Frequently Asked Questions about Developing and Maintaining an Effective Internal Audit Function

Frequently Asked Questions about Developing and Maintaining an Effective Internal Audit Function

The internal audit (IA) profession has undergone remarkable growth since 2004, when we published the first edition of our Guide to Internal Audit. At that time, we determined guidance was needed to address a number of pivotal regulatory developments, most notably the revised listing requirements from the New York Stock Exchange (NYSE) that stated for the first time, “Every listed company must have an internal audit function.”

Five years later, companies are far more likely to have in place highly developed IA functions that address not only the NYSE standards, but also the SEC’s interpretive guidance on Section 404 of the Sarbanes-Oxley Act and PCAOB Auditing Standard No. 5 (AS5), An Audit of Internal Control Over Financial Reporting That Is Integrated With an Audit of Financial Statements, both of which were finalized in 2007. These regulatory developments have had a significant impact on internal audit functions. Given these and other changes, as well as the many lessons learned since the enactment of Sarbanes-Oxley in 2002, we decided our clients and the business community could benefit from a second edition of our resource guide of frequently asked questions about the practice of internal auditing.

Guide to Internal Audit is designed to be a helpful and easy-to-access resource that IA professionals can refer to regularly in their jobs. The publication offers detailed insights into everything from building an IA function to managing and improving the function as the organization evolves. To facilitate the location of topics of most interest to our readers, the questions are divided into eight sections. In the table of contents, new and significantly revised questions from the first edition are noted with an asterisk. Many of these new questions focus on Sarbanes-Oxley best practices and the ever-expanding role of IA functions.

As can be seen in our new questions and responses, the requirements – and some might say burden – of Sarbanes- Oxley compliance have eased over the past few years. Companies have developed best practices gained from hard-earned experience – and consequently, have greater confidence than before to adopt such practices. And as a result, costs for Sarbanes-Oxley compliance have begun to fall. According to a recent survey by the Financial Executives International (FEI), Section 404 auditing costs have dropped by 5.4 percent. This is in line with Protiviti’s 2008 rebalancing survey findings,1 which found that both the SEC’s interpretive guidance on Section 404 and PCAOB AS5 are having their desired effects of making Sarbanes-Oxley compliance easier and more cost-effective for organizations – enabling them to devote more of their time to more traditional and broader internal auditing responsibilities.

The IA profession has undergone significant changes since the NYSE issued its new listing standard requiring an internal audit function, and it is likely the landscape will be different in another four years. At Protiviti, we look forward to assisting organizations and their internal audit functions in addressing the current landscape along with the many changes that undoubtedly lie ahead. We hope this resource guide proves beneficial as part of your efforts to enhance your internal audit processes for the betterment of your business.

Loading...