Overheard Myths About Internal Auditing

There are many incorrect perceptions of internal auditors – myths that have developed over time about the profession and some, unfortunately, perpetuated by auditors themselves.

#1 Internal auditors are accountants by training.

This myth suggests that all internal auditors are accountants by training and are only interested in companies’ financial records. While training in accounting is useful in the career of an auditor, various other professions have also been hired to deal with specialist areas that do not relate to accounting.

Internal auditors commonly deal with fraud risks, compliance issues, and a variety of operational issues that are not related to accounting. Also, internal auditors’ backgrounds are as diverse as the operations they audit. Leading internal audit functions are now hiring applicants with analytical thinking ability, knowledge of the business (so as to provide operations expertise) and IT expertise to assist with the assessment of IT risks, all of which may not be addressed by accountants.

To overcome this myth, create a diverse staff (hire individuals with diverse backgrounds)  and train alongside your clients when possible (while audit specific training is definitely important, so are your client’s specific tasks.)


#2 Auditors are nit-pickers and fault-finders.

In reality, an internal audit is meant to focus on major risks and to bring out issues that add value to the organization. Given that audit resources are limited, when auditors focus too much on minor issues, they detract from focusing on the major risks that should be at the heart of the audit.

Auditors should keep the goal of the audit in mind, that is, the betterment of the organization. Well, part of what internal audit do is to evaluate the environments.  The focus is on preserving, protecting, and continuous improvement.  Internal audit must communicate this in our actions.  Therefore, it is important to prioritize projects and issues internal audit present to management.


#3 It’s best not to tell the auditors anything unless they specifically ask.

This myth can be counter-productive if auditors believe information is being withheld, they increase the scope of their work to find out if there is important information that has not been covered. This leads to less efficient audits. The purpose of internal audit is to add value and improve an organization’s operations. Hiding information is against everyone’s best interests.

Auditors and auditees should work in partnership to achieve the betterment of their organizations such as by fostering honest and open dialogue between both parties.


#4 Internal auditors follow a cycle in selecting their audit “targets” and use a standard checklist so they can audit the same things the same way each time.

To overcome this, do something different.  Get out of your comfort zone.  Try auditing something in your organization that you have never touched before.  For example, try auditing your organization’s social media strategy and operations.  This is a fairly new risk facing many organizations.

#5 Internal audit is the corporate “police function”.

When an auditor’s behavior is accusing or aggressive, they are far more likely to be met with resistance than when they treat findings as an opportunity to help accomplish objectives and facilitate improvement. Simply put, check your attitude. Present yourself as a collaborative partner through your actions and you will become one. As someone once said; “the auditor is a watchdog and not a bloodhound.” The best auditors are always those who create a rapport with audit customers.

It takes time to change perceptions, and it often requires the combined effort of many individuals.