Main Menu

President's message

April 2014

Oversight, Insight, Foresight

An effective internal audit is the cornerstone of good governance. From what I understand, Internal Auditors who make things happen are characterised by a trilogy of sights: Oversight, Insight and Foresight. When these oversight, insight and foresight elements are inherent in internal auditing, IA effectiveness would become visibly versatile. Its effectiveness comprises two parts, namely, internal auditor effectivenessand internal audit function effectiveness.

On oversight, it assures that the implemented policies and overall performance are met as planned and within the governance framework. Through insight, it provides independent assessment on the effectiveness, efficiency and economy of the processes. And lastly, foresightrequires identifying trends, threats and emerging challenges etc so as to pre-empt serious harm from affecting the organisation.

As an effective internal auditor, he/she must demonstrate competency, independence and objectivity without compromising integrity and confidentiality. More importantly, Internal Auditors must continuously upgrade and keep abreast with new and changing developments in the market to enable effective auditing.

For the internal audit function to be effective in executing activities, it has to be sufficiently resourced with tools and competent staff to evaluate significant risks, appropriately positioned with sufficient organisational authority, and have a close link with management and the board to understand their business concerns and issues in order to be effective. It has to develop skills and capabilities such as risk management, forensic fraud, IT etc to respond to crises.

Effective Internal Auditors who have Oversight, Insight and Foresight, as well as Internal Audit functions which are run effectively, will be ready to contribute fruitfully to the organisation and assist management and the board to discharge their responsibilities well.

Yours Sincerely
Eric Lim

May 2014

Proxies for Gauging IA's Contributions

I am sure that most organisations, big or small, would have Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) which are aligned to their mission and goals.

As Internal Auditors, it is imperative to have a deep understanding of business operations, KPIs and KRIs of the company you work for in order to help the board and management achieve the mission. IA will be treasured for their contribution when the work they do helps their organisation grow profitably toward their business goals, and guards the organisation from internal and external threats.

The job of a CAE entails them to work with management and process owners to identify areas in the audit universe that matter to them most, i.e. areas that enhance their performance (KPIs) and ease the threats (KRIs). They would then prioritise it amongst other processes and incorporate in the annual audit workplan.

The key findings and recommendations of these audits would be key to driving performance and reducing threats. We all know that contributions by IA are difficult to measure especially if they are intangible and take time to germinate but we can at least use the KPIs and KRIs as proxies in our self-performance evaluation.

When management sees that IA contributes to the KPIs and ease the KRIs, this would position IA as essential to a company’s value creation and success.

Yours Sincerely
Eric Lim