org name date · the purpose of the stakeholder survey is to identify and articulate: - the...
TRANSCRIPT
![Page 1: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/1.jpg)
Stakeholder Report
1
Org Name
Date
SAMPLE
![Page 2: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/2.jpg)
The purpose of the Stakeholder Survey is to identify and articulate:
- The expectations of Internal Audit stakeholders,including executive management, the Board/AuditCommittee and the CEO.
- How to align and maintain the alignment of the variousexpectations from key stakeholders.
- Opportunities to build and reinforce the relationshipbetween the Board/Audit Committee and Internal Audit.
- The Internal Audit practices and activities that are mosthighly valued by Boards/Audit Committees.
- Best practices regarding performance monitoring,communications and reporting of Internal Audit byBoards/Audit Committees.
This report contains the answers provided from the key stakeholders you have identified within your organization.
2
SAMPLE
![Page 3: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/3.jpg)
Table of Contents
Demographics...........................………………………......................................
Effective strategies for a Chief Audit Executive …………………………..........
Scope for Internal Audit.................…………………….....................................
Involvement with the organization’s strategic risks…………………….............
Avenues to increase involvement with strategic risks……………………….....
Work of internal Work of internal audit according to its importance and level of internal audit performance........................................
Internal Audit Function Maturity Level............................................................
Areas where Internal Audit excels or can enhance it's performance..............
This report contains confidential data and is for the exclusive use of your organization. Distribution to other companies is strictly prohibited. By accepting this document you are consenting to be bound by an agreement between your organization and the Institute of lntemal Auditors (The IIA). Unauthorized reproduction or distribution of this document, or any portion of it, may result in severe civil or criminal penalties.
Your suggestions for improvement are always welcome and can be submitted via e-mail to [email protected].
Page 4
Page 5
Page 6
Page 7
Page 8
Page 9,10,11,12
Page 13
Page 14
3
SAMPLE
![Page 4: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/4.jpg)
Position in the Organization Count Percentage
Board Committee Chair (audit, compensation,
governance, etc.)1 5.9%
94.1%
Board Member/Audit Committee Member (or equivalent
role) – employee of the organization4 23.5%
76.5%
Board Member/Audit Committee Member (or equivalent
role) – not an employee of the organization6 35.3%
64.7%
Chief Compliance Officer (or equivalent role) 1 5.9% 94.1%
Chief Executive Officer (or equivalent role) 1 5.9% 94.1%
Chief Information Officer (or equivalent role) 1 5.9% 94.1%
Chief Legal Officer (or equivalent role) 1 5.9% 94.1%
Chief Operating Officer (or equivalent role) 1 5.9% 94.1%
Chief Risk Officer (or equivalent role) 1 5.9% 94.1%
Total: 17 100.0%
Q1. Which of the following best describes your position with the organization?
5.9% 23.5%
35.3%5.9% 5.9% 5.9%
5.9% 5.9% 5.9%
Board Committee Chair (audit, compensation, governance, etc.)
Board Member/Audit Committee
Board Member/Audit Committee Member (or equivalent role) – not an employee of the Chief Compliance Officer (or equivalent role) Chief Executive Officer (or equivalent role) Chief Information Officer (or equivalent role)
Chief Legal Officer (or equivalent role) Chief Legal Officer (or equivalent role) Chief Operating Officer (or equivalent role)
4
SAMPLE
![Page 5: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/5.jpg)
Q2. What have you found to be the three most effective strategies for a Chief Audit Executive to employ in order to prioritize and address competing demands in the organization? (Please mark the three that apply.)
8%
23% 23% 23%
31%
46%
Strong relationships withoperational and functional
leaders
Regular presence inappropriate Board or
Board committee meetings
Involvement in enterpriserisk management
Other Report directly to AuditCommittee
Effective reporting structure within the
organization – for example, report into Csuite
Top 3
5
SAMPLE
![Page 6: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/6.jpg)
0%
0%
0%
8%
8%
8%
8%
25%
25%
25%
42%
0% 5% 10% 15% 20% 25% 30% 35% 40% 45%
Identify known and emerging risk areas for management
Provide education on risk and controls
Act as facilitator or change agent for major initiatives
Identify appropriate risk management frameworks, practices and processes
Investigate and prevent fraud
Identify costsaving opportunities
Facilitate and monitor data security
Provide advice on new systems and technologies
Provide guidance on risk management processes
Other
Consult on business process improvements
Q3. Internal Audit’s customary role involves providing objective assurance regarding the adequacy of risk mitigation and controlsystems. In addition to assurance, there are areas in which Internal Audit may be involved. Which of the following areas should,beyond assurance, be in scope for Internal Audit? (Please select all that apply.)
