Navigating the New Global Internal Audit Standards

As we approach January 2025, when the new Global Internal Audit Standards will be fully implemented, internal auditors around the world are preparing for a significant shift in how they operate. These updated standards, developed by The Institute of Internal Auditors (IIA), aim to help audit professionals better navigate the increasingly complex business landscape, focusing on governance, risk management, and emerging challenges like cybersecurity and ESG concerns.

The revisions represent a welcome evolution of the framework for internal auditing, but as with any significant change, there are areas where auditors still hope to see further refinement or improvement.

What the New Standards Get Right

The new standards deliver substantial enhancements that address some of the most pressing challenges auditors face today: 

 •    Strengthened Governance: The updated standards emphasize closer involvement of boards and senior management, helping to integrate internal audit more deeply into an organization’s overall governance framework.   

•    Flexibility and Adaptability: The IIA’s focus on creating a more flexible framework helps auditors operate effectively in both large enterprises and smaller organizations, which often have fewer resources.   

•    Cybersecurity and Technology: The standards include clear guidelines on how internal auditors should address technology risks, particularly around cybersecurity and IT governance, two of the biggest concerns for today’s organizations.

While these improvements are critical to advancing the profession, some internal auditors feel that certain areas could still be developed further to ensure the standards fully meet the needs of the modern business environment.

What Auditors Are Still Wishing For

Despite the many benefits, several areas have been identified where internal auditors believe more detail or focus could be added: 

 1.    Clearer Guidance on Technological Integration:

While the standards touch on areas such as cybersecurity and IT governance, many auditors are hoping for more robust, detailed guidance on how to integrate advanced technologies like AI, data analytics, and automation into audit processes.

These tools have the potential to revolutionize auditing by providing real-time data and insights, but their integration remains complex. 

 2.    Agile Auditing Practices

The new framework offers more flexibility, but many professionals desire a more explicit endorsement of agile auditing. Agile methods allow auditors to pivot quickly, reassess risks continuously, and conduct audits iteratively. This approach can be especially effective in fast-moving sectors, but it still lacks a strong presence in the new standards. 

3.    Expanded ESG Auditing

ESG is rapidly becoming a critical issue for stakeholders, investors, and governments alike. While the new standards do address this, auditors would like to see more comprehensive guidance on how to incorporate ESG into their audits. This includes both environmental metrics (carbon footprint, resource management) and governance factors (corporate ethics, diversity). 

4.    Support for Smaller Audit Teams

Although the IIA acknowledges the needs of smaller audit functions, some auditors from these environments are calling for more specific support. Tailored solutions that take into account resource limitations would allow these teams to meet the standards without becoming overwhelmed by the scope of the new requirements. 

5.    Continuous Monitoring and Automation

Continuous auditing—using automated tools to provide real-time insights into risks—was expected to play a bigger role in the new standards. Many auditors hope to see this emphasized more strongly as businesses increasingly move toward data-driven decision-making.

A Path Forward: Early Adoption and Adaptation

The IIA has encouraged early adoption of the new standards ahead of the 2025 implementation date. Internal audit leaders should begin preparing now by performing gap assessments that benchmark their current policies against the upcoming standards. By identifying areas of improvement early, audit teams can ensure a smooth transition while capitalizing on the new framework’s many benefits.

Auditors should also communicate these changes to senior management and boards to align organizational goals with internal audit’s strategic objectives. By doing so, they not only meet compliance requirements but also unlock new opportunities to drive value within their organizations.

Conclusion: A New Era of Internal Auditing

The 2024 Global Internal Audit Standards represent a major step forward in the profession’s evolution, addressing the key risks and challenges facing organizations today. While there is room for further development in certain areas, particularly around technology integration and agile auditing, the standards provide a strong foundation for auditors to enhance their role as strategic business partners.