All Things Internal Audit

Episode

• Beyond the Three Lines: How AI Can Finally Make Combined Assurance Work 02.06.2026 26mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit Tech In this companion episode to Internal Auditor magazine's "Better Together" article, Paula Michaels talks with Ashwathama Rajendran about how AI can support more connected, continuous, and coordinated assurance across the three lines. They discuss why combined assurance can be difficult to achieve in practice, how AI can act as a connecting layer across risk, compliance, operations, and internal audit, and why human judgment, independence, and data privacy remain critical. HOST: Paula Michaels Senior Director of Creative and Content Services, The IIA GUESTS: Ashwathama Rajendran Data Analytics Lead, Stripe All opinions are Ashwathama Rajendran's own and do not represent his employer, and all scenarios discussed are hypothetical and based on broad industry experience rather than any specific organization.   KEY POINTS: Introduction and Ash's Background [00:00:30 - 00:02:05] Why Combined Assurance Struggles in Practice [00:02:17 - 00:04:21] AI as a Connecting Layer Across the Three Lines [00:04:33 - 00:06:29] Creating Real-Time Combined Assurance Maps [00:05:37 - 00:06:09] Continuous Monitoring Integration and AI [00:06:30 - 00:09:07] Using AI to Detect Cross-Functional Risks Earlier [00:09:07 - 00:11:20] Translating Risk Taxonomies Across Functions [00:11:29 - 00:13:35] Maintaining Auditor Independence and AI Governance [00:13:35 - 00:16:52] Roles of the Three Lines in AI Oversight [00:16:52 - 00:18:01] Where Organizations Should Start with AI-Enabled Combined Assurance [00:18:01 - 00:20:31] Internal Audit as a Catalyst for AI Adoption [00:20:31 - 00:22:35] How AI Will Change Internal Auditing Over the Next Five Years [00:22:35 - 00:25:17] Final Thoughts [00:25:17 - 00:25:49 Visit The IIA's website or YouTube channel for related topics and more.   IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Better Together — Internal Auditor Magazine (June Issue) Pulse Check: Combined Assurance Knowledge Center: Artificial Intelligence The Three Lines Model Vison 2035 Global Internal Audit Standards Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• Internal Audit Awareness Month: The Stories We Don't Always Tell 26.05.2026 35mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit  In this Internal Audit Awareness Month special, internal audit leaders share the human side of the profession. Through stories of resistance, difficult findings, stakeholder trust, courage, and career-defining moments, the episode highlights how internal auditors add value by building relationships, asking better questions, and helping organizations see what they might otherwise miss.    HOST: Catie Brown Associate Manager & Producer, Content Development, The IIA  GUESTS   Asim Fareeduddin, CPA, CISA, CISM, CIPP, CISSP Head of Internal Audit & Assurance, RELX Ashanti Clark, CIA Executive Advisor, FedEx Express Corporation Jasdeep Gill, CIA, CISA, CISM, CFE Senior Manager, Internal Audit & Assurance, RELX Aadesh Gandhre, CIA, CISA  Chief Audit Executive, DTCC Chad Bourque, CIA  Global Director of Enterprise Risk Management, Gallagher Benefits Services Nam Phong Ho, CIA, CISA, CFE, CRMA, QILM, MBA Former Chief Audit Executive, Glencore / Independent Advisor   KEY POINTS: Introduction [00:00:02-00:01:42] Navigating Internal Audit Resistance [00:01:42-00:05:34] Preparing for Difficult Conversations [00:05:34-00:08:05] Emotional Intelligence and Cultural Awareness [00:08:05-00:09:53] Delivering Difficult Audit Findings [00:09:53-00:14:28] Leadership During Challenging Audit Moments [00:14:28-00:16:38] Communicating the "So What" [00:16:38-00:19:42] Active Listening and Stakeholder Trust [00:19:42-00:22:53] Building Real Relationships [00:22:53-00:24:21] Demonstrating Internal Audit's Business Value [00:24:21-00:27:48] Courage and Career Growth in Internal Audit [00:27:48-00:29:51] Internal Audit as a Mission [00:29:51-00:31:52] Reflecting on Value After Every Audit [00:31:52-00:32:48] Sharing Internal Audit Successes [00:32:48-00:33:41] IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Discover Internal Audit Certifications May Sale Internal Audit Month Global Awareness Global Internal Audit Standards Vision 2035 Career Center   Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer  
• IT Controls Automation: Where Internal Audit Can Lead the Shift 20.05.2026 20mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit  In this episode, Mike Levy sits down with Reebu George to get practical about one of the most significant shifts underway in internal audit right now: the automation of IT controls. They talk through where this shift is happening, what use cases are proving their value, and how internal audit can lead the conversation rather than wait for the business to figure it out first.      HOST: Mike Levy, CIA, CRMA, CISSP CEO, Cherry Hill Advisory GUEST: Reebu George, CISSP, CISA, PMP Audit & Assurance Managing Director, IT Internal Audit Leader, Deloitte & Touche LLP   KEY POINTS: Introduction [00:00:02-00:00:47] The Shift Toward Continuous Auditing [00:00:47-00:02:26] How Automation Is Changing IT Controls [00:02:26-00:04:54] Building an Internal Audit Digital Strategy [00:05:39-00:07:09] Where Internal Audit Teams Should Start [00:07:09-00:09:33] Using AI and Automation in Audit Workflows [00:09:33-00:10:04] Earning a Seat at the Table [00:10:04-00:11:35] Developing Talent for Advisory Conversations [00:11:35-00:12:23] Rule-Based Controls and Automation Opportunities [00:12:23-00:13:45] Governance Risks in Automated Controls [00:13:45-00:15:39] Selling the Value of Automation [00:15:39-00:18:37] The Future of Continuous Assurance [00:18:37-00:19:49] Closing [00:19:52-00:20:23] IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: IT General Controls Certificate Program Knowledge Centers: Artificial Intelligence Global Internal Audit Standards Vision 2035   Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer  
