The IIA’s Great Audit Minds Conference Set for March 9–11 in Las Vegas
Annual event will spotlight emerging technology and trends shaping the profession’s future.
The Institute of Internal Auditors (IIA) will host its Great Audit Minds Conference March 9–11 in Las Vegas, bringing together internal audit leaders and practitioners to explore the technologies and trends redefining the profession. The annual event is designed to provide practical insight into the evolving risk landscape and the expanding strategic role of internal audit.
According to an IIA press release, the conference will focus on emerging technologies, innovation, and forward-looking practices that are transforming how assurance and advisory services are delivered. Attendees will have opportunities to engage with subject-matter experts and peers on topics that are top of mind for audit functions globally.
“Each year, the Great Audit Minds conference brings together thought leaders at the forefront of the internal audit and risk profession to help shape the agenda for the year ahead,” said Anthony Pugliese, president and CEO of The IIA. “By combining strategic foresight with practical applications for innovation in audit and risk, GAM is designed to help practitioners explore emerging risks, strengthen board and organizational alignment, and harness the new technologies shaping the future of internal audit.”
Key themes will include:
- The rise of agentic AI. Emerging AI use cases in risk, compliance, and audit frameworks for safely piloting and scaling agentic AI within audit workflows.
- Fraud in the digital age. New and evolving fraud risks, including deepfakes, and how to develop agile fraud risk management strategies, including practical implementation of tools for fraud detection and prevention.
- Leadership and reporting relationships. Strengthening board alignment and mastering executive relationships between CAEs and the administrative reporting line, including the CEO, CFO, and chief legal officer.
- The evolving audit function. Modern approaches to reporting, communication, and stakeholder influence and how to adapt audit methodologies to support agile, strategic execution.
IIA and AuditBoard Survey Highlights Rising Concern Over AI-Enabled Fraud
Findings show gap between awareness of risk and confidence in audit preparedness.
Artificial intelligence is rapidly reshaping fraud risk, and internal audit functions are working to keep pace. A new joint report by The Institute of Internal Auditors (The IIA) and software firm AuditBoard reveals that internal audit leaders are increasingly alert to the risk of AI-enabled fraud. Yet, many remain uncertain whether their teams are fully prepared to address it.
The report is based on insights from a survey of more than 370 senior internal audit leaders in North America. It found that 85% or respondents view AI-enabled fraud as either a high or moderate risk, but fewer than 40% believe their teams are adequately prepared to detect this kind of threat, according to an IIA press release.
“AI is reshaping how organizations operate, driving greater efficiency, automation, and insight,” said Anthony Pugliese, president and CEO of The IIA, quoted in the release. “At the same time, those capabilities are increasingly being leveraged to enable more sophisticated and scalable fraud. As adoption accelerates, internal audit has a critical role to play in helping organizations understand these risks, identify emerging threats, and respond effectively.”
Among the survey’s key findings:
- 57% of respondents said their teams currently assess control weaknesses that enable fraud, and 51% advise management on AI-related governance or policy updates. Other ways they are taking action: supporting awareness or training initiatives, cited by 40%; testing or strengthening fraud prevention and detection, 38%; providing fraud risk assessments to leadership (31%); and investigating and documenting AI’s role in fraud incidents, 26%.
- 88% identified AI-powered phishing attacks as the top concern for audit leaders. Other leading threats include fabricated invoices or financial documents, cited by 65%; automated social engineering, 58%; and deepfake audio or video impersonation, 45%.
- 57% cited a lack of appropriate technology or tools as one of the primary barriers to increasing response effectiveness and preparedness. That was followed closely by insufficient staff with relevant skills or expertise, cited by 55%. Other barriers: a limited financial budget, 46%; competing organizational priorities, 43%; and insufficient time to dedicate to AI-specific risk management efforts, 43%.
The report also outlines three priorities for internal audit teams, describing how to address them, according to an article in CFOtech Asia. They include building skills of team members through continuous training; aligning AI use across the organization; and collaborating across functions, treating defense as a shared responsibility.
Deloitte Executive Urges Internal Audit Leaders to Spotlight Team’s Strategic Value
CFO Dive article highlights the need for stronger communication as the profession evolves.
Internal audit leaders need to be vocal within their organizations about what their teams do and how they do it, almost as if they are conducting a marketing campaign or branding effort. This will go a long way toward the evolution of internal audit’s role, which is moving away from “assurance for the sake of assurance” toward a focus on anticipating key risks as a trusted business advisor.
