Internal Audit Is Not the Wedding Planner — And That’s the Point
What Looks Seamless Is Often Anything But
Recently, I attended a large, multi-day destination wedding in Kuala Lumpur, a vibrant celebration with multiple ceremonies, traditions, and guests flying in from around the world. With the couple based overseas, the event required extensive planning, coordination, communication, and reliance on multiple parties working together across locations, timelines, and expectations.
And this was not just any wedding. There were multiple traditional ceremonies, countless outfit changes, hair and make-up schedules running with near-clockwork precision, wardrobe coordination, and movements across different venues for the pre-events and wedding itself. Add to that the dynamics of extended families, in-laws, differing personalities, and well-meaning opinions from all directions, and it quickly became clear that making the entire celebration feel seamless was no small feat.
Yet from the outside, everything appeared effortless.
But of course, it was anything but.
Behind the scenes was an intricate web of planning, communication, coordination, and contingency management. Vendors, family members, logistics teams, and cultural expectations all had to come together with precision. It was a masterclass in managing complexity - one that felt surprisingly familiar.
It reminded me of the environments internal auditors operate in every day.
Where Risk Really Sits
Organisations today are complex ecosystems. Multiple stakeholders, competing priorities, cross-border operations, and third-party dependencies are the norm. Like a multi-day wedding, success depends not just on individual components working well, but on how effectively everything comes together.
Risks rarely sit neatly within one area. They surface at the points of interaction, where communication is unclear, responsibilities overlap, or assumptions go untested. These are often not failures of individual processes, but rather gaps in coordination and control.
From a risk and control perspective, these intersections matter most. Controls may exist within functions, but unless they are aligned and operating cohesively across the end-to-end process, vulnerabilities remain. What appears well-managed in isolation may not hold up when viewed holistically.
This is where critical thinking becomes essential - the ability to step back, challenge assumptions, connect information across silos, and identify risks beyond what is immediately visible.
Why Roles Matter
At the wedding, the planner was at the centre of execution. They coordinated every detail, solved problems in real time, and ensured the event unfolded as intended. Their role was to make things happen.
Internal audit, on the other hand, plays a fundamentally different role. It is not the “wedding planner” of the organisation. It does not own execution, nor run the show. Instead, it helps organisations be aware of potential risks and blind spots, and to be prepared when things do not go according to plan. When engaged early, internal audit can also provide valuable perspective on organisational preparedness, supporting the profession’s aspiration to be a trusted and go-to function as expectations continue to evolve.
From Plans to Readiness
Internal auditors are increasingly expected to look beyond compliance and provide a more holistic view of organisational readiness. This includes assessing whether risks are adequately identified, controls are sufficiently designed, and whether there is alignment across functions.
At the wedding, contingency planning was clearly in place; for timing delays, weather changes, and last-minute adjustments. What stood out, however, was how seamlessly different parties worked together when plans shifted.
This is a useful reminder that controls are not just about documentation or design. They are about whether processes can adapt and continue to operate effectively under changing conditions.
The Human Factor
A less visible, but equally important, aspect of both weddings and organisations is culture and behaviour.
No amount of planning or control design can fully compensate for poor behaviour under pressure. When issues arise (as they inevitably do), it is the behaviour of individuals and teams that determines whether problems are surfaced early, addressed constructively, and resolved effectively.
In organisations, this has direct implications for risk management and governance. A culture that encourages openness, accountability, and timely escalation strengthens control effectiveness. Conversely, where there is reluctance to speak up or challenge assumptions, even well-designed frameworks can be undermined.
Internal audit plays an important role here, not only assessing processes and controls, but providing insight into whether behaviours align with organisational expectations and support effective risk management in practice.
When It All Comes Together
Ultimately, a well-run wedding is remembered for its joy, not its logistics. The success of the event lies in the experience it creates, not the complexity behind it.
The same can be said of well-run organisations. When things work well, the underlying coordination, discipline, and control environment are largely invisible - yet these are precisely the elements that enable organisations to navigate uncertainty and deliver outcomes with confidence.
Internal audit may not be centre stage, but its role in strengthening coordination, identifying control gaps, and providing assurance over organisational readiness is essential. In an increasingly interconnected environment, this role has never been more important.
Perhaps that is why, somewhere between the ceremonies, outfit changes, shifting schedules, family dynamics, and countless moving parts of the wedding weekend, I found myself thinking about internal audit. Not because internal auditors see risk everywhere, but because the profession trains us to look beyond what appears seamless on the surface. It encourages us to understand what holds things together, where vulnerabilities may sit, and what enables outcomes to come together successfully in the end.
Sunita Kaur is a Certified Internal Auditor and Technical Director with IIA Singapore. She was astonished to find herself thinking about internal audit at a wedding!