• Greenwashing and Internal Audit: Governance, Risk, and the Growing Regulatory Crackdown 13.05.2026 24mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit  In this episode, Ahmed Sharif Hawky and Emmanuel Pascal discuss why greenwashing is no longer just a reputational risk, but also a governance and assurance challenge. Together they break down how greenwashing qualifies as legal misrepresentation, why most control environments are far weaker than leadership realizes, and what a practical audit approach looks like — from mapping sustainability claims across  channels to using data analytics and intensity ratios to test what companies report and what they don't.     HOST: Ahmed Sharif Shawky, CIA, CPA CEO, SustainGRC GUEST: Emmanuel Pascal, CIA, CRMA, CFE CEO, Condor Strike  Member, Committee of Research and Education Advisors, Internal Audit Foundation   KEY POINTS: Introduction [00:00-00:00:50] Defining Greenwashing [00:00:50-00:02:14] Political Backlash vs. Regulatory Reality [00:02:16-00:03:21] Greenwashing as Misrepresentation [00:03:24-00:06:13] Global Greenwashing Regulations [00:06:13-00:07:16] Greenwashing as Value Fraud [00:07:22-00:11:07] Assessing Greenwashing Risk [00:11:14-00:13:49] Green Strategy and Red Flags [00:13:50-00:14:48] Using Data Analytics to Test Sustainability Claims [00:14:48-00:18:10] Building a Strong Control Framework [00:18:13-00:19:27] Internal Audit's Approach to Greenwashing Risk [00:19:27-00:20:58] Training Auditors on Sustainability [00:20:58-00:21:52] DWS Greenwashing Case [00:21:52-00:23:42] 2026 International Conference Promo [00:23:47-00:24:18] Closing [00:24:25-00:24:34] IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: 2026 IIA International Conference Knowledge Centers: Environmental, Social, and Governance Global Internal Audit Standards Vision 2035 Global Perspectives & Insights: Sustainability All Things Internal Audit: Unmasking Greenwashing On the Frontlines: Greenwashing and Closing the Authenticity Gap Five Questions: Preventing Greenwashing Fighting Greenwashing Fraud Using Data Analytics   Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer  
• Inside The IIA's Updated Global Practice Guide: Auditing Public Sector Procurement 05.05.2026 22mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit In this episode, Pam Strobel Powers and Mark Maraccini discuss The IIA's recently updated Global Practice Guide Auditing Procurement in the Public Sector. They walk through the three pillars that make public sector procurement unique, explain how to distinguish a vendor from a subrecipient, and share why fraud risk in procurement deserves its own lane in your audit approach. *Members Save in May* Members can save 20% on CIA, CRMA, and IAP application and exam fees throughout May. Becker, the official CIA exam review partner of The IIA, is also offering up to 20% off CIA exam prep and $50 off IAP prep. Use the code May20% and access the offer here. HOST: Pamela Stroebel Powers, CIA, CGAP, CRMA, CPADirector of Professional Guidance, Public Sector, The IIA GUEST: Mark Maraccini, CIA, CPA Partner, Crowe LLP Member, International Internal Audit Standards Board     KEY POINTS: Introduction [00:00:02 - 00:00:30] What Makes Public Sector Procurement Unique [00:01:07 - 00:04:16] Transparency in Procurement [00:01:37 - 00:02:42] Fairness and Equity in Procurement [00:02:42 - 00:03:31] Legal and Regulatory Compliance [00:03:31 - 00:04:16] Vendor vs. Subrecipient: Key Differences [00:05:24 - 00:08:44] Applying the Procurement Lifecycle [00:09:34 - 00:10:54] Using Risk and Control Matrices [00:11:23 - 00:12:54] Manual vs. Technology-Driven Risk Assessment [00:11:48 - 00:12:33] Fraud Risk in Procurement [00:13:24 - 00:15:31] Equity and Supplier Diversity Programs [00:17:49 - 00:20:11] Auditing Program Effectiveness vs. Compliance [00:20:47 - 00:21:28] Final Thoughts [00:21:28 - 00:21:50] IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Global Practice Guide: Auditing Procurement in the Public Sector, 2nd Edition Online Exclusive: AI in Public Sector Procurement Audit Tool: Procurement Risks and Controls for the Public Sector Examples Third-Party Topical Requirement Global Internal Audit Standards Knowledge Centers: Public Sector Certifications May Sale Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• Ransomware Readiness and the Role of Internal Audit 28.04.2026 21mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit Tech  In this episode, Adam Ross speaks with Vipul Patel about how organizations can better prepare for ransomware attacks. They talk through what goes wrong in the first hours of an attack, what smart preparation looks like, and where traditional audit approaches fall short when a business is in crisis mode.   