Audit & Risk

Internal audit is key to supply chain competitive advantage

Are supplier risks high enough on your companies risk register? Ian Peters, CEO of the institute, looks at what internal audit can do to raise the profile of supply chain risks in businesses.

in CEO Blog.

Sophisticated global supply chains increase competitiveness, efficiency and cost effectiveness. But supplier failures on any geographical scale of business and in any sector can cause massive damage. The news media, itself a highly effective global supply chain, creates instant worldwide awareness of supplier problems, which can have a swift and significant impact on an organisation’s reputation, profitability and shareholder value. 

The financial consequences of poor management of risks and controls within organisations in the supply chain, whether endemic or isolated lapses can be substantial. The Gulf oil spill has cost BP over $40bn and reduced the company’s worth by nearly two thirds at the height of the crisis. RBS-owned NatWest’s botched software upgrade, which resulted in thousands of customers being locked out of their bank accounts, has cost the bank £175m in compensation. Tesco lost £1m in sales during the horse meat in food products revelations, which also wiped £300m off its market value. 

So, given its increasing significance, are supplier risks high enough on your company’s risk register? Are internal audit teams sufficiently well resourced, tasked, supported and skilled to assess the management of risk within their strategically important suppliers? Equally important, are assessments of risk maturity being made that help to determine the priority with which internal audit should treat supplier risks?

Supply chain experts have created many tools and frameworks to support the management of supplier risks, such as risk profiling techniques and the use of financial modelling to understand the impact of supplier failure. These work best alongside internal audit teams who are close to the audit committee and the executive on supply chain issues and helping to build the right attitude to risk. Such relationships ensure, for example, that supplier tendering processes are reviewed by internal audit and, once a supplier is appointed, that contract negotiations with the selected supplier include access for internal audit to assess a supplier’s own risk management and controls or are able to view the supplier’s own internal audit reports. 

Not only does this level of scrutiny enable a healthy and risk-aware approach on both sides of the supply deal, but it allows possible problems to be addressed at the earliest possible opportunity. Contracts that omit this can be difficult to renegotiate and opportunities to build positive risk-focused relationships between the organisation and its suppliers are lost. This could have long term strategic consequences. If effective supply chains are increasingly a key element of competitive advantage, then internal audit teams highly engaged in this aspect of the business are also critical to an organisation’s competitive edge.

The IIA: find out more

Visit the main IIA site

Jobs

Senior Auditor

Ref: HE/3188
Directorate: Finance & Business Services
Location: Nationwide
Salary: £40,188 - £44,208
Number of Positions: 5
Full-time

Principal Auditor

Salary: £36,937 - £39,660
Permanent – 37 hours
Location: Westgate Plaza One, Barnsley, South Yorkshire

Careers advice

Destination designation

The Chartered IIA is keen to work with organisations that want to ensure all their internal auditors have the right skills to succeed in today’s industry. One of these is Citigroup, which recently launched a training scheme accredited by the institute and put 20 senior internal auditors through the Chartered by Experience route to achieve CMIIA. So what does this look like in practice?
Words: Ruth Prickett

Gold standard – the value of recognition

Being chartered demonstrates your skills and competence and gives you influence within both your organisation and the wider profession. All dedicated internal auditors should aspire to it, writes Ian Peters, chief executive of the IIA.

Chartered by Experience

There is a new route to becoming a chartered internal auditor: Chartered by Experience.

Training & Development

Destination designation

The Chartered IIA is keen to work with organisations that want to ensure all their internal auditors have the right skills to succeed in today’s industry. One of these is Citigroup, which recently launched a training scheme accredited by the institute and put 20 senior internal auditors through the Chartered by Experience route to achieve CMIIA. So what does this look like in practice?
Words: Ruth Prickett

Gold standard – the value of recognition

Being chartered demonstrates your skills and competence and gives you influence within both your organisation and the wider profession. All dedicated internal auditors should aspire to it, writes Ian Peters, chief executive of the IIA.

PwC launches cyber-breach simulation game for executives

Big four consultancy PwC has launched "Game of Threats" – an interactive game to teach senior executives the risks of cyber-attacks and encourage them to test how they would respond in real time.

Tools

Harnessing the power of technology in ERM: driving a continuous and verifiable process

Sponsored content
Some of the greatest strides in the formalisation of enterprise risk management (ERM) have occurred within the past decade – prompted by problems such as the global financial crisis and the increasing threat of cyberattacks. So how do organisations effectively focus on a formalised risk management structure? Workiva's white paper "Harnessing the Power of Technology in ERM: Driving a Continuous and Verifiable Process" suggests some answers.

You asked us

Our technical helpline provides valuable advice to members on a host of professional issues. Here are some of the questions you’ve recently asked.

Raising Standards

IIA Global is introducing two new professional Standards and updating some of its existing Standards with effect from 1 January 2017. So what are the changes?