Upload
dinhhanh
View
216
Download
0
Embed Size (px)
Citation preview
STOP ACTING
LIKE AUDITORS!
THE HUMAN SIDE
OF AUDITING
May 6, 2016
Steve Goodson, Lecturer
The University of Texas, McCombs School of Business
CIA, CGAP, CCSA, CISA, CRMA, CLEA
Internal Audit Mission
To enhance and protect
organizational value by providing risk-
based and objective assurance,
advice, and insight.
Session Objectives
Discuss the characteristics of the internal audit profession in 2016
Discuss the teachings and philosophy of Larry Sawyer, the “father of modern internal auditing”
Discuss the importance of “the human side of auditing”
Share experiences of group members
Session Objectives(Continued)
Review examples of “things to avoid” in working with management and staff
Given enough time:
Provide an overview of the “Johari Window” model for interpersonal communication
Develop a personal development plan for enhancing interpersonal, communication, and facilitation skills.
IIA Common Body of
Knowledge Study
Feedback from more than 13,500 audit
practitioners in over 160 countries
IIA Common Body of
Knowledge Study
Characteristics of an Internal Audit Activity
Core Competencies for Today’s Internal Auditor
Characteristics of Internal Audit
2016
The IA focus has changed significantly
Less emphasis on:
* operational and compliance audits
* financial risks
* fraud investigations
* internal control evaluations
Characteristics of Internal Audit
2016
New emphasis on:
corporate governance
Enterprise Risk Management
strategic reviews
ethics audits
migration to IFRS Standards
integrated Reporting
Top Core Competencies
Communication skills
Problem identification and solution skills
Understanding the business
Interpersonal skills
Other Core Competencies
Ability to promote the value of IA
Organizational skills
Conflict resolution/negotiation skills
Staff training & development
Change management skills
Actg frameworks, tools, & techniques
IT / ICT frameworks, tools, & techniques
Data Analytics
IIA Guidance
IIA Standard 2420
Quality of Communications
“Communications must be accurate, objective, clear, concise, constructive, complete, and timely.”
Practice Advisory 2420-1
Sawyer Internal Auditor Articles
1988-1992
The Human Side of Auditing
The Leadership Side of Auditing
The Political Side of Auditing
The Creative Side of Auditing
Sawyer’s Words of Wisdom
Popular IIA publication (2004)
Idea came from Texas Leadership Program
Compilation of 25 Internal Auditor articles
Timeless Advice
Sawyer’s
Internal Audit Philosophy
When you point your finger, make sure your fingernail is
clean.
The best question is “Mr. or Ms. Manager, how do you
satisfy yourself that . . . ?”
Politics and culture will win over rules and regulations.
Leave every place a little better than you found it.
Sawyer’s
Internal Audit Philosophy
Know the objectives.
Nothing ever happens until somebody sells something.
Every deficiency is rooted in the violation of some
principle of good management.
Sawyer’s Key PointsThe Audit Process
Reasons for conflict:
Fear of change, exposure, and noncompliance
Audits breed conflict and differences in opinion
Every audit finding is an implied criticism
Sawyer’s Key PointsAuditor Image
General perception of auditors not flattering
Arrogant, demanding, and overbearing vs.
