When the CAE Is the Bearer of Bad News - and Gets Shot in the Process

Too many of my CAE-level (and other senior internal audit leaders) have shared with me stories of how they identified inappropriate activities, reported them to the audit committee, and found themselves out of a job within a year to 18 months.

Here is one story that I heard today:

On three occasions in my career I have left elevated (non CAE) positions with my employer. In each of these situations I firmly believed that something that the organization was doing was highly unethical and/or not in the best interest of the organization, placing it at risk. Two of the organizations actually admitted that what was being done was in direct violation of the organization’s policies and in one situation state employment laws. In one situation I had my exit meeting with HR, and in the other two organizations only with the CAE.

All CAEs recognize that this is a risk, and in my experience they all accept it with full knowledge that their career at their company may effectively end with the delivery of the bad news. It may take a while for management to find a way to organize a farewell party, and there may be some level of support (frequently not) from the audit committee, but the risk is real.

Leaving aside the issue of legal recourse, and the behaviors of executive management and the audit committees involved, do you believe that the IIA should do something to help CAEs and other internal audit leaders when this type of issue arises? Should there be an Ombudsman or other support person/group that is enabled by the IIA?

Posted on May 12, 2010 by Norman Marks

Share This Article:    

  Comments (6) un-categorized
  1. Comment by: A Wounded But Surviving CAE   (5/13/10 10:13 AM)   

    Norman,

    Yes, definitely. There should be a way for Internal Auditors to send (anonymously if they wish) their stories in to IIA, so the instances and frequency of occurrences can be widely communicated to its members . This happened to me and I was out of a job in less than a year, and then unemployed for over a year. I think the IIA owes it to the profession, and the business community in general, to protect its members who are doing the right thing and addressing fraud, corruption and the general lack of business morals and ethical behavior that is so widespread today.

    As noted in IIA Insight in November of 2006, " During the past two years, The Institute has ramped up its focus on advocacy so much, that it has become one of the three main objectives of the IIA's Strategic Plan."

    Possibly the IIA Board or the Advocacy Committee needs to move beyond mere advocacy and into the realm of protecting its members and providing assistance to those who are on the front lines of the never ending battle against corporate abuse and crime. Lack of protection for its members could result in a dwindling supply of professionals who are dedicated to the promotion of  corporate responsibility, compliance and effective governance practices. Increasing efforts to protect its members serves the best interests of the business world, the auditing profession and the IIA itself!

     

  1. Comment by: Norman Marks   (5/13/10 11:01 AM)   

    I encourage people who have been through this to leave anonymous comments. If you are not sure how to do that but are OK with my knowing who you are, contact me directly (norman.marks@sap.com) and I will post for you.

  1. Comment by: Anonymous   (5/17/10 12:32 PM)   

    Part 1 of 2:

    I would like to point out that it is not always the CAE who is in the line of fire, but also lower level IA employees who do not receive the support they need from their CAE in difficult audits.  This was the situation I found myself in.  On the day I was released from the company, my own CAE demanded that I release a clear audit finding, with no rationale provided.  I know that my CAE had no intention of addressing what I considered to be a very significant, but sensitive issue that posed considerable risk to the company.   Throughout the audit, I had received constant criticism, pressure and scope limitation, in spite of the considerable evidence I had obtained.  It is quite possible that the CAE herself was in fear of losing her job and unsure what to do.

     
    I certainly believe the IIA can and should do more to support their members, or they will lose their best and brightest.  While promoting courage and integrity, I find there is a noted silence in IIA literature on the very real possibility of job loss.  I am now having difficulty finding a job, as I find that my own IA colleagues do not seem to understand that job loss is a hazard of the profession, and possibly even the mark of a good auditor.  This reality needs to be acknowledged, to reduce the stigma of job loss within the profession. 
  1. Comment by: Anonymous   (5/17/10 12:37 PM)   

    Part 2 of 2:

    When the suppression of independent thought happens within our own IA department, the IIA can play a greater role.  Perhaps the IIA's standards for QARs could include a requirement to ask of employees (and individuals who left within the last year) whether there is inappropriate pressure to suppress or change findings - whether from management, board or IA management.
     
    Finally, the IIA should provide support and guidance to both CAEs and file and rank auditors who are trying to maneuver through sticky situations and fear job loss, or those for whom this fear has already become a reality. 
     
    Losing one's job because you have done your job too well is a crushing blow.  The IIA needs to acknowledge how much they are asking from their members, and own up to their responsibility to assist auditors who have met the IIA call for independence with the ultimate sacrifice - their jobs.
  1. Comment by: David Tate, Esq.   (6/9/10 11:12 PM)   http://davidtate.us

    I have suggested that the IIA conduct a survey to better quantify the extent of the problem.  Possible solution, the outside auditor audits the reason why the CAE leaves.  That doesn't protect a lower level internal audit professional but it is a start.  David Tate, Esq., http://davidtate.us

  1. Comment by: David Tate, Esq.   (6/10/10 09:30 AM)   http://davidtate.us

    Another thought, when evaluating internal controls, doesn't  the outside auditor already do some kind of an evaluation of internal audit.  How about a simple requirement that the outside auditor discuss with anyone who has left the internal audit department their reasons for leaving?

    David Tate, Esq.

Leave a Reply