It’s that time of the year again when we all consider the things we want to do differently in the next year. 2012 has been a good year in my view. I have been considering and developing my understanding of internal audit. I have been presented constantly with interesting and exciting work, some technically challenging, some intellectually challenging, some socially challenging. One theme throughout, newness. In a sense it is what I love about internal audit. It is work that is constantly varied, variable and volatile (see previous post).

So, given 2012 was so exciting, what can I seek to do differently in 2013? Well, I have a personal objective to avoid swearing at all. Not that I swear much now, but I was always taught that swearing is a demonstration of a lack of vocabulary. I’m not sure that is true, but swearing used more than infrequently loses its effect to emphasise and shock. So there’s my personal resolution.

So what is my professional resolution? Well, it struck me, when reflecting on my work and 2012 in general, that I have over emphasised the ‘back office’. By this I mean the professional services that support any organisation’s effort. As an accountant, IT auditor, and MBA graduate it is easy for me to dwell on the professional practice of business; the finance, marketing, IT, HR and other supporting business processes. This can be at the expense of the core business.

I am not the only one. When you look at so-called ‘market analyses’ of listed firms, they are big on financial results, light on in-depth risk analysis of the core business. So it can be with internal audit. We hide in the shadows of the back office, stating that we look at the underlying ‘business processes’ as we are not qualified in whatever the core business is.

Well here’s a revelation. Unless the core business is a profession, e.g. surveyors, solicitors etc. then neither are the general management. Thus why should internal audit have a less valid view, given its wide ranging and strategic view of the organisation than the managers? Indeed the biggest challenge in most organisations is to bring the back office in to support, effectively, the front office. Internal audit must surely have something to add here?

Here’s another revelation. I am not qualified in most areas of the back office I audit. No one internal auditor could possibly be. Yet we draw on our professional colleagues to review their work and their work as applied to other back office and front office tasks. For example, I am no lawyer, yet have a good relationship with our legal team to support me in my work when I want to assess legal risks arising in an area. In this, internal audit is no different to general management. We learn through experience and from professional colleagues. We then build up a sense of when we need specialist advice and when we can form a view ourselves.

Why then does internal audit avoid the front office? Well, I think because in the front office knowledge is not absolute. It depends on application and context far more. There is no body of ‘professional guidance’ to fall back upon. Not only could we be ‘wrong’ but ‘right’ may not exist. It cannot, however, be tenable for an internal audit plan to audit a supermarket without considering food or a building firm without looking at surveying.

For these reasons therefore I am orienting my professional development towards in depth learning about my clients’ core business. Through this I hope to be able to provide a better and more risk based internal audit plan for 2013. What is your New Year’s work resolution?