Having spent the past 3+ years in internal audit, first for a global building materials manufac­turer and now with a Canadian retailer, I figured I ought to go for the certi­fi­cation and make it official.

So, a couple months ago I committed to earning the Certified Internal Auditor (CIA) desig­nation. The first step was to register with the IIA as a candidate, which is done entirely online.

The next step was to select and acquire study materials. The IIA has their own package, which they’re quite fond of based on some phone conver­sa­tions I had with one of their repre­sen­ta­tives, and Gleim is another popular one, as far as I can tell from cruising the various LinkedIn internal auditor group discussions.

I went a different route. I had attended an IIA social event for new members (Toronto chapter) back in April, where I met a fellow CA who had more recently achieved her CIA as well, and she recom­mended Hock as a cost-effective alter­native. So far I’m liking it, having worked my way through the textbook for Part 1 of the exam. I’ve begun to use their software (ExamSuccess) to take even more practice questions. (The textbook also has them, sprinkled throughout.)

The CIA exam is four parts, but if you’re a CA or CPA you can apply to be exempted from the final part. Part 4 covers strategic management, global business environ­ments, organi­za­tional behaviour, management skills and negotiating.

I’m quite a nerd, so I actually enjoy studying and answering practice questions. Now that I’ve begun the process, I’m surprised I didn’t start it sooner!

Update (Dec. 6, 2011): The budget dropped out for training for the rest of the year and the CIA fell by the wayside. Maybe in 2012!

Most organi­za­tions likely place social media respon­si­bil­ities primarily (or solely) with marketing, but a recent interview with Cisco’s Marketing Director on WebWork­er­Daily, now part of GigaOM provides some insightful tips and makes the case for spreading it throughout the company, especially to customer service:

The heads of both your marketing and customer service depart­ments should meet regularly. Marketing plans should be shared with — and can even be enhanced by — customer service. Each side should know how to use social media to not only fulfill their own goals but to help one another to get closer to reaching overall company goals.

Ensuring the alignment with the overall strategic plan is the key point, and in many cases KPIs for both groups will be similar. Hopefully customer service is already involved in other marketing efforts, but it’s especially important in the inter­active space of social media. Customer service is better positioned to turn feedback into improve­ments to opera­tions where identified.

Measure results together. As expec­ta­tions are high for tangible returns on social media marketing invest­ments, bring customer service in to help measure, analyze and tell the story of how social media is effective for the company.

Mine social media for more than sentiment. Instead of just looking for the positive, negative and neutral of what customers are saying about a company’s product or service, look for clues to how the public perceives the company as a whole.

Demon­strating a return on social media invest­ments is a challenge for many companies, but collab­o­ration across functions will help. As well, the social media team should build relation­ships with others subject matter experts within the company, so that customer feedback can be informed or addressed by the people best able to do so accurately. Tech companies, such as Google with their official blog, tend to do really well with this.

Building social media compe­tence across the organi­zation should also have the side effect of nurturing respon­sible personal use, which is still a risk, although one which I believe often unnec­es­sarily overshadows the potential for beneficial use of social media to a company.

How are social media respon­si­bil­ities organized in your company?

It has been five years since my first post on Feb. 18, 2006. In a way it’s the 5-year anniversary for this blog, but I haven’t really been writing as frequently lately as I should be in order to claim that legit­i­mately. This is my first post in 2011!

So to celebrate, I’m raiding the archives and taking a stroll down memory lane.

Google Docs to surpass Office in a year: Google Docs has made great strides, but it still didn’t really happen, did it? A great alter­native though for the cash-strapped with basic needs.

Why your organi­zation should be using open document standards: What can I say, I’m a standards kinda guy. I still strongly believe in open standards, but I’ve also become pretty enamored with the XML-based formats for Office. Such small file sizes compared to the old binary formats!

Return to blogging: Ah my initial return from hiatus. I left public accounting and took a year long sabbatical to strike out into the world of internal audit. A year later, I knew every­thing there was to know and returned to share my knowledge. (Kidding!)

