The Institute of Internal Auditors said the findings from its annual survey of 630 internal audit executives painted a “troubling picture”.
Many internal audit functions are failing to allocate a portion of their audit plans to certain key risks, in particular sustainability.
Of the executives who responded to the 2020 North American Pulse of Internal Auditors, 90 per cent said they did not plan to devote any part of their annual audit plan to sustainability, despite it being a growing area of concern among investors.
One-third of respondents from mining, quarrying or oil and gas extraction companies reported devoting ‘some’ part of their audit plans to sustainability, which the IIA identified was “by far” the highest among industry types.
But in another survey conducted by the IIA among chief audit executives (CAEs) for its OnRisk 2020 report, sustainability was among the risks expected to see the highest growth in terms of relevance to organisations over the next five years.
The 2020 North American Pulse survey revealed the other key risks being overlooked in audit plans, as 52 per cent said their functions allocated no resources to auditing third-party relationships, while 55 per cent do not assess governance and culture.
The IIA called its findings related to cybersecurity the “most surprising and alarming”, as 32 per cent of those surveyed said they do not expect to allocate any internal audit resources to cybersecurity, rising to 54 per cent among public sector functions.
But among financial services, only 20 per cent have not included cybersecurity in their audit plans for the coming year.
When asked to rate the maturity of their functions based on descriptions of audit functions in the Internal Audit Ambition Model, one-fifth of audit leaders rated their maturity below the level where the internal audit function conforms to IIA Standards.
In its Pulse report, the IIA said it was “encouraging” that eight in 10 respondents rated their functions at levels that support strategic risk management, long-term planning, and continuous improvement.
The latest Pulse survey also found that across virtually all business types and industries the percentage of women in internal audit leadership roles is growing, up from 33 per cent of survey respondents in 2017 to 40 per cent in 2020.
It indicated that the public sector leads the way when it comes to gender diversity, as it is the only category for which the percentage of female CAEs, at 52 per cent, exceeds that of males, at 43 per cent.Last Updated: 21 March 2020