HOST: Adam Ross, CIA, CISA Partner and Internal Audit Services Leader, Grant Thornton   GUEST: Vipul Patel, CISA Audit and Assurance Managing Director, IT Internal Audit Leader, Deloitte & Touche LLP   KEY POINTS: Introduction [00:00:02-00:00:27] Common Mistakes in Ransomware Response [00:00:27-00:02:14] Building Crisis Communication Plans [00:02:20-00:03:03] A Simple Incident Response Runbook [00:03:03-00:05:03] Internal Audit's Role Before an Incident [00:05:03-00:07:05] Stress Testing and "What If" Scenarios [00:07:05-00:08:01] Tabletop Exercises and Cross-Functional Readiness [00:08:02-00:10:03] Partnering With the CISO and Management [00:10:03-00:11:15] Lessons Learned After Ransomware Incidents [00:11:15-00:14:05] Governance Changes After an Attack [00:14:55-00:16:55] Cyber Risk as a Business Issue [00:16:55-00:17:16] Traits of Organizations That Respond Well [00:17:20-00:19:44] Final Advice for Internal Auditors [00:19:44-00:20:56] Visit The IIA's website or YouTube channel for related topics and more.   IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Global Internal Audit Standards Cybersecurity Topical Requirement Course: Detecting, Mitigating and Responding to Global Ransomware Attacks Articles: A Ransomware Playbook IIA Certificates: IT General Controls Certificate Knowledge Centers: Artificial Intelligence Vison 2035 IIA Courses: Fundamentals of IT Auditing Become a Certified Internal Auditor (CIA) CIA Challenge Exam   Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• The CIA Challenge Exam: A New Pathway for Experienced Professionals 21.04.2026 12mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit    In this episode, Benito Ybarra speaks with Margaret Pacheco about her experience earning the CIA through the Challenge Exam. They discuss who the exam is designed for, how it differs from the traditional three-part path, why it is not a shortcut, and how the CIA can strengthen credibility for internal audit professionals at every stage of their careers.   You can apply for the CIA Challenge Exam now if you meet the eligibility requirements, with multiple testing windows offered throughout the year. If you're planning to qualify through the 10+ years of internal audit experience pilot, you must apply before September 30, 2026, and test during one of the remaining windows in 2026. What's covered on the exam? The CIA Challenge Exam syllabus outlines the topics and structure so you know what to expect. Not sure you're up for the Challenge? The IIA's Challenge Exam practice questions offer a simple way to preview the format and level of difficulty before you commit to the exam.   HOST: Benito Ybarra, CIA  Executive Vice President, Global Standards, Guidance, and Certifications, The IIA GUEST: Margaret Pacheco, CIA, CPA, PMP Managing Director, Protiviti     KEY POINTS: Introduction and Margaret's Background [00:00:27-00:01:20]  Why Margaret Pursued the CIA Through the Challenge Exam [00:01:21-00:02:58]  Is the Challenge Exam a Shortcut? [00:03:06-00:03:33]  How the Challenge Exam Differs From the Three-Part CIA Exam [00:03:39-00:04:38]  Who Is Eligible for the Challenge Exam? [00:04:49-00:06:09]  Why the Challenge Exam Made Sense Later in Her Career [00:06:12-00:06:39]  Study Strategy and Preparation Tips [00:06:40-00:07:53]  How Margaret's CPA Background Helped [00:07:57-00:08:28]  Advice for Candidates Considering the Exam [00:08:30-00:09:01]  What the CIA Has Meant for Margaret's Career [00:09:03-00:09:54]  How the CIA Builds Credibility With Employers and Clients [00:09:58-00:11:05]  Why Accessibility Matters and Final Thoughts [00:11:05-00:11:57]  Challenge Exam Reminder and Pilot Deadline [00:11:57-00:12:32] Visit The IIA's website or YouTube channel for related topics and more. RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: CIA Challenge Exam Global Internal Audit Standards Vison 2035 Become a Certified Internal Auditor (CIA) IAP (Internal Audit Practitioner) Certification Candidate Handbook Certificate Programs Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• The Heartbreaking Fraud 14.04.2026 7mnt

  All Things Internal Audit: Fraud Podcast "The Heartbreaking Fraud" Listen to The IIA's Fraud Podcast, brought to you by All Things Internal Audit. The Fraud Podcast provides fictionalized accounts of real-world frauds featured in Internal Auditor magazine's Fraud department.  In this episode, one ordinary Thursday cracks open a decade of misplaced trust. What starts as a simple payroll question quickly spirals into a trail of inflated salaries, personal charges, and checks written to someone who was practically family. The money is gone, but the real cost runs much deeper. Access the full article here. Read the April issue here. Interested in more fraud-related topics? Earn CPEs by registering for The IIA's Fraud Analytics for Internal Auditors Certificate, available online and in-person. Chapters: Introduction to the Case (00:00:00) Part 1: A Thursday That Changed Everything (00:00:23) Part 2: Something Doesn't Add Up (00:02:46) Part 3: Peeling Back the Layers (00:03:56) Part 4: The Truth (00:05:13) Part 5: A Hard Lesson (00:06:07) Follow All Things Internal Audit: Apple PodcastsSpotify Youtube LibsynDeezer
