidence available. Generally, we take a combined approach to provide comprehensive and broad assurance.

Board composition :
Board composition has been under the spotlight, and while practices have improved there is often still a lack of transparency in recruitment, objective evaluation, and diversity. This is a sensitive audit which needs to be conducted by experienced auditors. When done well, it provides real insight and impact.

It is important not to make this about the individuals currently serving on a board, but about the effectiveness of processes around recruitment, structure, skills-determination, and performance evaluation. Consider some or all of the following:

Is there an evaluation of the skills required on the board and an up-to-date skills matrix? Is this specific enough to ensure the board members possess the right range of skills and experience but sufficiently flexible to attract a diverse pool of candidates?
Do recruitment processes include defining an ideal candidate profile, pre-determined selection criteria, and stakeholder involvement in the exercise? Are candidates sourced in a way that ensures a wide pool of candidates, recognizing that there may be a need for confidentiality?
How are conflicts of interest identified and managed?
What are the rotation policies/term limits for non-executive board members?
How is board performance evaluated? Is there a self-assessment process and a periodic independent assessment?
Is there a training plan for the board and individual board members? Is there an individual appraisal process?
Does the committee structure support effective delegation but ensure the board maintains its responsibility for strategy and oversight?
How effective is the relationship between executives and non-executives? Does the structure facilitate both support and challenge?
Is there an effective process for succession planning?
Do boards allow time for open discussions and strategic thinking, as well as formal meetings?
Some of this can be done by document review — including board papers and minutes, skill matrix, recruitment process documents, etc. But much of this will also require interviews with board members and those who support the board, such as the corporate/company secretarial or corporate governance team.

This article concludes the series on what internal audit should know about ESG risks. If you missed the first two articles, be sure to go back and read our previous blogs, to get you up to speed on our suggestions on how internal audit can approach environmental and social risks.

“Audit International are specialists in the recruitment of Auditors and various Corporate Governance Professionals including Internal Audit, Cyber Security, Compliance, IT Audit, Data Analytics etc across Europe and the US.

If you would like to reach out to discuss your current requirements, please feel free to reach us via any of the following:
Calling
– Switzerland 0041 4350 830 59 or
– US 001 917 508 5615
E-mail:
– info@audit-international.com”

Audit International are aware that public sector organizations face a variety of risks, ranging from cyber threats to budget constraints to compliance concerns. While internal audit teams in the government sector might not be responsible for solving all those risks, they need to make sure that they are following through with relevant risk management protocols.

Therefore, it is essential that internal audit teams are conducting internal audit risk assessments to figure out what these risks look like.

“Risk-based auditing ensures that the internal audit activity is focusing its efforts on providing assurance and advisory services related to the organization’s top risks… This requires internal auditors to have a working knowledge of basic concepts, frameworks, tools, and techniques related to risk and risk management,” explains the Institute of Internal Auditors (IIA).

In this article, we’ll examine five tips to help public sector internal auditors build better risk-based audit plans. These include:

1) Define your goals
Before you get too bogged down in the specifics of running an internal audit risk assessment, take a step back and consider what you’re trying to accomplish. Doing so includes finding internal alignment within your audit team and with other stakeholders.

As Baker Tilly advises, internal audit teams “should meet with the various stakeholder groups – management, the audit committee, and the governing body – to explain the process, set expectations for the results and listen to any desired outcomes, as a means of adapting the approach or identifying other activities where internal audit can add value.”

2) Organize your data
Conducting an internal audit risk assessment also requires strong data practices. But before you can get to a place where you are using data analytics to identify key risks, public sector organizations often need to organize their data first.

Information might be held in a variety of systems that makes analysis inefficient, if not ineffective. Tools like TeamMate+ use a data exchange API framework to pull together data from different sources, such as governance, risk, and compliance (GRC) systems and enterprise resource planning (ERP) tools, giving you a complete picture of what’s happening within your organization.

3) Get agile
If you go through an entire risk-based audit without getting any feedback along the way, then it’s easy to get off track. For one, risks might have changed from the time the audit started to when it eventually wraps up. And when you present to stakeholder leaders at the end of the risk assessment, it can be tough to then incorporate their feedback into your internal controls and assurance processes.