This was part of the message in a recent interview in CFO Dive with Mike Schor, U.S. internal audit market offering leader with global accounting and audit firm Deloitte. Schor has spent 24 years at the Big Four firm in its internal audit practice, and he serves as a champion of its U.S. internal audit operations and as a global innovation leader for the function. From that vantage point, he often thinks about how to modernize the role of the profession.
“We believe internal audit can be a change agent and actually help organizations adapt more quickly than they otherwise would,” he said. As such, internal audit must become more “vocal with the rest of the enterprise about who they are, what their method is, why they’re doing it and how they can help promote our organization,” Schor said.
He spoke about the need for more open dialogue between internal audit, the CFO, and other functions. In fact, there should be more coordination as well, he said. “Of course, we need to maintain independence and objectivity in all the work that we do, but there is a way for everyone to work together for that greater good of the enterprise.”
Internal Audit’s Power and Expertise Requires More than a Growth in Headcount
Corporate Compliance Insights article touts the training value of credentials such as CIA.
As organizations confront expanding regulatory demands and increasingly complex risks, building internal audit capacity is not simply a matter of adding staff. True effectiveness comes from developing audit teams with high levels of knowledge, professional judgment, and critical thinking.
Internal audit is about true expertise, not just staffing numbers, according to a recent article in Corporate Compliance Insights, which emphasizes that organizations should focus on the quality of skills on internal audit teams. While resource constraints are real for many audit functions, the piece suggests that scaling headcount without strengthening competencies may create only the appearance of readiness.
Instead, internal auditors must be trained to challenge what executives claim, following the flow of cash or data through every step to prove that a protocol holds firm when dangers arise. This kind of work distinguishes the master from the novice, and it can help top executives and the board of directors in their decision-making roles.
“A persistent challenge in modern corporate governance is translating operational risk into strategic language that boards can act upon,” the article says. “Audit committees are frequently inundated with hundreds of pages of low-level findings — missing signatures or minor variance reports — while systemic risks go unreported.”
Credentialing plays a central role in building that expertise, the article says. Professional certifications such as Certified Internal Auditor (CIA) provide structured frameworks that help auditors sharpen analytical rigor, ethical grounding, and risk-based thinking. The article highlights how credentialed professionals are often better equipped to assess complex control environments, interpret regulatory expectations, and exercise sound judgment in ambiguous situations.
Internal Audit Faces Expanding Responsibilities Under Groundbreaking EU AI Act
Wolters Kluwer article outlines how the profession must adapt to meet a growing need.
As artificial intelligence shifts from innovation initiative to regulated activity in the European Union, internal audit teams are being called on to help organizations navigate the sweeping requirements of the EU AI Act. The landmark regulation represents the world’s first comprehensive attempt to regulate risks to individuals, organizations, and societies through a binding legal framework.
A recent Wolters Kluwer article calls the EU AI Act — first proposed in 2021 and finalized in 2024 — a de facto global standard, comparing it to the EU’s groundbreaking General Data Protection Regulation (GDPR), which took effect in 2018. Expected to be fully enforced beginning this year, the EU AI Act highlights the need for internal audit to play a critical role as a partner in AI oversight.
“For internal auditors, the EU AI Act signals a fundamental shift,” the article says. “AI risk is no longer an abstract technology concern or a future consideration. AI is now a regulated risk domain with clear expectations for governance, controls, documentation, monitoring, and accountability.”
The EU AI Act introduces a risk-based regulatory structure that imposes stricter requirements on “high-risk” AI systems, including obligations related to data governance, documentation, transparency, human oversight, and monitoring. Organizations operating in or serving the EU market will need to demonstrate that appropriate controls are in place throughout the AI lifecycle.
The article explains the EU AI Act and its four risk categories: unacceptable, high, limited, and minimal. It also outlines how the legislation affects organizations outside the EU and which responsibilities internal audit teams will need to assume to remain relevant and effective in an AI-driven regulatory environment.
For audit executives, the EU AI Act presents both a compliance challenge and a strategic opportunity. Audit plans may need to incorporate AI-specific reviews, even for organizations headquartered outside the EU, if their systems affect EU customers or markets. Coordination with legal, compliance, IT, and data governance teams will be essential.
IIA Global CEO Anthony Pugliese Visits Nelson Mandela University in South Africa
The Engagement reaffirms the importance of education in shaping the profession’s future.
The global reach of the internal audit profession was on display recently when the global CEO of The Institute of Internal Auditors visited Nelson Mandela University in South Africa. The visit highlighted the importance of strengthening ties between academia and the profession to develop the next generation of internal auditors.