• From Risk Traditionalist to Risk Strategist: How Internal Audit Must Evolve 07.04.2026 25mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit  What does it take to move an internal audit function from being risk traditionalists to risk strategists, and what's quietly holding most teams back?   In this companion episode to Internal Auditor magazine's "Becoming a Risk Strategist" article, host Erin Banet sits down with Jess Rodgers to examine why the traditional audit model no longer fits the world we're operating in, and what leaders need to unlearn before they can change it. You'll hear three assumptions most audit teams are still running on, a real-world example of transformation done right, and one concrete action CAEs can take in the next six months to start shifting their function's standing with leadership.     HOST: Erin Banet, CPA   Chief Audit and Risk Officer, Humana GUEST: Jess Rodgers, CIA, CPA    Global Internal Audit Leader, EY   Vice Chair, Finance, IIA North American Board   KEY POINTS: Introduction [00:00:02 - 00:00:25] What Defines a Risk Traditionalist Function [00:00:51 - 00:02:31] Why the Traditional Model No Longer Works [00:02:37 - 00:04:22] Assumptions Internal Audit Must Unlearn [00:04:28 - 00:06:39] The Mindset Shift Required for Transformation [00:06:44 - 00:08:44] A Real-World Transformation Example [00:08:44 - 00:11:10] Where Traditional Approaches Fall Short [00:11:10 - 00:13:36] Measuring Success as a Risk Strategist [00:13:36 - 00:15:27] Decision Velocity in Practice [00:15:27 - 00:17:25] Common Barriers to Transformation [00:17:25 - 00:19:23] One Action Leaders Can Take Now [00:19:23 - 00:21:03] Advice for CAEs Navigating the Transition [00:21:22 - 00:23:06] Driving Change Within Audit Teams [00:23:06 - 00:24:36] Closing Thoughts [00:24:36 - 00:25:05]   Visit The IIA's website or YouTube channel for related topics and more. RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Becoming a Risk Strategist — Internal Auditor Magazine (April Issue) Global Internal Audit Standards Vison 2035 GTAG: Continuous Auditing and Monitoring Learning Solutions: Agile Auditing Global Guidance: Developing a Risk-Based Internal Audit Plan, 2nd Edition Learning Solutions: Fundamentals of Risk-based Auditing Become a Certified Internal Auditor (CIA) Risk in Focus 2026 EY Global Risk Transformation Study Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• Women in Internal Audit: Five Leaders on Voice, Power, and Owning the Room 31.03.2026 36mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit  Five women. Five careers. Decades of experience across some of the world's largest organizations. They didn't just find their way into this profession. They helped shape it.  In this companion episode to Internal Auditor magazine's "Leading the Way" article, five internal audit leaders sit for a conversation that's long overdue: Erin Banet, Doris Myles, Chrysti Ziegler, Dominique Vincenti, and Beili Wong. Together, they cover the careers they built, the rooms they walked into alone, and what they'd tell every woman in this profession today. You'll hear why preparing thoroughly is not the same as having permission to speak. You'll learn what it looks like to walk into a high-stakes conversation as a professional first, not as a woman managing a narrative. You'll hear the bad advice one of them ignored, and what happened when she did. And you'll discover what sponsorship really means when it's the difference between being mentored and having someone actively advocate on your behalf.     HOST: Catie Brown Associate Manager & Producer, Content Development, The IIA GUESTS: Erin Banet, CPA Chief Audit and Risk Officer, Humana Chrysti Ziegler, CIA, CRMA, CFE Chief Auditor, Citgo Petroleum Corporation Dominique Vincenti, CIA, CRMA Immediate Past CAE, Uber Board Member, Loft Orbital Beili Wong, CIA, CISA, CPAComptroller General, Ontario Treasury Board SecretariatDirector, Global Guidance, IIA Global Board of Directors Doris Myles, CIA, CPA Director of Internal Audit, St. Jude Children's Research Hospital     KEY POINTS: Introduction: Women's Voices in Internal Audit [00:00:02 – 00:01:33] Career Journeys Into Internal Audit [00:02:12 – 00:09:01] Finding Your Voice in High-Stakes Conversations [00:09:01 – 00:12:14] Confidence vs. Permission [00:12:21 – 00:15:23] Owning Expertise and Leading the Narrative [00:15:23 – 00:18:23] Early Career Challenges and Speaking Up [00:18:23 – 00:20:07] Progress of Women in Internal Audit Leadership [00:20:07 – 00:21:24] Redefining Leadership Through Empathy and Relationships [00:21:24 – 00:23:51] Women as Strategic Leaders, Not Just Technicians [00:23:51 – 00:24:57] The Value of Sponsorship vs. Mentorship [00:26:25 – 00:29:21] Creating Opportunities and Building Networks [00:29:21 – 00:31:51] Balancing Career and Personal Life [00:31:51 – 00:33:57] Final Reflections: Passion, Risk, and Owning Your Space [00:34:03 – 00:36:02] Closing Remarks [00:36:02 – 00:36:45]   Visit The IIA's website or YouTube channel for related topics and more.   IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Leading the Way — Internal Auditor Magazine (April Issue) How Personal Branding Benefits Female Leaders Building a Better Auditor: Celebrating Women Who Paved the Way Internal Auditing Competency Framework Vison 2035 Become a Certified Internal Auditor (CIA) Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• Communicating with the Board: Turning Audit Insights into Impact 24.03.2026 34mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit  In this companion episode to the Global Best Practices' Elevating Internal Audit Communication With the Board, Rob Clark Jr. and Fábio Pimpão discuss how internal auditors can communicate more effectively with boards and executive leaders. They explore how to simplify complex risks, use storytelling to drive impact, and align messaging with what boards care about, from financial and reputational risk to strategic priorities. The conversation also covers practical tips for preparing for board presentations, leveraging AI, and building trusted relationships across the organization.     HOST: Rob Clark Jr., CIA, CCEP, CBM Chief Audit Executive, City of Hope GUEST: Fábio Pimpão, CIA, CRMA, CCSA Director, Internal Audit, Whirlpool Corporation Director, Professional Certifications, IIA Global Board of Directors   KEY POINTS: Introduction [00:00:40 - 00:01:46] How Board Expectations Have Evolved [00:01:46 - 00:03:32] Simplifying Complex Risks for the Board [00:04:19 - 00:06:00] Why Communication Is a Critical Audit Skill [00:06:00 - 00:07:55] Using AI to Improve Clarity and Messaging [00:07:17 - 00:08:13] Storytelling as a Tool for Impact [00:13:15 - 00:16:05] Preparing for Board Presentations [00:16:05 - 00:18:59] Translating Technical Issues into Business Impact [00:21:26 - 00:25:30] Focusing on Financial and Reputational Risk [00:25:30 - 00:26:55] Building Trusted Relationships Across the Organization [00:27:00 - 00:31:35] Final Advice: Priorities, Storytelling, and Driving Impact [00:31:35 - 00:32:38]   Visit The IIA's website or YouTube channel for related topics and more.   IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Global Best Practices: Elevating Internal Audit Communication With the Board Global Internal Audit Standards Course: Using the Standards to Communicate Clearly with the Board Vison 2035 Global Audit Committee Center Become a Certified Internal Auditor (CIA) 2026 Analytics, Automation and AI Virtual Conference Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• Why Shadow IT Might Be Your Strongest Control 17.03.2026 51mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit Tech  In this episode, Daniel McCarville speaks with Bill Bensing about shadow IT and why it continues to emerge inside organizations. They explore how shadow IT often signals innovation rather than just risk, and how internal auditors can help organizations balance experimentation, governance, and operational control. The conversation also introduces a practical framework for understanding how ideas move from exploration to validation and ultimately into formal operations.   HOST: Daniel McCarville Associate Vice President of Internal Audit Arch Capital   GUEST: Bill Bensing Chief Technologist and Co-Founder Attestify   KEY POINTS: Introduction [00:00:02-00:00:39] What Is Shadow IT? [00:00:39-00:01:56] Why Shadow IT Exists in Organizations [00:02:13-00:05:08] Shadow IT as a Source of Innovation [00:05:33-00:08:03] Why Small Internal Solutions Can Deliver Big Value [00:06:10-00:07:33] The Role of Shadow IT in Validating Ideas [00:09:14-00:10:56] Why Innovation Often Fails to Take Hold [00:12:41-00:14:00] How Leaders Can Enable Innovation Safely [00:14:00-00:16:54] Building Communities and Internal Flywheels of Innovation [00:17:00-00:18:55] Developing Internal Innovation Teams [00:19:08-00:21:24] Why Experimentation and Imperfection Are Necessary for Innovation [00:21:59-00:22:59] How Auditors Should Rethink Shadow IT Risk [00:23:02-00:24:17] The Exploration-Validation-Operation Model [00:24:17-00:28:07] Internal Audit's Role Across the Innovation Lifecycle [00:28:07-00:31:11] Addressing Shadow IT Risks Without Stifling Innovation [00:32:29-00:35:32] Why Building Tools Strengthens Career Growth [00:37:11-00:39:04] Learning Principles vs. Learning Tools [00:39:21-00:41:51] How Auditors Can Encourage Innovation While Maintaining Controls [00:41:59-00:46:30] Final Thoughts: Enabling Coordination Across the Three Lines [00:47:39-00:50:14] Visit The IIA's website or YouTube channel for related topics and more.   IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Global Internal Audit Standards IIA Certificates: IT General Controls Certificate Knowledge Centers: Artificial Intelligence Vison 2035 Become a Certified Internal Auditor (CIA) IIA Courses: Fundamentals of IT Auditing Combined Assurance 2026 Analytics, Automation and AI Virtual Conference  The Big Idea: Shadow AI Isn't Just a Sign of Control Gaps   Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• AI Ethics in Internal Audit 10.03.2026 32mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit Tech    In this episode, Antonio Cacciapuoti and Alessandro Casarotti unpack the ethical challenges of artificial intelligence in internal audit and anti-financial crime. They discuss AI hallucinations as a risk to be governed, not eliminated, and examine why governance, accountability, and human judgment are central to ethical AI.    