Six months into the year, and many of us are turning our minds to the impending implementation of the Global Internal Audit Standards (GIAS). This is a time to reflect not just on what it means for our functions, but to also consider the profession. The GIAS are a unique fabric that binds the profession, globally. Day-to-day, IIA-Australia is focused on serving our members locally. But we are also part of something bigger – 117 countries united in championing standards-based internal audit.
Last week, was the IIA Global Assembly, which is the once-a-year opportunity for these 117 IIA affiliates to come together and collaborate for the advancement of the profession in each of our countries. It was an honour to represent IIA-Australia, so I thought I’d share some key insights.
- Release of the Vision 2035 global report – an extensive qualitative and quantitative study on the future of our profession. One of the findings that struck a chord with me is the ‘blurring’ or the three lines, with 70% of survey respondents saying that their internal audit role encompasses non-internal audit work, including fraud investigation, compliance and risk. This validates IIA-Australia’s strategic focus on incorporating GRC for an Integrated Three Lines offering and presents an opportunity for us to work with IIA Global to advance how we support this changing nature of our profession.
We will receive Australian specific data soon, and we will share a more detailed article.
- IPPF, Global Standards and Topical Requirements – one of the most valuable aspects of the Global Assembly is the ability to share views, especially when there are significant differences. This was the case for a few elements relating to the evolution of the Standards.
One area of debate was on nomenclature – is it IPPF (a Framework) or GIAS (a Standard). The Global Standards Board hold a purist view that the IPPF is the correct overarching term. However, many participants, including Australia, argued that when speaking with stakeholders, a ‘standard’ carries more weight than a ‘framework’. While in practical terms a name is just a name, to advance the profession, the language we choose needs to resonate with those outside the profession.
A more controversial area of debate was on the findings from the consultation period for the draft Cybersecurity Topical Requirement. The major sticking point is that the proposed Requirement is both a mandatory requirement and a minimum baseline far below what many are required to do under other regimes such as in financial services. Many, including Australia, argued that, because the draft Topical Requirement is a minimum baseline, it should be guidance rather than mandatory to save administrative burden and devaluing of IIA Standards generally. As is the beauty of open dialogue, the Assembly was assured that, like the Global Internal Audit Standards, it’s likely the final version will differ markedly as the feedback received is incorporated.
- Setting the future for the profession. Australia is just one of the 117 affiliates, but historically, we have ‘punched above our weight’ in terms of leadership. This is because many of our members have given their time freely to support the IIA locally and globally. This year’s notable mentions are:
- Sally-Anne Pitt who has just completed her term as Global Chair and will continue for another year on the Board
- Tania Stegemann who is the Chair of the Global Guidance Council
- Stephen Tiley who is both an IIA Australia Board member and supported the IIA globally through the Vision 2035 Advisory Group.
The next call for volunteers is expected soon, so if, like me, you want to see the profession advance, let us know your interest.