professional, helpful, and supportive
Downputters and naysayers. Looking for
something wrong
Sawyer’s Key PointsRelating to the Auditee
Auditor style and approach makes a difference
Understand management’s needs, motivations
and styles
Emphasize condition and action to correct
Sawyer’s Key PointsReporting
Discuss potential issues and recommendations
well in advance
No nitpicking
Explain the positive results of audits
Give credit for outstanding achievements
No surprises
Sawyer’s Key PointsThe Road Ahead
Cultivate a better understanding of feelings
Don’t attach blame
Explain the audit process
Adopt a more positive reporting style
Obtain top management support
Use a cooperative, problem-solving approach
Improving CommunicationsSome Ideas to Consider
Audit Communications
General Communications
Consultant Role
Integrity
Organization/Team Spirit
Leadership
Build Relationships
Audit Communications
Give management benefit of the doubt
Catch a manager doing something right
Report on positive findings and results
Discuss noteworthy achievements
Do your homework
Be sensitive to the stress and workload
demands of others
Audit Communications(Continued)
No surprises
Solicit ideas and suggestions
Poll the table for comments and opinions
Discuss timelines and expectations
Be willing to hear management out
General Communications
Make personal contacts regularly
Use notes, e-mails, and voice mails
Encourage hallway conversations
Take a manager to lunch
Work on your problem relationships
General Communications(Continued)
Have some knowledge about the person and
the subject matter
Listen to what the others are saying
Don’t interrupt
Confirm and expand on areas of agreement
Seek and find opportunities to negotiate
Consultant Role
Share relevant information (external auditors,
IIA, industry audit groups)
Provide copies of articles of interest
Obtain relevant policies, procedures, and
practices from other organizations
Share “heads up” information on audits and
other items (non-confidential)
Integrity
Follow-up on commitments made
Live by the “Golden Rule”
Show trust and respect
Get involved with accountability, ethics, and
governance issues
Build and keep trust
Organization/Team Spirit
Serve on committees, workgroups, etc.
Volunteer for activities benefiting the
organization
Establish partnerships with CFO, Legal, HR, IT,
Communications, and others
Initiate contacts with new managers
Enhance and nourish current relationships
Leadership
Attend management & Board meetings
Invite managers to IA staff meetings
Welcome opportunities to talk about risk,
controls, and governance
Lead by example
Have a positive attitude
Balance organizational and professional duties
Leadership(Continued)
Consider serving in a management position
Be flexible
Develop a sense of humor
Ask for feedback and listen to it
Be approachable
Practice MBWA
Building More Effective
Relationships
Survey of Chief Audit Executives
What are their ideas?
What can we learn about effective
relationships?
Ideas from Several
Chief Audit Executives
Peer group informal survey
9 experienced CAEs responded
Tips on how to build good relationships with
management?
Things to avoid in working with management?
CAE TipsBuilding Good Relationships
No surprises and no hidden agendas!
Be a working member of the team
Treat managers as partners in the process
Ensure involvement and buy-in
Serve on IT and other workgroups
Participate with management on teams
CAE TipsBuilding Good Relationships
Communicate, communicate, communicate!
Learn management communication preferences
Return calls and messages promptly
Plan and deliver organized meetings
Have an open door policy
Relieve the tension of the audit process
CAE TipsBuilding Good Relationships
Aim for objectivity and balance
Ensure objectives are clearly understood up front
Discuss management expectations
Discuss issues/concerns as they develop
Use positive terms when appropriate
Focus on outcomes and solutions
CAE TipsBuilding Good Relationships
Share preliminary findings/issues
Solicit management thoughts and ideas
Incorporate management’s input
Aim for mutually agreed solutions
Acknowledge strengths and accomplishments
(Standard 2410.2)
CAE TipsBuilding Good Relationships
Remember that relationships are long term
Trust and respect are important
Gain knowledge of operations and management
Be available in times of crisis
Cover the who, what, when, where, why and how
CAE TipsBuilding Good Relationships
Have a customer service attitude
Be a problem solver
Get involved in understanding the complexities of programs and activities
Attend Board committee meetings and learn more about the organization
Attend training on organization initiatives
CAE TipsBuilding Good Relationships
Get involved with strategic planning, IT planning and the budget process
Check laws, regulations, policies and history
Attend legislative and other regulatory oversight meetings
Obtain a seat at the management table
Keep executive management & Board informed
Be an effective liaison with external auditors
CAE TipsOpportunities to Provide Courtesy Information
Provide status on internal or external audits
Share the perspective of a Board member/ manager on an issue or concern
Provide draft information on Audit Committee meeting topics
CAE Tips
Opportunities to Provide Courtesy Information
Provide “heads up” on coming events
Give news of IA staff members achieving certification
Congratulate on good presentation or other achievement
CAE Tips
Opportunities to Send Thank You Notes
Participation in risk assessment/Audit Plan interviews
Presentations at Audit Committee meetings
Attendance at staff meetings (yours or theirs)
CAE Tips
Opportunities to Send Thank You Notes
Timely and relevant information/referral provided
Important advice or assistance rendered
Participation in IA-sponsored initiatives
CAE TipsThings to Avoid
Don’t:
Play “us vs. them” games
Spring audit findings on management
Take on special project requests which should
be done by management
Give information that is a “difficult read”
(technicalities, volume)
CAE Tips
Defuse personality conflicts and focus on the work
Understand management’s priorities
Focus on what happened and how to fix it (rather than
assessing blame)
Don’t let office location hurt your communications with management
CAE Tips
When you make a mistake, admit it!