The engagement focused on advancing collaboration, promoting professional standards, and reinforcing the value of internal audit in supporting governance, accountability, and ethical leadership, according to an article from the university. The visit also emphasized the role universities play in preparing students for a rapidly evolving risk environment.
During discussions with university leadership, faculty, and students, the importance of aligning academic programs with global professional expectations was a key theme. As organizations face increasingly complex regulatory, technological, and geopolitical risks, the profession requires graduates equipped with technical expertise as well as a strong ethical foundation and critical thinking skills.
For audit executives, the story serves as a reminder that talent development begins well before recruitment. Engagement with universities can help ensure curricula reflect real-world risk challenges and evolving professional standards. CAEs may consider partnering with academic institutions through guest lectures, internships, mentoring programs, or advisory roles on curriculum development.
The article mentions the Internal Audit Foundation, which awards more than $275,000 annually in scholarships and grants. This investment is intended to create access and development pathways for students in the hopes that they will choose internal audit as a profession.
It’s Not Just You and Your Team: Why Navigating Change Feels Harder Today Than Ever
HBR article explores ‘ungovernable change’ and how leaders can respond more effectively.
If it feels as though organizational change has become more relentless and difficult to manage, there is a reason. Audit executives and other leaders today are confronting what global research and advisory firm Gartner calls “ungovernable change,” a convergence of forces that make transformation more complex than ever before.
A recent Harvard Business Review article explains that change today differs from the past in four important ways:
- The volume of change is high, and initiatives are stacked one on top of another.
- Change is not only faster; it is continuous, with no clear beginning or end.
- Transformations are larger in scale and increasingly interdependent.
- Much of the change is externally driven and unpredictable, fueled by technological advances, geopolitical shifts, and market volatility.
Leading through change is more difficult than ever because of the convergence of these factors, the article says. Traditional approaches that treat change as a discrete project with a defined timeline are proving inadequate in this environment.
Gartner’s research suggests that the most successful leaders are not attempting to coach employees through each transformation. Instead, they are routinizing change — treating adaptation as an everyday business process rather than a periodic disruption.
“Leaders typically encourage change by building enthusiasm and providing support, such as tools and resources, for each initiative,” the article says. “However, treating change as a special occasion and building excitement for an individual event does not align with today’s reality. Enabling employees to thrive in ungovernable change is all about helping them build the right mindset and practice change skills until they are second nature. This helps them become ready to embrace any change at all times.”
The article calls navigating change “an emotional journey.” It names six core change reflexes identified by Gartner that need to be developed in individuals and teams:
- Being open to new experiences
- Effectively managing time
- Understanding the context in which the business operates
- Using technology effectively
- Working well with anyone, regardless of prior experience
- Regulating emotions
There Is a Critical C-Suite Superpower You Might Be Missing on Your Team
Chief Executive article: Executive communicators are essential to leadership in the AI era.
As artificial intelligence accelerates the production of content and information, one capability is emerging as a defining differentiator for senior leaders: strategic communication. Many C-suite leaders overlook the importance of translating ideas into trusted, high-impact messaging.
“In the digital age, attention is the new currency,” according to a recent article in Chief Executive. “Modern executives are the primary extension of the company brand. While the term ‘influencer’ may cause some to cringe, the reality is that leaders have always been expected to influence. Today, leadership visibility, especially on social platforms, is a powerful vehicle for brand authority. When a leader speaks consistently and authentically, they build ‘attention equity,’ turning digital presence into a measurable corporate asset.”
Against this backdrop, one role has become essential for C-suite leaders: the executive communicator. Rather than serving as a traditional speechwriter or public relations aide, the executive communicator is positioned as a strategic partner who shapes how leaders are perceived internally and externally. In a business environment defined by rapid change, stakeholder scrutiny, and digital amplification, messaging must be clear, credible, and aligned with enterprise strategy.
The article emphasizes that the position of executive communicator differs from that of personnel in public relations and internal communications. The role of this person is to capture the leader’s vision and voice, even going beyond messaging to provide strategic counsel.
When you’re looking to bring on someone in a position like this one, the article says, you should focus on three things:
- Ask for samples or give them an assignment. Look for clarity, strategic framing, and the ability to adjust the tone for the intended audience. If you have a strong public presence, ask them to try to capture your style.
- Be specific. Are you trying to grow your social media presence? Do you need help with major organizational changes? Are you dealing with high-stakes audiences like board members or regulators? Say what matters most to you.
- Skills matter, but so does chemistry. The person needs to be able to operate in a way that accommodates your style. Are you looking for someone who can push back when needed, or someone to execute your vision? Be honest with your leadership style and ways of working.
