Too many internal auditors have the unfortunate distinction of being called the corporate cops.  Being called the corporate cop is neither glamorous nor desirable. In fact, the internal auditing profession has been trying to change this image for years and has provided an alternative image, which for many is also a goal: To become trusted advisors. But what is a trusted advisor? What does a trusted advisor do? What behaviors are necessary to become a trusted advisor?

A trusted advisor is the person a client turns to when an issue arises, often when there is urgency like in times of crisis or change. But often this will also extend to times when an important decision must be made and the decision-maker needs someone with the knowledge, track record, reputation, level-headedness, creditability and dependability to provide good, honest advice. This is the characteristic of a deep and trusting relationship. 

But getting to this point, to be recognized as a trusted advisor, doesn’t happen overnight. It is the result of nurturing a growing relationship that in its early stages may be characterized by the internal auditor performing a needed task or acting as a subject matter expert. Being able to perform compliance or financial reviews with competence and speed are examples of this.

Over time, audit clients notice that the auditor has capabilities not directly related to the original area of expertise but can also solve and provide valuable insights related to more general business issues. Examples include auditors being able to address topics related to IT concepts, systems development, project management, and identify ways to increase process efficiencies.

The next level in this maturity progression is when internal auditors might be consulted on broader strategic issues. The internal auditor is more than a technically proficient problem-solving professional but is also able to put issues in organizational context and can provide perspective to them. The internal auditor offers advice proactively. For example, more than auditing projects after they have begun, they recommend best practices that enable them to deliver on time, within budget and with high quality.  

When internal auditors are trusted advisors, they provide a safe harbor for the board and management to discuss and explore. This attribute involves the integration of content expertise, organizational awareness and strong interpersonal skills. At this point, internal auditors are a sounding board before decisions are being made to gain the auditors’ perspective on complex topics and to gain their opinion on emerging threats.

Steps to take

The process of becoming a trusted advisor takes time and consistency. These are some of the key actions:

  1. Be positive.
    Some internal auditors have promoted an image of being the “no” people. Management and employees, and even some board members may regard internal auditors as objecting too often, too readily, and without evidence, to business initiatives, goals and objectives. They are unreasonably risk-averse. Instead, internal auditors must show business acumen and demonstrate they are on-board with the organization’s goal to add value to its stakeholders, take appropriate and well thought-out risks, and promote change where change is needed.

  2. Follow through.
    A quick way to lose credibility is to promise, or over-promise, and under-deliver. If you want to become a trusted advisor, don’t make promises you can’t keep. Trusted advisors say what they mean and mean what they say: Trusted advisors “give it to their clients straight” and avoid being unnecessarily vague.

  3. Keep in touch with the client.
    This can be done via e-mail, by phone, and in person.  Trusted advisors keep in touch to show their genuine interest in the client’s well-being. Sometimes process owners only hear from the auditor when the auditor needs something related to an ongoing or future audit. To reverse that dynamic, an increasingly common practice in many internal audit departments is to assign relationship-building responsibilities with key management contacts. This requires meeting with the client periodically to “check in”. During these meetings, the agenda consists of discussing dynamics in their unit, upcoming changes and initiatives, concerns and other matters that the internal auditors can provide insights and suggestions about.  

  4. Give them something.
    More than keeping in touch to say hello, trusted advisors also give freely. They share information, updates, news, and other developments that they believe the client might be interested in and might find useful. The typical auditor-client relationship is characterized by a series of requests from the auditor (e.g. for documents, data, meetings), who then sends a report showing all the mistakes found and requesting, once again, the client to agree to the report and provide corrective actions. If requests are all the client gets, the relationship is lopsided.

    "Just saying that you are right because you can show that something is broken is not necessarily helpful."

  5. Be respectful.
    Trusted advisors impress their clients with their knowledge without embarrassing them over what they should, but don’t know. Most managers and employees are proud of their jobs and don’t appreciate someone going into their office and shaming them. Internal auditors should display effective communication skills to highlight opportunities for improvement without being condescending or judgmental.

  6. Ask mindful questions, mindfully.
    Trusted advisors ask Probing (open-ended), Clarifying (double-check), Process (relevant to the program or process’ mission and objectives) and Empathetic (show they care), questions. They also apply the 80/20 Rule:  They ask good questions using 20 percent of the time and allow the client to describe, explain, elaborate using 80 percent of the time. They learn when they listen.

  7. Be helpful.
    Internal auditors’ futures are linked with the organization’s future. A key aspect of effective internal auditing is understanding the mission, vision, objectives, the risks that get in the way of achieving these objectives and assessing and recommending controls that prevent risks from derailing the organization’s success.  So, the goal is to be helpful and support those efforts. Out-of-context findings, unresearched causes of problems, unquantifiable issues, and unrealistic corrective actions are seldom helpful. 

  8. Explain and help them understand.
    Finding anomalies is a good start, but it is important to show the client the relevance of the issue, how it was discovered, its implications, how big an issue it is, how long it has been occurring, what is causing it, and some thoughts on how it might be fixed. By explaining the who, what, when, where and why of issues, clients will understand better why control breakdowns and other vulnerabilities matter to them.

  9. Be understanding.
    Trusted advisors try to understand their client’s situation and the context of the situation they are dealing with. They also realize that by being empathetic and understanding how the client feels about their challenges they can connect emotionally and support the relationship. 

Internal auditors should work diligently to reframe the image away from the corporate cop and towards being a trusted advisor. Trusted advisors provide more than lists of issues and problems. They are consistently fair, caring, listen carefully, and provide useful, appropriate, timely and relevant suggestions for improvement.

Interested in learning more about this and other tools and techniques? Join Dr. Murdock when he teaches Lean Six Sigma Skills for AuditorsInternal Audit School, and High-Impact Skills for Developing and Leading Your Audit Team.


LinkedIn Sales Navigator