Turning Up the Heat in Internal Audit – Part 1
By Jason Rohlf
I have never been a big fan of heat. Even at a young age, I always favored wintertime activities like hockey, skiing and sledding over being outside in the sweltering heat of summer. However, as I’ve gotten older, I’ve become a bit less enamored with cold weather and have learned to enjoy (OK tolerate) higher temperatures.
But I’ll be honest. We are smack dab in the middle of the dog days of summer, and I’m done with the hot weather. Living in Kansas City will do that to a person. We have the one-two punch of high temperatures and high humidity that makes you feel like your skin is burning and drowning at the same time. Doesn’t that sound like fun?
Given this perspective, you can imagine my delight when I found out that I’d be attending a conference in Phoenix in the middle of August. A quick check of the weather informs me that I should expect an average high temperature of 109, with lows around 84. “But Jason, it’s a dry heat!” Dry or not, 109 just seems a bit absurd. Instantly my head fills with “it’s so hot” one-liners. For example, it’s so hot….
…the chickens are laying hard-boiled eggs
…the cows are giving evaporated milk
…I discovered asphalt has a liquid state
…the trees are whistling for dogs to come over
You get the point. You may be asking yourself, “What could possibly compel someone who doesn’t like heat to travel to the desert in August?” The answer is simple: I have the distinct pleasure of attending the 2015 Governance, Risk and Controls Conference, hosted by the IIA and ISACA. I’ve been to this conference a couple of times before, and it’s always an excellent experience, complete with great speakers, interesting topics and highly engaged participants. I’ve always come away from the conference smarter than I was before, and for that reason I’m happy to be heading back.
One of the reasons I’m so excited about this year’s event concerns the IIA’s recent updates to its Professional Practices Framework. Back in March I wrote a blog entitled “Internal Audit: Moving Forward or Standing Still,” where I expressed concern about resistance to change within the profession. Although I’m not currently an internal audit practitioner, I was for over 12 years, and since then I have spent my career designing solutions and processes that enable, support and improve the valuable work that internal auditors perform. I have great respect for the profession, and clearly the IIA does as well as evidenced by the progress they continue to make. The message they have sent is simple: resistance to change is no longer an option.
This is the first article in a three-part series I’ll be posting throughout the GRC Conference in Phoenix. My intent is not to dissect the IIA’s changes in minute detail. There have been a number of great pieces written on this topic, and I encourage you to jump over and read what those on the forefront of internal audit are saying, particularly a recent article by Norman Marks and Kristen Gantt that offers a compelling view of the internal audit department of tomorrow. What I would like to do (in the next installment) is summarize some of the key takeaways and offer my own perspective on why I’m encouraged by the direction taken by the IIA. Stay tuned for more on Monday.
Image Source: Weather.com forecast for Phoenix, Arizona