Only 8.2% of 171 Companies Operate Independent Internal Audit Departments
Calls for Legalization of Independent Internal Audit Department Establishment
It has been revealed that less than one in ten domestic companies operate an independent internal audit department.
According to the '2024 Internal Audit Function Survey' conducted by Samjong KPMG Audit Committee Support Center and the Korea Audit Association targeting 171 domestic companies, only 8.2% of the responding companies operated an independent internal audit department that meets the 'Three Lines of Defense Model' required by the Institute of Internal Auditors (IIA).
The independence requirements for the internal audit department under the 'Three Lines of Defense Model' include ▲organization directly under the audit (committee), ▲reporting matters related to the internal audit function to the audit (committee), and ▲administrative reporting on the performance of the internal audit function to management. Only 8.2% of companies met all three requirements.
Kim Yu-gyeong, Executive Director at Samjong KPMG, stated, "The independence of the internal audit department is a crucial element for effective management oversight," pointing out that when the internal audit department is directly under management, a contradiction arises where the overseer and the subject of oversight are the same.
Respondents identified the legalization of establishing independent internal audit departments (59.1%) as an improvement task for the independence of internal audit departments. The current Corporate Governance Code’s provision for the 'establishment of an internal audit department that assists the audit committee or auditor and performs practical tasks' is evaluated as having limitations due to its non-mandatory nature.
Executive Director Kim emphasized, "Since two-thirds or more of the audit committee members are part-time outside directors, there are limitations to their activity," adding, "Support from an independent internal audit department is essential."
Regarding the capabilities of internal audit departments, only 34.5% and 21.6% of companies responded that they conduct IT audits and data analytics audits, respectively, and the possession rates of IT experts, data analysts, and system experts were only 21.1%, 10.5%, and 9.9%, respectively.
Lee Uk-hee, Chairman of the Korea Audit Association, said, "Cybersecurity is a key risk area highlighted by the Institute of Internal Auditors," urging domestic internal audit departments to regularly assess their IT and data expertise and develop related capabilities.
Meanwhile, Samjong KPMG established the Audit Committee Support Center in 2015, the first in the accounting industry, and has published various research reports. This report can be viewed on the Samjong KPMG website.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
