ERP,内部审计,期刊杂志
Choosing a new, strategic path
Between now and 2012, the controls-focused approach that has
dominated internal audit functions on a global basis is expected to diminish significantly in value. As this change occurs, internal audit leaders in Asia Pacific will need to redefine their fundamental value propositions and adopt risk-centric mindsets if they expect to remain key players in assurance and risk management.
In today’s global marketplace, internal audit groups find themselves at a strategic crossroads with two primary options: They can pursue the
status quo, a path that could lead to functional obsolescence. Or they can take a risk-centric, strategic approach to their work, moving beyond the fundamentals of risk and controls to create a new value proposition wherein internal audit provides risk management assurance as well as assurance over controls (see Figure 1). Without question, the latter, strategic path is more likely to address the changing needs of Asia Pacific organisations and meet the rising expectations of senior management and audit committees.
Figure 1: The shifting focus of internal auditThe 20th-centuryToday’s typical
The risk-centric
internal audit model
internal audit model
internal audit model of tomorrowControls assurance based onControls assurance based onAssurance on the effectivenesscyclical or routine audit plans
risk-based internal audit plan
of risk management in additionto controls assurance
For internal auditors, adopting a risk-centric mindset means taking an all-inclusive, conceptual approach to audit, risk assessment and risk management that extends well beyond a narrow focus on controls. With such a mindset, internal auditors can increase their functional value at a time when risk assessment and risk management have become primary stakeholder concerns.
Internal Audit 2012 – Asia Pacific Supplement