Engaging in agile auditing can help. By breaking an internal audit risk assessment down into more manageable chunks — where different risk areas go from the planning to presentation stages in short sprints — public sector internal auditors may have an easier time adapting to change and incorporating feedback.

4) Go dynamic
Agile auditing creates a dynamic internal audit risk assessment. Instead of approaching these assessments as an annual occurrence, you can review public sector risks on more of an ongoing basis.

That means collaborating with other departments throughout the year to keep up with emerging risks, which is where good data-sharing practices also come in handy. Dynamic or continuous risk assessments can also result in more frequent reporting so that you can keep everyone in the loop and get their timely feedback. Having a strong internal audit risk assessment tool like TeamMate that can help you simplify risk scoring and create efficient audit reports makes a big difference.

5) Keep up with public sector requirements
Lastly, working in internal audit in the government sector means staying on top of general risks like cybersecurity and financial concerns, along with meeting specific public policy guidelines and regulations. Public sector internal auditors often turn to sources like Wolters Kluwer, which provides resources like webinars and other Expert Insights so you can learn what you need to do to strengthen internal audit as a government organization.

Following these five tips can go a long way toward creating a strong internal audit risk assessment and a better audit process overall. Even if it seems like your organization doesn’t face many risks, conducting a risk-based audit can help you stay on top of any changes to your risk level. Rather than being caught off guard, building a reliable internal audit risk assessment plan can help your organization control risk, however that takes shape.

“Audit International are specialists in the recruitment of Auditors and various Corporate Governance Professionals including Internal Audit, Cyber Security, Compliance, IT Audit, Data Analytics etc across Europe and the US.

If you would like to reach out to discuss your current requirements, please feel free to reach us via any of the following:
Calling
– Switzerland 0041 4350 830 59 or
– US 001 917 508 5615
E-mail:
– info@audit-international.com”

