Compliance risk, especially around the Affordable Care Act, is top of mind for chief audit executives heading into 2014, according to the latest poll by the Institute of Internal Auditors.

The IIA's fall “Pulse of the Profession” survey found chief audit executives in North America are bracing for a greater focus on compliance issues and less focus on Sarbanes-Oxley in the coming year. Operational audits still account for the largest area of focus, 27 percent according to the latest poll, but compliance audits rank second, expected to consume 15 percent of the internal audit department's time and attention in the coming year. Audit coverage for general financial issues, Sarbanes-Oxley, and information technology each fell behind general compliance audits, each representing 11 percent of audit coverage.

The survey report suggests internal audit staffs are expecting the Affordable Care Act to require a great deal of their focus in the coming year, but aren't yet fully up to speed on what will be expected of them. Nearly 80 percent of the 428 audit executives who responded to the survey in North America said they expect the ACA to have at least somewhat to moderate or even extreme impact on the organization, while the remainder were uncertain. In terms of their readiness, however, only 19 percent gauge themselves to be moderately or extremely knowledgable about the requirements. Nearly 40 percent said they are not very knowledgeable at all.

                           

“There's a bit of divergence there in the number who believed this is going to be impactful and how many auditors had gotten some knowledge on the legislation,” says Richard Chambers, president and CEO of the IIA. “The risks are coming at us at a rapid rate of speed.” The legislation presents the internal audit profession with an opportunity to demonstrate the value it can bring in becoming a proactive function within the organization. “Anytime we can help organizations mitigate key risks or at least navigate a risky landscape, that's an opportunity,” he says. “New regulations bring with them new compliance risks.”

The survey also suggests internal auditors are not anticipating significant challenge in transitioning to the new COSO framework for internal control. More than 71 percent of internal audit executives at public companies said they they expect adoption of the new framework to be not significant or somewhat significant, while only 22 percent expect it to be moderately or extremely significant. Only 7 percent said they were uncertain.

Topics