top of page

2021 Internal Audit Hot Topic and Focus Areas

Updated: Nov 25, 2020

A summary from across the web of 2021's Internal Audit Hot Topic's, Focus Area's and Risk Priorities.

We have searched across the web; through each of the Big 4's websites, through the IIA, and across thought leadership sites to find out what they all consider to be the top risk / focus areas for Internal Audit going into 2021.

These guys are generally on the mark. Last year, the IIA Risk in Focus report said business continuity was one key focus area for Head's of Audit going into 2020, and they weren't wrong! For those who paid attention to the IIA Risk in Focus and added a business continuity review to your plan for Q1 2020, you would be very grateful. You can see what the 2020 hot topics were by reading this blog post.

In this post, we will show you what the IIA, KPMG, PwC, Deloitte and Gartner all consider to be the main focus areas for 2021.

Here we go.


Institute of Internal Auditors

The Institute of Internal Auditors released their Risk in Focus 2021 report back in September this year. Following a survey amongst a number of Heads of Audit, the report identifies the following top 10 risk areas which are on people's minds going into 2021:

  • Information security in the expanded work environment

  • Regulatory forbearance and the return to normal

  • Strategic relevance and the digital imperative

  • Liquidity risk and cost-cutting amid depressed demand

  • Managing talent, staff wellbeing and diversity challenges

  • Disaster and crisis preparedness: lessons from the pandemic

  • Rising nationalism and social tensions amid unprecedented economic volatility

  • Supply chain disruption and vendor solvency

  • Fraud and the exploitation of operational and economic disruption

  • Climate change: the next crisis?

You can view the full Risk in Focus 2021 report here.



Looking very similar to what the IIA have produced, KPMG has identified the following key risk areas for 2021:

  • Business resilience

  • Staff well-being and talent management

  • Fraud and the exploitation of operational disruption

  • Climate change: the next crisis

  • Third Party Management: Supply chain disruption and vendor solvency

  • Cyber security and data privacy in the expanded work environment

  • Culture and behavior and soft controls

  • Regulatory driven risk

  • Digitalization and intelligent automation

  • Data management and data & analytics

You can view the full KPMG Internal Audit: Key risk areas 2021 report here.



For those wanting to understand what IT specific risks exist this year, Deloitte have you covered. The Deloitte report also provides an overview of hot topics through the years from 2012 to 2021. This overview / diagram is a great cross check for your audit universe and a great image which you can present to your audit committee and show which topics you have already covered through your audit work.

Deloitte has identified the following hot topics for IT Internal Audit in Financial Services:

  • Cyber Security

  • Operational Resilience

  • Cloud Governance and Security

  • Extended Enterprise Risk Management

  • Transformation and Change Assurance

  • Digital Risk

  • Data Governance

  • IT Strategy and Governance

  • Payments

  • System Development

You can view the full Deloitte 2021 Hot Topics for IT Internal Audit in Financial Services report here.



PwC have taken a different approach with this years list, focusing on high level future risks for companies in the financial services sector.

At a high level, PwC have identified the following macro risks:

  • Reputation and purpose (emphasised through the Black Lives Matter movement and response to climate risk); and

  • Digitalisation (such as changing behaviours of both customers and staff).

PwC have then focused on a few thematic micro risks:

  • Business resilience

  • Financial crime

  • Change risk

  • Technology risk

  • Conduct risk

  • Workforce risk

You can read the full 2021 Financial Services Horizon Scanning for Assurance Functions report here, and download specific financial services sector reports for more detail.



Gartner seems to reiterate and consolidate everything each of the above reports have called out as a specific focus area for 2021. Gartner's Hot Spot summary includes the following:

  • IT Governance

  • Data Governance

  • Cyber Vulnerabilities

  • Business Continuity and Disaster Recovery

  • Talent Resilience

  • Corporate Responsibility

  • Third Party Management

  • Risk Culture and Decision Making

  • Corporate Financial Management

  • Data and Analytics

  • Supply Chain

  • Total Workforce Management

You can view the full Gartner 2021 Audit Plan Hot Spots Report here. Please note, you do need to register to view this report.


Need help with your annual planning processes?

We have developed a range of handy tools and guidance documents to help you complete your annual planning processes quickly and efficiently.

  • For our step by step guidance document which provides a simple and easy to follow breakdown of how to complete your annual planning process, please click here.

  • For templates such as the audit universe and audit committee presentation, which will help support you in the annual planning process, please click here. Remember, members and subscribers to our site receive a 10% purchase when they use their special code.

#internalaudit #annualplanning

5,499 views0 comments
bottom of page