Today I am a CA: This is what I’d been working toward and blogging about since the beginning, and it was a very proud day to announce it to my readers! Next up: Certified Internal Auditor!

Here’s the hoping I blog more frequently over the next five years. Thanks for being a part of it.

The President of the IIA shares what he sees as the top seven attributes of an effective internal auditor, and in general I agree, with a few distinctions.

The most important attribute is referred to as business acumen, but the description that accom­panies it has more to do with having an in-depth knowledge of the business the auditor works for. Splitting hairs I guess, but acumen is the ability to make good decisions and exercise sound judgment. A strong under­standing of what is driving the success of the business is important to cultivate, as is staying on top of devel­op­ments within the industry in which it operates. I think both are important, but one is easier to develop than the other.

Commu­ni­cation skills come next, and I would broaden that to be people skills in general. The ability to read people and adapt to any given situation and person­ality is very helpful, so both the outward skills like commu­ni­cating clearly and succinctly and the inward skills like listening actively and processing infor­mation quickly will come in handy when dealing with people within the organization.

Integrity comes in at 3^rd, and is critical to estab­lishing and maintaining your reputation as a profes­sional. Being consis­tently honest and forth­right in your inter­ac­tions with your “customers” will allow you to build strong working relation­ships across the business.

Experience is next, and it’s not a subject I feel especially qualified to discuss, since I’m only in my third year as an internal auditor, sixth as an auditor. What I will say is that each day I strive to learn and get better at my job, and working with staff that have, among them, decades more experience than I provides a constant reminder of the value of that experience.

Number five on the list is a solid grasp of business risks, which to me means the exact same thing as the first item. Let’s just put them both together at the top and shorten the list to six, shall we? After that is talent devel­opment skills, which is important to have once you reach a certain level and have people reporting up to you. I could make the case that this is essen­tially a subset of people skills.

Last (but not least in my opinion) is courage and that’s important for auditors whether they’re external or internal. Part of the job is being the bearer of bad news and you’ve got have the stones to deliver it straight!

At the end of September the IIA and ISACA announced they had reached an agreement to “create a basis for cooper­ation and collab­o­ration” between the organizations.

The agreement is formalized in a Memo of Under­standing that has been signed by both parties. The MoU lists a few areas where this agreement makes cooper­ation possible:

• Speaking and exhibiting at each other’s confer­ences, seminars and events
• Conducting jointly sponsored events
• Mutually recog­nizing, where appro­priate, each other’s continuing education programs for continuing education credits to satisfy requisite certi­fi­cation requirements
• Partic­i­pating in training and educa­tional programs offered by either associ­ation where such collab­o­ration benefits the attendees
• Encour­aging similar cooper­ation and collab­o­ration among local chapters of ISACA and The IIA (an activity that already thrives in many places throughout the world)
• Identi­fying oppor­tu­nities for joint projects that advance the global internal audit profession and the profes­sional standing of its members
• Engaging in periodic discus­sions on matters of public policy that impact the internal auditing profession
• Where appro­priate, coordi­nating and promoting unified messages and responses to standards setters, regulators, and legis­lators globally, and providing them with infor­mation regarding best profes­sional practices

In order of value to each organization’s members, the top 3 in my mind are:

1. Joint projects to advance the internal audit profession

To me this is going to have the biggest impact on stake­holders because the combined knowledge and experience in both groups should lead to higher quality standards and improved best practices. Perhaps a combined set of standards down the road?

2. Recog­nizing each other’s continuing education

For members of both organi­za­tions this is huge. Program content frequently overlaps (e.g. the IIA’s GTAGs) and internal audit depart­ments generally have staff with CIA and CISA desig­na­tions (as well as CA and CPA, and others), so signif­icant cost savings may be realizable.

3. Collab­o­rating on continuing education

This could open up each organization’s continuing education programs to the other one’s members, which immedi­ately intro­duces fresh topics and facil­i­tators to both groups. Synergy here will allow members to broaden their training, and provide an easier transition from one to both certifications.

The agreement should work out to be a win-win-win — for the organi­za­tions, members, and stake­holders. What do you think?