The internal audit profession is evolving rapidly, with new demands being placed on internal auditors. It is therefore important to continue to develop your skills and competencies – or risk being left behind.
The function is moving into a more strategic role and its remit is wider than ever before. The landscape of emerging risks brings new challenges too, with the rapid adoption of new technologies leaving organisations more vulnerable to fraud, data breaches and cyber-crime. Many internal auditors will find that they need to have knowledge of IT and cyber-security in order to carry out effective reviews. It’s not just the risks that evolve – methodology has also had to develop to keep pace with techniques such as assurance mapping, lean auditing and root cause analysis becoming more widely used.
Like other professionals, IIA members are required to maintain their professional competence through CPD – continuing professional development. This means you need to plan, undertake and reflect upon your professional development activity.
While CPD has obvious benefits for the individual, employers also see the advantages. Grant Harrison, head of internal audit at BT Group Internal Audit, says: “Internal auditors should strive throughout their careers to achieve the highest standards of professional competency and an essential part of that is to hone their skills and enhance their knowledge by engaging in CPD.” He says the IIA’s CPD accreditation scheme is “a way of demonstrating the organisation’s commitment to our people and to help support the achievement of professional excellence”.
CPD also has an important public protection remit. The financial services regulator expects banks and insurers to have highly skilled internal audit teams with access to the whole organisation. This is to ensure that internal audit plays an active role in supporting management and boards to prevent future problems in the sector.
So what’s the best way to stay up to date?
The IIA’s professional assessment manager Frances Overton, who is responsible for CPD compliance, advises members not to think of professional development as a box-ticking exercise but as a vital part of career development.
“Staying up to date can boost your career prospects,” she says. “It strengthens your professional credibility and makes you more valuable to the internal audit function. Your CPD record is evidence of your commitment to personal development – something to discuss at appraisal time.”
The IIA’s CPD competency framework can help you to plan your activity, but any new learning that impacts favourably on your professional effectiveness counts as CPD.
Overton says: “Our focus is on how CPD can help you to achieve results for you and your organisation. This might be mentoring a colleague, performing peer reviews of audit reports, organising knowledge-sharing events, or sitting on the committee of a charity.”
There are numerous resources to help IIA members stay up to date. Technical guides on the IIA website explain how to audit a range of business functions, detailing the likely risks and responses. There are templates, checklists and case studies, plus courses and workshops providing training on specialist topics such as emerging risks and new technologies.
And IIA members are making the most of these resources, says Overton. “It’s encouraging to see so many of our members positively responding to their CPD responsibilities, with a varied range of activities and experiences being shared.”
CPD: What are the rules?
All IIA members sign up to maintain their professional competence through CPD. Voting members are committed to submitting evidence of this when requested – the IIA contacts a sample of members each year. For information see www.iia.org.uk/cpd
Members who hold an IIA Global qualification, such as the CIA, must adhere to the global body’s CPE requirements to undertake 40 hours of education annually and submit evidence every year. Find out more at www.iia.org.uk/cpe
Failure to meet your CPD requirements can have significant consequences and members found to be non-compliant can be pulled up in front of the disciplinary committee. This can result in suspension from membership and loss of designation.