Fostering trust, embracing agility

Internal Audit (IA) activities in Oman must remain agile when developing their 2024 audit plans as their organizations face evolving challenges. The uncertainty and disruption seen across the global business landscape last year continue to intensify pressure on the risk and control environment. Most organizations continue to navigate supply chain uncertainties, impacts of inflation, evolving regulations, and geopolitical uncertainties. The audit plan needs to be flexible, and the methodology and audit approach needs to be consistently challenged.

A practical and sound risk-based IA plan is one of the most critical components for determining IA’s success as a value-adding and strategic business partner. According to the Global Internal Audit Standards as issued by the Institute of Internal Auditors (IIA) Standard 9.4 ‘Internal Audit Plan’ – The Chief Audit Execution (CAE) team must base the Internal Audit plan on a documented assessment of the organization’s strategies, objectives, and risks.

This publication aims to assist CAE’s and wider stakeholders during their annual audit planning process. It should help your IA consider a broad range of emerging themes and opportunities in the current context. We hope it will provoke thought and facilitate discussion. If you would like to explore further the topics covered within this report, please contact us.

IA functions must remain agile when developing their 2024 audit plans as their organizations face evolving challenges. The uncertainty and disruption that was seen across the global business landscape last year continue to intensify pressure on the risk and control environment. Most organizations continue to suffer from supply chain uncertainties, the impact of inflation, and geopolitical uncertainties.

To support heads of IA, we have identified and compiled the key thematic areas and related risks that IA functions should consider. The areas below include both emerging and established risks that IA should consider when preparing its agile annual IA plan for 2024.

While this is not an exhaustive list, it can serve as a starting point from which the IA functions can leverage when assessing the organization’s risk profile and control environment throughout 2024.

1. Environment, social and governance 
2. Cyber security
3. Data privacy 
4. Digital disruption and emerging technology
5. Outsourcing and managing third-party risk
6. Global economic and geopolitical uncertainty
7. Enterprise resilience 
8. People and talent management
9. Regulatory compliance
   

This publication aims to assist CAE’s and wider stakeholders during their annual audit planning process. It should help your IA consider a broad range of emerging themes and opportunities in the current context.