In her book, Extraordinary Circumstances: The Journey of a Corporate Whistleblower, Cooper counsels internal auditors to “find your courage.” Courage means many things to many people, so thinking about it and discussing it with others you trust can help you reinforce your moral foundation.
In Trusted Advisors: Key Attributes of Outstanding Internal Auditors, one of the nine key attributes I examine is ethical resilience, and in speeches about the book, I talk about internal auditors needing to be ethical AND courageous. I have known many ethical internal auditors who kept their heads down rather than confront highly contentious risks, issues, or results. But being courageous often requires being the lone voice. It doesn’t take quite as much courage to stand in line to point a finger. Indeed, courage does not wait for a choir.
But courage doesn’t suddenly blossom within an internal auditor simply because there is an expectation or strong case for it. I go back to Cooper’s admonition to “find your courage,” which requires practitioners to examine what courage is and under what circumstances their own internal fortitude may be tested.
I love asking people when they get their best ideas. Never, never, never, never, never has anyone ever, ever, ever, ever, ever answered, “When I was working real hard.”
Hard work is important in getting things done. But stepping away from work is important in getting things done better.
A constant immersion in day-to-day work will trap you in a mind-set that eventually works only for the past. If you are not getting experiences from outside your normal workspace, you will not be finding better solutions. And, for internal audit, that means better solutions for our problems as well as the problems we identify during our audit work.
Mike Jacka, an Internal Auditor with Farmer’s Insurance Group, reminds us about the necessity of life beyond auditing. And, we suppose, many other lines of work. Read more here.
The most effective internal auditors are those with enough fortitude to blow the whistle before trouble ensues. They see troubling issues in the formation stage, raise a concern, and take a stand to ensure things are done right.
But, as I discovered years ago, there has to be a high degree of trust between internal auditors and those whom they are cautioning about pending wrongdoing or calamity. Without trust as a basis for engagement, the conversation can become awkward or even polarizing.
Ethics is an area that plays a significant role in my view of outstanding internal audit performance; so much so that I decided to feature ethical resilience as my first area of focus. I’ve been known to characterize ethics as “table stakes” for those wishing to engage in internal auditing. It’s a strong statement, but I stand by it. Internal auditors can’t accomplish their mission without a diligent, unceasing commitment to ethical behavior.
Richard Chambers outlines an auditor’s need to demonstrate and commit to ethical behavior in this post.
A commitment to ethical behaviors means committing to integrity, honesty, and trustworthiness. Auditors can be flexible around the scope of work done, are willing to engage in continuous learning and professional improvement, but must be able to support, stand behind, and be accountable for the work that they do. At times, that may require a degree of courage. But we as auditors must behave ethically if we are to be trusted, and we must ask the same of others.
…some internal auditors are torn between performing traditional internal audit activities — the time-honored “tick and tie” procedures — and activities that contribute more directly to value creation. “Both those activities are important,” says Larry Baker, a senior leader in internal audit, enterprise risk management, and strategic planning in Oklahoma City. “Even when management is convinced the organization is doing everything possible to ensure that a process is working effectively, internal audit still needs to do an independent audit of the controls that make management feel so comfortable.”
Jane Seago explores ways that internal auditors can reexamine how they approach risk and prioritize audit topics that will most benefit an agency. Read more here.
A consulting group and state attorney general’s office reached very different conclusions regarding the potential misuse of Medicaid funds by several nonprofit agencies in New Mexico.
Findings from independent audits have resulted in the closure of 15 New Mexico-based nonprofit agencies that provided behavioral health services in that state, according to Nonprofit Quarterly… However, the New Mexico attorney general’s office has disposed of most of the cases and announced that it did not find a pattern of fraud in 10 nonprofits that had been part of PCG’s audits.
So what happened, and who is in the right? According to Art Stewart, two process steps crucial to the accurate completion of the audit were not followed through, which lead to the consulting group erroneously concluding that Medicaid funds were being misused.
The most telling issues arose during the later stages of the audit:
PCG (Public Consulting Group) and HSD (Human Services Division) did not share the audit’s findings with any of the 15 organizations whose Medicaid payments HSD froze. It also is unclear whether HSD did a systematic check itself to make sure claims that were flagged weren’t mistakenly identified as inappropriate. It is critical that auditors present findings to staff of audited organizations to give them an opportunity to refute findings or address misunderstandings. The damage that can be caused by a failure to do so is evident in this story.
This is a good reminder for all of us here in Audit Land to hew to the process and avoid the temptation of shortcuts. For better or (in this case) for worse, our work has real world consequences.