US chief audit officers have been under increased compliance burden, struggling to add strategic value through internal audit and maximize on the technology available, according to Grant Thornton US annual CAE survey.

The survey found 69% of respondents cited increased cost as the top impact of regulation on their organisations, with another 36% feeling that regulation left them unable to devote resources to higher-value activities.

However, 45% of respondents said that regulation improved their governance and rigor of testing.

"The dilemma many CAEs face is how to continue adding strategic value through the internal audit function, given the current compliance-heavy environment," Grant Thornton US national governance, risk and compliance practice leader Warren Stippich said.

"The solution is not to leave compliance behind as an un-chosen option in the place of focusing on strategic and/or operational areas — but instead to understand how CAEs can leverage compliance activities to add value."

The survey also found that internal audit departments continue to remain slow to maximize technology to gain efficiencies. Only 29% of respondents said their companies are using governance, risk and compliance (GRC)-specific technology, up from 23% in last year’s survey.

While adoption numbers have increased, only 22% of respondents believe their organisations effectively leverage GRC technology.

Despite the lack of leveraging technology and software, 60% of CAE’s said they are using data analytics to enhance the internal audit function. The top reason cited for using analytics is the ability to quickly identify patterns, trends and relationships. CAEs also use analytics for such other tasks as forensic analysis (26%), performance measurement (185) and predictive analytics (28%), according to Grant Thornton US.

The survey was conducted among over 400 US CAEs, with 66% of respondents working for a company with annual revenues between $100m and $5bn.

Related link:

Adding internal audit value: Strategically leveraging compliance activities