6
SAMPLE
![Page 7: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/7.jpg)
Q4. Should Internal Audit have a more involvement with the organization’s strategic risks? (For example: plans for global expansion, new products, new distribution channels)
Neutral – no opinion, 18%
No, definitely, 18%
Probably not, 35%
Yes, definitely, 24%
Yes, somewhat, 6%
7
SAMPLE
![Page 8: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/8.jpg)
67%
42%
42%
8%
25%
Identify and/or communicate key risks related to strategy to the Board and executive management
Focus more on strategic risks during audit projects
Provide advice about risk and controls for new strategic initiatives
Evaluate execution of strategic initiatives
Other
Q5. Please designate which of the following are avenues for Internal Audit to increase its involvement with strategic risks.(Respondents were allowed to choose multiple responses)
8
SAMPLE
![Page 9: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/9.jpg)
Response Not important Low Importance Moderate Importance High importance No Opinion Total
Demonstrates sufficient knowledge about changes in the
business, the industry and relevant regulatory issuesCount 5 3 5 2 2 17
% By Row 29% 18% 29% 12% 12% 100%
Sufficiently communicates its audit plans Count 2 2 6 4 3 17
% By Row 12% 12% 35% 24% 18% 100%
Addresses areas that are significant to the organization Count 2 2 7 0 6 17
% By Row 12% 12% 41% 0% 35% 100%
Communicates timely identified risks to stakeholders Count 3 3 4 3 4 17
% By Row 18% 18% 24% 18% 24% 100%
Assesses controls mitigating operational risks Count 2 4 5 1 5 17
% By Row 12% 24% 29% 6% 29% 100%
Assesses controls mitigating financial risks Count 2 2 4 5 4 17
% By Row 12% 12% 24% 29% 24% 100%
Assesses controls mitigating compliance risks Count 3 4 2 3 5 17
% By Row 18% 24% 12% 18% 29% 100%
Assesses risk management processes Count 5 3 5 1 3 17
% By Row 29% 18% 29% 6% 18% 100%
Assesses governance structure and effectiveness Count 3 4 4 3 3 17
% By Row 18% 24% 24% 18% 18% 100%
Provides useful recommendations addressing the root
cause of identified issuesCount 4 5 6 0 2 17
% By Row 24% 29% 35% 0% 12% 100%
Demonstrates sufficient knowledge about information
technologyCount 2 3 4 2 6 17
% By Row 12% 18% 24% 12% 35% 100%
Demonstrates sufficient knowledge about fraud and
corruption Count 4 3 6 1 3 17
% By Row 24% 18% 35% 6% 18% 100%
Perception of Internal Audit within the organization Count 2 3 6 5 1 17
% By Row 12% 18% 35% 29% 6% 100%
Total: Count 39 41 64 30 47 221
% By Row 18% 19% 29% 14% 21% 100%
Q6. Please provide a response to each of the following statements regarding the work of internal audit according to its importance and level of internal audit performance: (Importance of Topics)
(Respondents could only choose a single response for each topic)
9
SAMPLE
![Page 10: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/10.jpg)
12%
24%
12%
24%
18%
29%
18%
12%
12%
18%
12%
12%
29%
18%
18%
18%
29%
24%
18%
24%
12%
24%
18%
12%
12%
18%
35%
35%
24%
35%
24%
29%
12%
24%
29%
24%
41%
35%
29%
29%
6%
12%
0%
18%
6%
18%
29%
6%
18%
0%
24%
12%
6%
18%
35%
12%
18%
18%
29%
24%
29%
24%
35%
18%
12%
Perception of Internal Audit within the organization
Demonstrates sufficient knowledge about fraud and corruption
Demonstrates sufficient knowledge about information technology
Provides useful recommendations addressing the root cause of identified issues
Assesses governance structure and effectiveness
Assesses risk management processes
Assesses controls mitigating compliance risks
Assesses controls mitigating financial risks
Assesses controls mitigating operational risks
Communicates timely identified risks to stakeholders
Addresses areas that are significant to the organization
Sufficiently communicates its audit plans
Demonstrates sufficient knowledge about changes in the business, the industry and relevant regulatory issues
Not important Low Importance Moderate Importance High importance No Opinion
Q6. Please provide a response to each of the following statements regarding the work of internal audit according to its importance and level of internal audit performance: (Importance of Topics)
(Respondents could only choose a single response for each topic)
10
SAMPLE
![Page 11: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/11.jpg)
Response Very Poor Poor Acceptable Good Excellent Total
Demonstrates sufficient knowledge about changes in the
business, the industry and relevant regulatory issuesCount 3 6 1 1 6 17
% By Row 18% 35% 6% 6% 35% 100%