HOST: Antonio Cacciapuoti, CIA, CAMS Head of Internal Audit, Eurizon Capital Vice President, IIA Luxembourg   GUEST: Alessandro Casarotti Director, Forensic & Anti-Financial Crime, PwC Luxembourg   KEY POINTS: AI Hallucinations as a Governance Risk (00:00:28 – 00:02:46) How AI Developers Build Ethical Safeguards (00:02:50 – 00:06:10) Human Judgment and Ethical Decision-Making in AI (00:06:14 – 00:09:26) Automation, Accountability, and Ethical Responsibility (00:09:26 – 00:10:49) Global Approaches to AI Regulation (00:10:49 – 00:14:52) Why "Human in the Loop" Is Necessary but Not Sufficient (00:14:52 – 00:19:10) Strengthening Governance and Risk Controls for AI (00:19:10 – 00:21:01) Using AI in Anti-Financial Crime Investigations (00:21:01 – 00:24:12) How Fraudsters Attempt to Bypass AI Safeguards (00:24:12 – 00:27:44) The Future Relationship Between Internal Auditors and AI (00:27:44 – 00:31:17)   Visit The IIA's website or YouTube channel for related topics and more.   IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Global Internal Audit Standards Domain II: Ethics and Professionalism Knowledge Centers: Artificial Intelligence Vison 2035 Become a Certified Internal Auditor (CIA) 2026 Analytics, Automation and AI Virtual Conference   Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• Who Audits the Internal Auditor? Self-Regulation as Internal Audit's Superpower 03.03.2026 26mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit    In this episode, Mike Jacka and Tshepo Mofokeng tackle one of the most common questions internal auditors face: Who audits the auditors? They break down how the quality assurance and improvement program (QAIP), professional standards, peer reviews, and self-regulation protect the integrity of the profession. They discuss how quality assurance strengthens credibility with boards, builds trust with stakeholders, and positions internal audit as a strategic advisor.   HOST: Mike Jacka, CIA, CPA, CPCU, CLU Chief Creative Pilot at Flying Pig Audit, Consulting, and Training Solutions   GUEST: Tshepo Mofokeng, CIA, CRMA CAE, Sefako Makgatho Health Sciences University Global Board of Directors, The IIA   KEY POINTS: Introduction: Who Audits the Auditors? [00:00:06–00:01:23] What QAIP Really Means and Why It Matters [00:01:29–00:02:43] The Role of Standards in Professional Legitimacy [00:03:05–00:03:58] Explaining Self-Regulation to the Board vs. Management [00:04:02–00:06:06] Addressing Defensiveness and Educating Peers [00:06:52–00:08:10] Moving from Compliance to Credibility in Quality Reviews [00:08:43–00:11:28] Measuring Impact, Not Just Audit Volume [00:12:01–00:13:39] Marketing Internal Audit's Value Through Quality [00:14:02–00:14:30] Finding Time for Quality Assurance Work [00:14:40–00:15:22] Real-World Example: How Peer Review Strengthened Trust [00:15:24–00:17:48] When Weak Self-Regulation Damages Trust [00:17:52–00:20:48] The Future of QAIP and Vision 2035 [00:21:02–00:23:19] Internal Audit's "Superpower" with the Board [00:23:21–00:25:11]   Visit The IIA's website or YouTube channel for related topics and more.   IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Global Internal Audit Standards Quality Assurance and Improvement Program Vison 2035 Become a Certified Internal Auditor (CIA) 2026 Analytics, Automation and AI Virtual Conference   Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• Trust Is the Currency: How Internal Audit Proves Its Value in Fast-Moving Organizations 24.02.2026 41mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit    In this episode, Scott Madenburg and Sanjay Vadlamani talk trust; and why it's the defining currency of internal audit. From hyper-growth environments to large, mature organizations, they discuss how audit teams can build credibility, and deliver value without slowing the business down. Through real-world use cases; including AI-assisted code reviews, ERP implementations, and building an internal audit function from scratch, they share practical examples of how trust enables earlier insights, stronger controls, and a true seat at the table.   HOST: Scott Madenburg, CIA, CISA, CRMA Founder and President, ARC Hybrid Corporation   GUEST: Sanjay Vadlamani, CIA, CISA, CISM, CRISC Senior Manager, Internal Controls, PayJoy   KEY POINTS: Defining Trust in Internal Audit [00:01:27 – 00:03:17] Holistic Risk and Connected Controls [00:03:55 – 00:07:01] Bridging the Gap Between Audit and Leadership [00:07:15 – 00:10:18] Small vs. Large Organization Trust Challenges [00:11:45 – 00:13:56] High-Growth Tension: Will Audit Slow Us Down? [00:14:14 – 00:16:51] AI-Assisted Code and "Slow Down to Speed Up" [00:17:01 – 00:18:53] Building Trust from Scratch in a Developing Organization [00:19:09 – 00:23:19] Early Insight Through ERP Implementation [00:23:49 – 00:26:02] Rolling Up Sleeves: Creating SOPs and Process Improvements [00:26:25 – 00:28:35] Where Audit Can Undermine Trust [00:29:28 – 00:33:16] Audit Committee Alignment and Expectation Management [00:33:16 – 00:36:44] The Next 6–12 Months: AI Literacy and Critical Thinking [00:37:00 – 00:40:52]   Visit The IIA's website or YouTube channel for related topics and more.   IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Global Internal Audit Standards Resources: Governance Course: Building Stakeholder Relationships Course: Effective Communication and Conflict Resolution for Internal Auditors GAM 2026   Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• Supply Chain Risk: From Operational Disruptions to Strategic Business Risk 17.02.2026 47mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit    In this episode, Adam Ross is joined by Filipe Ribeiro and Julien Perreault to discuss how supply chain risk has evolved into an interconnected, enterprisewide challenge. They discuss where organizations underestimate exposure, how risks quietly accumulate across the value chain, and why internal audit is uniquely positioned to identify blind spots before disruptions escalate. The conversation spans real-world examples from agriculture and highly regulated industries, third-party risk, continuous monitoring, and the growing impact of automation and AI on supply chains.   