Keep your promises
Be aware of your limitations (avoid “over
promising” and “under delivering”)
Avoid auditing and accounting jargon
Avoid the infamous “gotcha” mentality
CAE TipsThings to Avoid
Don’t:
Make decisions for management
Take sides in a turf battle
Focus on insignificant issues
Project defensiveness when a manager takes exception
Turn away a business partner
CAE TipsThings to Avoid
Don’t:
Project arrogance
Use your position power inappropriately
Surprise the CEO or Committee Chair at
Board/Audit Committees meetings
Lose your integrity and reputation
Lose your independence and objectivity
Johari Window
Model of awareness and group dynamics
Impact of disclosure and feedback
Interpersonal communication and group development
Joseph Luft and Harry Inghan (1955)
Johari Window
THINGS I KNOW THINGS I DON’T KNOW
THINGS
THEY KNOW
ARENA
THINGS
THEY DON’T
KNOW
ARENA – Attitudes, behavior, motivation, values, way of life.
Known to self and to others.
Johari Window
THINGS I KNOW THINGS I DON’T KNOW
THINGS
THEY KNOW
ARENA
THINGS
THEY DON’T
KNOW
UNKNOWN
UNKNOWN – Hidden complexities, subconscious.
Neither the individual nor others are aware of certain behaviors or
motives.
Johari Window
THINGS I KNOW THINGS I DON’T KNOW
THINGS
THEY KNOW
ARENA
THINGS
THEY DON’T
KNOW
FACADE
UNKNOWN
FAÇADE – Hidden agenda, sensitivities, feelings, personal life,
fears, relationships. Things we know but don’t reveal to others.
Johari Window
THINGS I KNOW THINGS I DON’T KNOW
THINGS
THEY KNOW
ARENA
BLIND SPOT
THINGS
THEY DON’T
KNOW
FACADE
UNKNOWN
BLIND SPOT – Perceptions, prejudices, judgements.
Others can see things of which we are unaware.
Johari Window
THINGS I KNOW THINGS I
DON’T KNOW
THINGS
THEY KNOW
ARENA
BLIND SPOT
THINGS
THEY DON’T
KNOW
FACADE
UNKNOWN
Increased disclosure and increased feedback =
Improved communications
Johari Window
THINGS I KNOW THINGS I
DON’T KNOW
THINGS
THEY KNOW
ARENA
BLIND SPOT
THINGS
THEY DON’T
KNOW
FACADE
UNKNOWN
OBJECTIVE OF GROUP DYNAMICS: More open communications
Increase ARENA
Lessen FAÇADE, BLIND SPOT, and UNKNOWN
Johari WindowMore Information
Luft, Joseph
“Group Processes: An Introduction to Group Dynamics”
National Press Books, Palo Alto, California
(1970, 2nd edition)
Personal Development Plans
So what does today’s topic mean to you?
What can you do to enhance the quality and effectiveness of interpersonal, communication and facilitation skills?
Complete a personal development plan
Discuss this with your CAE (or Department Chair) within the next 10 work days
Personal Development Plan
What can you do to enhance the quality and effectiveness of interpersonal, communication
and facilitation skills with:
Students/ Faculty?
Fellow staff members?
the CAE / Audit Director?
Executive and Line Management?
External Auditors?
Fellow Audit Professionals?
Coordination
An act reluctantly entered into by two or more
partially consenting bodies.
-- Fred Allen