The Characteristics of Highly Successful Internal Auditors
Nobody knows it better than us here at Audit International that Internal auditors are a rare breed. To perform well in their jobs, they must have a set of skills and characteristics that are typically uncommon in one person. For example, they need to be analytical with laser-like focus, while also being “people-persons” with great communication skills. They need to be rule-followers, while also having the creativity and curiosity to blaze new trails. No one ever said it was easy, but becoming a top internal auditor takes dedication, hard work, and, as Liam Neeson said in the movie Taken: “a particular set of skills.”
We recently set out to identify the skills and characteristics good internal auditors must possess to perform well in their jobs. We found that some, like curiosity and integrity, are typically characteristics that are just part of our personality or not. Others, like technological know-how and communication abilities can be learned and honed through professional development and training courses. Others lie somewhere in the middle.
This is by no means an exhaustive list. There are many other skills and attributes not listed here, such as knowledge of the business, project management capabilities, and relationship building that are important to thriving as an internal auditor. Yet these are the qualifications chief audit executives, senior managers, and board members cite most often as the key abilities they are looking for in good internal auditors.
Regardless of how we acquire them, and in no particular order, here are the top six characteristics internal auditors should possess:
1) Great Communication Skills
It’s no secret that internal auditors need to be excellent communicators to execute their jobs well, however, that requirement has only increased as the COVID-19 pandemic closed offices and employees were forced to work from their homes. Now internal auditors must often conduct audits remotely, interviewing process owners and others through phone calls and video conferencing. It’s one thing to assess body language, tone, and facial expressions from across a desk or conference table, but quite another to read those important non-verbal cues during a Zoom call or over some other digital communication platform.
It doesn’t stop there. Internal auditors have many constituencies to serve. From their audit customers to senior management and the board, they must be able to navigate many relationships within the organization and sometimes bridge seemingly conflicting views on what’s important to the company. That takes great communication skills and any internal auditor that doesn’t possess them will likely falter in their roles.
2) Unyielding Curiosity
Good internal auditors ask why? Great internal auditors keep asking “why?” Like a child who follows up one question of “why?” with “OK, but why?” top internal auditors keep asking questions until they fully understand the issues at hand. They are not easily swayed with a pat answer or put off the trail with an explanation that doesn’t quite add up. Their natural curiosity keeps them pushing until they find the answers and explanations that satisfies them—in other words, when there are no more “why” questions to ask.
Such intellectual curiosity doesn’t just serve good internal auditors well in the pursuit of fraud and wrongdoing, either. It helps them fully understand how controls, processes, and business units work, so they can make recommendations to improve them.
3) Technological Savvy
Increasingly, the job of the internal auditor relies on technological tools, such as data analytics, cloud-based application platforms, and data visualization. Indeed, the internal auditor of the future will likely also need to be an expert—or at least proficient—in such areas as artificial intelligence, machine learning, and technologies still out on the horizon. For this reason, internal auditors who don’t embrace new technologies and learn enough about them to at least begin to experiment with new ways of doing things will be left behind. While it’s important to embrace the more recent technologies that internal audit is increasingly coming to rely on to execute its duties, a digital revolution is taking place in just about every facet of the organization. To complete audits of nearly any process or function will require a working knowledge of increasingly complex technologies. It’s true too, that the top risks in any organization typically involve areas like cybersecurity, data governance, and information security, all of which require internal auditors to be tech savvy..
4) Ability to Work Independently and on a Team
It might seem contradictory to say that internal auditors must be able to work on their own, but then also be good team players, but it’s true, and the remote work scenarios brought on by the pandemic have only made it truer. Internal audit has always required a good bit of independent work, but the amount has increased with remote audits and auditors working from home. The ability to work independently relies on such underlying skills as self-motivation, self-management, and accountability. Without daily meeting in the conference room and the chief audit executive looking over their shoulders, internal auditors must be resourceful and reliable to keep projects humming along. That doesn’t mean they no longer have to be able to work well with others. More recent work models, particularly agile audit, require lots of interaction and coordination. This harkens back to the importance of communication abilities, but good internal auditors are also team players.
5) Drive to Be Life-long Learners
I once asked a chief audit executive: What is the single most important thing you look for when you are hiring a new member of your internal audit team? Without hesitation, he said: “I look for someone who is always looking to learn new things.” He explained that internal auditors must be generalists and specialists at the same time. Their jobs will take them to many places and expose them to new knowledge all the time..
The fact that internal auditors get exposure to lots of different aspects and units of the business is certainly one of the benefits of the job, but it comes with challenges. They must be able to constantly digest new information and learn new parts of the business. No two audits are ever the same and without the desire to learn something new, it will be difficult for an internal auditor to approach each new assignment with the sponge-like ability to absorb new knowledge and come up to speed quickly on a process or function.
6) Integrity and Courage
Perhaps above all else, integrity and courage must be at the core traits of a high-performing internal auditor. There will be times when internal auditors are asked to look the other way or ignore some faulty control or management wrongdoing, and they must simply be able to resist the urge. It’s never easy to confront someone who isn’t doing the right thing and bring it to light, but it’s a trait that top internal auditors all possess.
One more thought on integrity and courage: We often think of these things in terms of big crises and scandals, where the internal auditor stands up to an accounting fraud that is taking place in the organization or a CEO who is up to no good. Yet it more often integrity and courage will be called up for small things, where someone is looking to cut a corner or isn’t treating others with respect. This is when integrity, along with a good moral compass can help an internal auditor push past a roadblock and get an audit back on track.
Just Add Hard Work
So, call them what you may: characteristics, skills, qualifications, or abilities, but working on these six things will go a long way toward excelling as an internal auditor. Of course, they aren’t enough in themselves to ensure a quick rise through the ranks of the internal audit team. That requires hard work and dedication to the job. But they will certainly put you on the right track.
“Audit International are specialists in the recruitment of Auditors and various Corporate Governance Professionals including Internal Audit, Cyber Security, Compliance, IT Audit, Data Analytics etc across Europe and the US.
If you would like to reach out to discuss your current requirements, please feel free to reach us via any of the following:
Calling
• Switzerland 0041 4350 830 59 or
• US 001 917 508 5615
E-mail:
• info@audit-international.com”