Sufficiently communicates its audit plans Count 3 6 3 4 1 17
% By Row 18% 35% 18% 24% 6% 100%
Addresses areas that are significant to the organization Count 5 3 4 0 5 17
% By Row 29% 18% 24% 0% 29% 100%
Communicates timely identified risks to stakeholders Count 3 4 2 7 1 17
% By Row 18% 24% 12% 41% 6% 100%
Assesses controls mitigating operational risks Count 5 6 2 2 2 17
% By Row 29% 35% 12% 12% 12% 100%
Assesses controls mitigating financial risks Count 3 3 4 4 3 17
% By Row 18% 18% 24% 24% 18% 100%
Assesses controls mitigating compliance risks Count 3 3 5 3 3 17
% By Row 18% 18% 29% 18% 18% 100%
Assesses risk management processes Count 3 5 5 2 2 17
% By Row 18% 29% 29% 12% 12% 100%
Assesses governance structure and effectiveness Count 6 2 1 5 3 17
% By Row 35% 12% 6% 29% 18% 100%
Provides useful recommendations addressing the root
cause of identified issuesCount 7 2 1 5 2 17
% By Row 41% 12% 6% 29% 12% 100%
Demonstrates sufficient knowledge about information
technologyCount 6 4 3 3 1 17
% By Row 35% 24% 18% 18% 6% 100%
Demonstrates sufficient knowledge about fraud and
corruption Count 1 3 4 1 8 17
% By Row 6% 18% 24% 6% 47% 100%
Perception of Internal Audit within the organization Count 3 4 2 4 4 17
% By Row 18% 24% 12% 24% 24% 100%
Total: Count 51 51 37 41 41 221
% By Row 23% 23% 17% 19% 19% 100%
Q7. Please provide a response to each of the following statements regarding the work of internal audit according to its importance and level of internal audit performance: (Performance of Internal Audit)
11
SAMPLE
![Page 12: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/12.jpg)
Q7. Please provide a response to each of the following statements regarding the work of internal audit according to its importance and level of internal audit performance: (Performance of Internal Audit)
18%
6%
35%
41%
35%
18%
18%
18%
29%
18%
29%
18%
18%
24%
18%
24%
12%
12%
29%
18%
18%
35%
24%
18%
35%
35%
12%
24%
18%
6%
6%
29%
29%
24%
12%
12%
24%
18%
6%
24%
6%
18%
29%
29%
12%
18%
24%
12%
41%
0%
24%
6%
6%
18%
35%
12%
18%
18%
29%
24%
29%
24%
35%
18%
12%
Perception of Internal Audit within the organization
Demonstrates sufficient knowledge about fraud and corruption
Demonstrates sufficient knowledge about information technology
Provides useful recommendations addressing the root cause of identified issues
Assesses governance structure and effectiveness
Assesses risk management processes
Assesses controls mitigating compliance risks
Assesses controls mitigating financial risks
Assesses controls mitigating operational risks
Communicates timely identified risks to stakeholders
Addresses areas that are significant to the organization
Sufficiently communicates its audit plans
Demonstrates sufficient knowledge about changes in the business, the industry and relevant regulatory issues
Very Poor Low Importance Acceptable Good Excellent
12
SAMPLE
![Page 13: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/13.jpg)
Q8. Which of the following best describes the maturity of the organization’s internal audit function?
Initial Stage – Dependent on individual efforts; Ad hoc/unstructured; Outputs are dependent largely on individual skills and position.
Building/Infrastructure Stage – Planning and in process of establishing sustainable and repeatable IA practices and procedures.
Performing/Integrated Stage – IA management and professional practices are both applied evenly; Policies, processes, and procedures are defined, documented, and integrated; organizations at this level are in full conformance with the standards.
Leading/Managed Stage – IA continually improves and innovates its activities regarding governance, risk and control; organizations at this level have implemented a continuous Quality Assurance and Improvement program, anticipating not only reacting.
Controlling/Optimized Stage – IA management and activities are considered optimized for the organization; IA’s insight and advice are actively sought out by management and the board related to governance, risk and control topics; they are a 24%
18%
24%
12%
24%
13
SAMPLE
![Page 14: Org Name Date · The purpose of the Stakeholder Survey is to identify and articulate: - The expectations of Internal Audit stakeholders, including executive management, the Board/Audit](https://reader033.vdocument.in/reader033/viewer/2022042300/5ecba4ce80bfd6196d69333c/html5/thumbnails/14.jpg)
Response 1
Response 2
Response 3
Response 4
Response 5
Response 6
Q9. What are other areas in your organization where Internal Audit excels or can enhance its performance?
14
SAMPLE