Welcome to Promenade Speakers Bureau, LLC
Home | Find Insurance & Financial Speakers | Find Health Speakers | Find Women Speakers | Articles | Planner Resources | Are You a Speaker? | Contact

The Internal Audit and Communication Skills

An Interview with Joan Pastor, Speaker

The internal audit and communication skills

 

Martin Stevens from the Norwegian Internal Auditors’ Association interviewed Joan Pastor, Ph.D. concerning her view of internal audit and the importance of developing communication skills.

 

She has been widely used as a speaker at IIA conferences, both in USA and internationally. She is considered one of the pioneers of Control and Risk Self-Assessment (CRSA), including Enterprise Risk Management (ERM) methodologies.

 

Joan started by telling me how she first came into contact with internal auditors.

 

- I must admit that the first time I was to address a meeting of internal auditors I had a mental image of “Men in Black”, cold, professional and analytical hidden behind dark glasses. Then I was standing in front of 65 of them, 61 of them men, dressed in navy or grey suits with white shirts and yellow ties (the power colour). That certainly didn’t help to change my image of them. Their interest in the subject “Managing conflict internally across functions” surprised me. I had been warned that the speech would have to be cancelled if less than 10 people showed up, as it was there was standing room only. From that beginning in 1986 I came to appreciate that in fact, contrary to their image, internal auditors are closely concerned with organisational issues and the need for mastery of soft skills. If we should define the operational auditor’s objective as working to achieve the alignment of reality to strategic goals then the auditor and I, as an organisational psychologist, have exactly the same objective.

 

- How can the auditor change his image? I ask. Joan’s answer is that an important starting point is to distinguish clearly between the roles that one takes on. There will be times when the auditor must perform pure compliance audits or assist and lead in fraud investigations. In larger organisations there may be dedicated teams to cover this type of work, but if not, it is important at the outset that the auditor communicates to the auditee clearly that the work being performed this time is picking over details in black and white mode whereas at other times the objective is a broader operational audit. - If the auditor is to be successful in performing an operational audit then it is so important that he or she adopts the right mindset. You are not looking for what’s missing, to find fault and point the finger of blame, rather you are trying to find out what is. You are trying to map an objective reality and let’s face it you are often alone in the organisation in performing that role.

 

- I have spoken to auditors frustrated at their audit reports not being acted upon, but is that surprising? A survey was carried out, I believe it was in New Zealand or Australia where the conclusion was that 7 % of the findings in a typical audit report were critical, 12% were classified as important and the remaining 81 % were trivial. Why were the trivial points there? They may have made the auditor feel satisfied with having done a thorough job, but for the auditee they just served to divert his attention from the real issues. Thoughts of not being able to see the wood for the trees spring to mind and if you really want to reinforce a Men in Black stereotype then this is the way to go about it. Rather the goal should be to discover the 1-3 major issues that most need to be worked on. This often means learning how to get below the surface of issues and drilling down to the root causes. Of course it requires the application of all the auditor’s skills to identify the root causes or issues, to identify the disease rather than the myriad of symptoms, but isn’t it better that the one major issue is addressed and improvements are made, than that that issue becomes obscured and forgotten? You may encounter resistance from some people when you try to get to the real issues, but if you are focusing on finding both the good and the problem areas, you will be ultimately perceived as providing much more value.

 

- The next idea to consider is that improvements rarely come about because people are told what is wrong and what the solution is, rather the people concerned must buy into the idea. The great thing is that we, as humans, are neurologically programmed to seek solutions when we first understand there is a matter to address, and at least 95 % of people want to do their best, so the auditor’s efforts should rather be to geared to helping the organisation understand the reality of their present situation. Then of course you should facilitate in the process to arrive at improvements. But Joan has a golden rule “the more they feel the idea came from them, the much greater the chance that they will buy into the idea and the need for change”.

 

So I asked Joan whether she saw the auditor as a change agent. In reply I received an emphatic no. - The auditor is not a change agent but a change leader - and she added - that is a challenging job, because one of the hardest things is for people and organisations to see they need to change and then do so.

 

We were agreed on the fact that communication is crucially important to the successful performance of the internal auditor’s job. I asked Joan whether she believed communication skills were something you were either born with, or if not, could be learned. Encouragingly she said that it is possible to learn concrete technical skills, especially in respect of conducting interviews. It is important to remember that an audit is not just a technical task. She told me of an experience she had where she was called in to facilitate in the re-organisation of a finance department. An audit had just been completed. The audit gave a clean bill of health. Joan interviewed the staff and received information of a fraud that was being committed.

 

- An auditor who simply follows a checklist will kill communication. It is all right to have a checklist, but as a guide. The most important part of communication is to listen, to ask rather than to tell. Let suggestions and ideas flow from those being interviewed. The same is true when facilitating groups related to various audit meetings, and when conducting risk assessments and business process mapping. It is all right to have a mental list from your pre-work, but it will keep you from listening objectively. Put it in your back pocket, so to speak, and find out what the clients think first. If you have the right people in the room and you are facilitating correctly, you will be surprised at how many risk control issues groups bring up that will match your list; but, since they came up with the information – not you, there will be a much greater chance they will take ownership for it and be more willing to make changes.

 

Joan was very clear on where the line should be drawn between management and the auditors in the area of risk assessment. Management must take responsibility for knowing the risks and addressing them. The auditor should rarely be more than a facilitator, adviser, collaborator in this respect.

 

Joan told me that over the almost 20 years that she has been working together with internal audit, she has seen a positive development. Auditors are more aware of the need to add value and develop their skills from passive reporters to pro-active leaders as is exemplified by the active role that many auditors now play in the performance of Control and Risk Self Assessments.

 
Phone: 718 (space)789 (space) 1136 
    E-mail: mtaubleb (at) promenadespeakers (dot) com
 
We respond quickly to legitimate e-mails. Call if no reply, in case filtered out in error.