In the general technical knowledge cateogry, survey participants said the areas that needed the most improvement were:

1. ISO 27000 (the international standard for information security)
2. Enterprise Risk Management (ERM)
3. Fraud Risk Management (FRM)

"An ever-increasing reliance on IT-generated data and the plethora of data security breaches are contributing to the need for internal auditors to enhance their skills in this critical area," explained Bob Hirth, Protiviti executive vice president of global internal audit solutions. "Clearly, more organizations view themselves to be vulnerable to such risks and are relying on internal auditors to help mitigate and monitor them."

Hirth said that with regard to enterprise risk management and fraud risk management, more companies are increasing their focus on anti-fraud activities and developing an enterprisewide view of the risks impacting their organizations now that they have successfully streamlined their Sarbanes-Oxley compliance efforts.

Hirth also noted that International Financial Reporting Standards (IFRS), which was ranked among the top "need to improve" areas in Protiviti's 2007 survey, fell below the top five in the new study. "The marked improvement in IFRS knowledge is likely due to companies taking more seriously the possibility that IFRS and U.S. GAAP will soon converge." 

In the technology/audit process knowledge category, the three skills and competencies that ranked highest in terms of need for improvement were:

1. Computer-assisted auditing techniques (CAATs)
2. Continuous auditing
3. Data analysis tools (data manipulation and statistical analysis)

"Internal auditors understand they must seek out and refine their technical knowledge and skills continuously," Hirth said. "This includes mastering the latest automated technologies that can improve the way their organizations monitor risks and internal controls."

In the personal skills and capabilities category, respondents rated developing and managing relationships with committees of the board of directors to be the area most in need of improvement.

"This is not surprising," Hirth said. "More than ever, today's boards seek complete transparency into company operations and rely on internal audit to monitor key activities. Internal audit professionals must be able to present and communicate clearly to the board about these matters."

The study's report, 2008 Internal Audit Capabilities and Needs Survey, is available at www.protiviti.com/go/2008capabilitiesandneeds

The survey was conducted from July through October in 2007. Nearly a third are from companies with annual revenues of more than $5 billion, and the majority of respondents work for publicly traded companies in North America.