Fake omega



By Jené Palmer CA(SA) (CGF Lead Independent Consultant) and peer reviewed by Terrance M. Booysen

The recent public censure and financial penalties imposed by the JSE Limited on Tongaat Hulett Ltd and EOH Ltd for non-compliance with the JSE Listing Requirements, again brings the effectiveness of the internal audit profession (and indeed external audit) into question.  Is internal audit adding value?

The question is relevant to both the public and private sector where examples of financial misstatement and the circumvention of internal procurement policies and procedures are increasingly being uncovered.  In these circumstances, questions need to be asked about the future role and stakeholder expectations of internal audit.

While most organisations’ internal governance instruments (e.g. the internal audit charter) are aligned to the requirements of King IV™ and clearly outline that the CAE (Chief Audit Executive) should be independent of management and should report directly to the Audit Committee, in reality, the role of internal audit is often diluted by an ineffective Audit Committee and/or by a controlling CEO or CFO.  The situation is compounded by the complexities of an increasingly digital business environment which demands a better understanding of the organisation’s strategic intent and risk appetite to enable internal audit to be relevant and effective. The typical reactive risk-based approach to internal audit will need to evolve into a more proactive approach which embraces the business’s strategic drivers and the conditions which give rise to business volatility.

Improving audit quality

While continuous audits will go a long way towards assessing the consistent implementation of internal controls, the CAE and members of internal audit will necessarily also need a broader, more practical understanding of how the organisation deploys technology to achieve its strategic objectives.  This knowledge is critical in ensuring that internal audit processes are properly scoped and are relevant.  A superficial and mainly theoretical knowledge of industry best practice applicable to the different areas of the business will not add value in assessing the financial and non-financial controls.  The Audit Committee should consider the extent to which the internal audit function may need to be outsourced to multiple service providers who are experts in their field, so as to achieve the desired level of comfort that internal controls are being appropriately applied across the business.

In addition, the Audit Committee (and indeed the CAE) should ensure that the internal audit plan is sufficiently comprehensive to proactively address all areas of the business over time.  The Corporate Governance Framework® plays an important role in prioritising areas for internal audit and highlighting the levels of governance, risk and compliance (GRC) maturity associated with each area.  Indeed, the governance framework presents an opportunity to strengthen the second and third lines of defense and to improve the quality and integrity of the organisation’s integrated reports.  The mandating of XBRL reporting and the requirement for meaningful sustainability reporting should also inform the scope of the organisation’s internal audit plan.

“The purpose of an audit is to help establish and maintain deserved confidence in a company, in its directors and in the information for which they have responsibility to report, including the financial statements.”

Sir Donald Brydon (CBE)
December 2019

Against this backdrop, the role and value of the internal audit function should evolve to a combination of watchdog and strategic advisor in the areas of GRC.  As such, internal audit will need to get more involved in the organisation’s strategic planning and risk management processes – while at the same time remaining independent. Not an easy feat!  However, this approach is necessary given that internal audit is increasingly expected to act in the public’s interest across a broad range of matters and make a demonstrable impact on the organisation’s credibility and long-term sustainability.


Words: 589

For further information contact:

CGF Research Institute (Pty) Ltd 
Jené Palmer CA(SA) (Lead Independent Consultant) 
Tel: +27 (0)11 476 8264 | Cell: +27 (0)82 903 6757
E-mail: jpalmer@cgf.co.za
Web: www.cgfresearch.co.za

CGF Research Institute (Pty) Ltd 
Terrance M. Booysen (Chief Executive Officer) 
Tel: +27 (0)11 476 8264 | Cell: +27 (0)82 373 2249 
E-mail: tbooysen@cgf.co.za
Web: www.cgfresearch.co.za


Follow CGF on Twitter: @CGFResearch

Click below to

Attached Files

Comments are closed.

Showing 0 Comment