HOST: Adam Ross, CIA, CISA Partner, Grant Thornton Advisors LLC GUEST: Filipe Ribeiro, CIA, CRMA, CFE Group Internal Audit Manager, Aldar Julien Perreault, CPIM, MBA Experienced Manager, Sourcing and Supply Chain Advisory, Grant Thornton Advisors LLC   KEY POINTS: Introduction to Modern Supply Chain Risk [00:00:02–00:01:22] From Operational Inconvenience to Strategic Risk [00:01:22–00:02:24] Why Supply Chain Risk Is Now Systemic and Enterprisewide [00:02:32–00:03:11] Where Organizations Commonly Underestimate Exposure [00:03:22–00:04:33] When "Green Dashboards" Mask Emerging Risk [00:03:33–00:05:08] How Informal Workarounds Quietly Accumulate Enterprise Risk [00:05:08–00:05:47] Agricultural Case Study: How Small Upstream Delays Become Major Downstream Failures [00:05:53–00:07:52] Using Continuous Monitoring to Detect Hidden Timing and Dependency Risks [00:07:57–00:12:26] Supply Chain Risk in Remote, Capital-Intensive, and Highly Regulated Environments [00:12:54–00:15:25] Balancing Regulatory Compliance and Operational Efficiency [00:15:42–00:18:55] Procure-to-Pay Risk and the Rise of Operational "Noise" [00:19:14–00:21:01] When Exceptions Become the Normal Operating Model [00:21:01–00:23:15] Third-Party Risk as a Business Resilience Issue [00:25:15–00:27:12] Governance, Speed of Business, and Supplier Ecosystems [00:27:12–00:30:25] Managing Supplier Concentration Risk Without Sacrificing Resilience [00:31:20–00:35:04] Geographic and Cultural Complexity as an Underestimated Risk Driver [00:35:36–00:37:27] How Internal Audit Can Add Value Without Compromising Independence [00:38:35–00:41:29] Emerging Risks: Automation, AI, Data Quality, and Governance Lag [00:41:47–00:46:18] Final Thoughts on the Future of Supply Chain Risk [00:46:29–00:47:05]   Visit The IIA's website or YouTube channel for related topics and more.   IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Global Internal Audit Standards Third-Party Topical Requirement Continuous Auditing and Monitoring, 3rd Edition Boardroom: Breaks in the Chain GAM 2026   Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• Fraud Podcast: The Fall of the Trusted Leader 10.02.2026 7mnt

  All Things Internal Audit: Fraud Podcast "The Fall of the Trusted Leader" Listen to The IIA's Fraud Podcast, brought to you by All Things Internal Audit. The Fraud Podcast provides fictionalized accounts of real-world frauds featured in Internal Auditor magazine's Fraud department.  In this episode, a small-town bank built on trust begins to unravel when a persistent internal auditor notices patterns that don't quite add up. What starts as a routine review of commercial lending reveals missing records, suspicious payment activity, and mounting resistance from leadership. As regulators step in, the true scope of the scheme comes into focus, exposing how unchecked authority and weakened controls can bring down even the most trusted institutions. Access the full article here. Read the February issue here. Interested in more fraud-related topics? Earn CPEs by registering for The IIA's Fraud Analytics for Internal Auditors Certificate, available online and in-person. Chapters: Introduction to the Case (00:00:00) Part 1: The Bank Everyone Trusted (00:00:23) Part 2: Patterns Don't Lie (00:01:55) Part 3: Pressure Builds (00:03:07) Part 4: What the Files Revealed (00:04:30) Part 5: The Cost of Trust (00:06:06) Follow All Things Internal Audit: Apple PodcastsSpotify Youtube LibsynDeezer
• Five Years In: Anthony Pugliese on Leading a Global Profession Through Change 03.02.2026 42mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit    In this special milestone episode, Terry Grafenstine sits down with Anthony Pugliese to reflect on five years of leadership at The IIA. He shares what it's meant to lead a global profession during a period of unprecedented change, from modernizing the Standards and advancing advocacy to strengthening the talent pipeline and navigating cultural complexity across more than 100 countries. The conversation discusses leadership through influence, professional judgment, integrity, and what it truly means to represent an entire profession on the world stage.    HOST: Terry Grafenstine, CIA, CPA, CGAP, CISSP, CISA Former Global Chair, The Institute of Internal Auditors GUEST: Anthony Pugliese, CIA, CPA, CGMA, CITP President & CEO, The Institute of Internal Auditors   KEY POINTS: Introduction and Five Years of Leadership [00:00:02–00:02:47] What Makes Leading a Global Professional Association Unique [00:03:03–00:06:16] Leading Through Influence, Buy-In, and Indirect Authority [00:06:27–00:08:08] The Weight of Representing an Entire Profession [00:08:15–00:10:17] Building a Truly Global Culture at The IIA [00:10:39–00:13:53] Balancing Legacy With the Changing Needs of the Profession [00:14:01–00:16:10] Advice for New and Emerging Internal Audit Leaders [00:17:01–00:19:11] What Strong Internal Audit Leadership Looks Like Today [00:19:44–00:23:13] What the CEO Role Looks Like Behind the Scenes [00:24:00–00:27:40] Managing Diverse Perspectives Across a Global Profession [00:27:48–00:29:27] How the Pace of Change Has Redefined the Role [00:30:10–00:32:16] Staying Grounded Amid Travel, Pressure, and Responsibility [00:32:23–00:34:06] What Anthony Hopes Members Feel From This Chapter of Leadership [00:34:19–00:36:35] The Most Meaningful Part of Leading The IIA [00:37:26–00:39:47] Final Reflections on the Future of the Profession [00:39:56–00:41:35] Visit The IIA's website or YouTube channel for related topics and more. IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Vision 2035 Global Internal Audit Standards About Us: Anthony J. Pugliese Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer
• Preparing Audit Teams for Swarm Auditing 27.01.2026 29mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit Tech   Internal audit is no longer operating in a world of fixed scopes and hindsight reviews. As risk becomes continuous, digital, and increasingly driven by AI-enabled decisions, audit must evolve just as quickly.     In this episode, Aadesh Gandhre is joined by Dave Montez and Richard Penfil from PayPal to introduce swarm auditing; an emerging approach that combines human judgment with orchestrated AI agents working in parallel. They discuss how audit functions can move beyond prompt libraries, embed AI directly into audit workflows, and rethink the assurance operating model without sacrificing independence or professional judgment.   HOST: Aadesh Gandhre, CISA Chief Audit Executive, DTCC GUESTS: Dave Montez Chief Audit Executive, PayPal Richard Penfil Data Science Manager, Audit Operations, PayPal   KEY POINTS: Introduction to Swarm Auditing and the Limits of Traditional Audit Models [00:00:02–00:01:25] Why Audit Must Evolve for Continuous, AI-Driven Risk [00:01:40–00:03:26] From Static Audit Cycles to Constant Evolution [00:03:27–00:04:17] The "Flip Phone in a Smartphone World" Analogy [00:04:54–00:05:12] The Mindset Shift Required for Swarm Auditing [00:05:48–00:07:32] Cultural, Legal, and Psychological Barriers to AI Adoption [00:07:36–00:08:41] Failing Forward and Creating Permission to Experiment [00:08:49–00:09:54] From Doers to Reviewers: How the Auditor's Role Evolves [00:10:02–00:11:28] Responsiveness to Change as a Core Audit Skill [00:11:40–00:12:29] Building AI for Audit vs. Adopting Enterprise AI [00:12:39–00:14:23] Making Space for AI Experimentation Within the Audit Plan [00:14:32–00:16:35] Embedding AI Into Daily Audit Workflows [00:16:45–00:18:45] What Swarm Auditing Really Means [00:19:00–00:20:39] Managing Independence While Sharing AI Capabilities [00:21:10–00:22:32] Moving Beyond Prompt Libraries to Agentic Swarms [00:23:38–00:25:03] Collaboration Across Audit Functions and the Profession [00:25:14–00:27:09] One Meaningful First Step Toward Swarm Auditing [00:27:50–00:28:25] Closing Thoughts on the Future of Audit and Innovation [00:28:31–00:29:26] IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: GAM 2026 2026 Analytics, Automation and AI Virtual Conference AI Knowledge Centers Learning Solutions: Leveraging Artificial Intelligence in Internal Audit Global Internal Audit Standards   Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer  
• AI Regulation Is Here: What Internal Auditors Need to Know Now 20.01.2026 17mnt

  The Institute of Internal Auditors Presents: All Things Internal Audit AI regulation is no longer on the horizon. It's here. In this episode, Ernest Anunciacion talks with Marko Horvat about how global AI regulations are reshaping governance, risk management, and the role of internal audit. They discuss why regulators are prioritizing risk to individuals and how AI governance spans the full system life cycle. HOST:Ernest Anunciacion, CIA Head of Product Marketing, MindBridge AI   GUEST: Marko Horvat, CPASenior Vice President of Business Transformation, ELB Learning   KEY POINTS: Introduction and episode overview [00:00:01 – 00:00:28] Why AI regulation is accelerating globally [00:00:56 – 00:01:26] How regulators are redefining risk as harm to individuals [00:01:35 – 00:02:18] EU-style risk tiering and prohibited vs. high-risk AI use cases [00:02:37 – 00:03:36] Human-in-the-loop expectations and judgment-based AI decisions [00:03:36 – 00:04:11] What regulators expect organizations to demonstrate [00:04:31 – 00:05:32] Internal audit's expanding role across the AI life cycle [00:05:38 – 00:06:39] Readiness assessments and the challenge of locating AI use [00:06:59 – 00:07:27] AI literacy skills auditors need today [00:07:43 – 00:09:29] Explainable AI, hallucinations, and model drift [00:08:21 – 00:09:29] Common audit gaps: shadow AI, monitoring, and third-party risk [00:09:44 – 00:12:00] Why vendor AI does not transfer accountability [00:12:02 – 00:12:21] What internal audit teams should be doing right now [00:12:32 – 00:14:28] Balancing continuous monitoring with new risk exposure [00:13:48 – 00:14:20] Partnering with legal and compliance on AI governance [00:14:40 – 00:15:10] Final takeaways: AI regulation is no longer theoretical [00:15:28 – 00:16:31] IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: GAM 2026 2026 Analytics, Automation and AI Virtual Conference AI Knowledge Centers Learning Solutions: European Union Regulations Learning Solutions: Leveraging Artificial Intelligence in Internal Audit Global Internal Audit Standards   Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer