Why Internal Audits are important for CFOs.
A Chief Financial Officer (CFO) is primarily concerned with an organization’s financial performance, while Internal Audits (IA) focus on risk management, governance, and internal controls.
Financial success and risk are perhaps two sides of the same coin, so every CFO should clearly understand the value that good Internal Audit techniques bring.
This short article aims to outline the value CFOs should expect from IA, and equally, help IA ensure they provide maximum value to CFOs.
To understand the interaction between IA and CFOs, we should understand:
- The CFO role
- Internal Audit’s role
- How Internal Audit supports the CFO
- What Internal Audit needs to deliver maximum value
The CFO role
The CFO’s responsibilities are varied, but focus on three fundamentals:
- report financial performance
- ensure financial liquidity
- generate a return on investment
Additionally, the CFO’s duties normally include sitting on the company board of directors, contributing to the company’s strategy, supporting the company’s mission, values, and purpose, and leading the finance department.
Internal Audit’s role
Internal Audit is concerned mainly with controlling risk. The role is neatly defined by the CIIA:
“to provide independent assurance that an organisation’s risk management, governance and internal control processes are operating effectively.”
Four ways Internal Audit supports the CFO
To understand the value of IA to the CFO, here are some CFO objectives that IA supports:
- Protect the organization. Good IA investigates the organization’s resilience in all areas, including supply chains and cash position. After the 2008 banking crisis, the CIIA developed a code for Internal Audit to protect Financial Services firms. This code now applies to all UK companies and gives IA:
- – access to all areas of the organization
- – a direct line to CEOs
- – a seat at executive committee meetings.
- Ensure internal financial controls adhere to company policy, for example in accounts payable. SOX compliance means Senior Managers in all public companies are legally responsible for accurate company financial statements. Controls must be documented and reviewed as part of an external audit. Hence, Internal financial audits are essential to for the CFO to have confidence in the accuracy of financial reports.
- Support a clear, fact-based strategic vision. Internal Audit tools can provide a strategy minded CFO with a clear report of how issues and risks affect many parts of the organization, including: operations, finances, investments, IT, cyber security, legal, compliance, brand value and ESG.
- Deliver a robust ROI. This is not easy to calculate, but the evidence suggests that IA delivers a high ROI. Sources such as Deloitte estimate IA costs between 0.026% to 0.126% of revenue for Fortune 500 companies. The financial benefits of IA are hard to quantify, but it’s clear that IA prevents many risks and fines before they incur large costs to the organization.
What does Internal Audit need, to deliver the most value?
We recommend keeping an Internal Audit checklist of the key requirements IA needs for the team to work to the best of their ability.
- Work at the right level: IA must have the authority to conduct their work, report to the top of the organization, to people that care about the issues that IA deal with. This also means access to executive meetings.
- Independence and objectivity, and have adequate resources to do so, agreed by the board of directors, not just the CEO.
- Explicit codes of practice, set by the board of directors and informed by industry bodies.
- Purpose built technology to monitor data, enforce policies, and log every user action. Without this, admin heavy, granular work is extremely challenging to do. The best internal audit software offers further functionality such as data analytics and predictive modelling, that identify hidden risks even earlier and deliver even more benefit.
Internal Audit benefits the whole organization and the relationship between CFO and Internal Audit should be collaborative as they both work to ensure the success of the organization, albeit from two different perspectives.
If you found this article helpful, you might be interested in our Internal Audit Guide that covers how Internal Audit Management platforms and Internal Audit tools can help your Inte