AuditBoard, a cloud-based platform transforming audit, risk, compliance, and ESG management, has announced the results of a new research report, 2025 Focus on the Future: Inflection Point for Transformation at Mid-Decade. The report reveals a fundamental lack of alignment between top risks businesses face and the level of resources internal auditors are able to put towards those vulnerabilities.
The first half of the 2020s has been an era of perpetual risk-induced disruption spanning cybersecurity, AI, supply chain, inflation, third party, sustainability, and beyond. Despite largely static resource levels, internal audit leaders face a critical imperative to help their organizations tackle the rising volume and velocity of risks. The 2025 Focus on the Future survey found many internal audit leaders are missing key opportunities to leverage technology, strategize, prioritize, and collaborate across their organizations, making it challenging to narrow the gap between rising risk demands and stagnant risk management capabilities. The data reveals:
- Risks may be growing, but resources are not: Roughly three-quarters of those surveyed expect headcount to decrease or stay the same in 2025. AuditBoard survey data from the past three years collectively reveal a clear pattern of optimistic staffing forecasts followed by less rosy realities.
- There has been a lack of progress in implementing generative AI in internal audit: Only 4% of those surveyed reported substantial progress in implementing AI in any area of internal audit, potentially jeopardizing audit teams’ chances of leveraging this capacity multiplier to achieve better results with less effort and increasing their risk of falling behind with AI.
- Lack of readiness to conform with The Institute of Internal Auditors’ Global Internal Audit Standards: The survey found that at least one in three organizations won’t be ready for the upcoming January 2025 deadline, indicating the lack of priority some internal auditors may be placing on guidance on the worldwide professional practice of internal auditing.
- Cybersecurity retains its place as the top-ranked risk and top area of audit effort: 82% of internal auditors rated this risk as “very high” or “higher than average” for their organizations in 2025, versus 81% in 2024 and 83% in 2023 — a priority that is mirrored by the top rank in planned audit efforts.
- Ongoing misalignment between risk levels and planned audit efforts in key areas: Survey respondents ranked changing economic conditions as the #2 risk, but it ranked #11 in terms of audit effort, showcasing a mismatched risk-to-effort ratio. Conversely, fraud was a lower-ranked risk at #10 but ranked high at #3 in terms of planned audit efforts. This suggests seemingly static views on risk and resource allocation while highlighting potential opportunities to reprioritize and redirect resources to assess and manage business’ most pressing risks.
- Immature views on the process, purpose, and importance of internal audit strategic planning and technology planning: 39% of respondents are not collaborating with other governance, risk, and compliance teams to share technologies. This missed opportunity often results in disconnected data and teams, audit fatigue, duplication of effort, and coverage gaps.
“Our organizations have experienced a half-century’s worth of disruption in half a decade. These are not ordinary times; extraordinary action is required,” said Richard Chambers, AuditBoard’s Senior Advisor, Risk and Audit and the former CEO of The Institute of Internal Auditors. “The internal audit profession is facing an inflection point. We must better equip ourselves to understand and face tomorrow’s risks while deriving more benefits from limited resources. AuditBoard’s 2025 Focus on the Future report offers hard lessons and points to vital opportunities on the path to transformation.”
For more information about the future of internal audit and what organizations can do to ensure the profession is central and indispensable, read the full report here.
Thanks for reading CPA Practice Advisor!
Subscribe Already registered? Log In
Need more information? Read the FAQs
Tags: Auditing