Page 42 - iiA
P. 42
Psychology of Risk Communication:
Why the same message lands differently
across levels
Why does the same message \
communication, inferred differently by
various stakeholders?
In organizations, internal audit communication
and messages are critical tools for identifying
risks, ensuring compliance, and driving
improvement. However, a curious phenomenon
often emerges: the same message can be received
Saket Kanodia and interpreted in vastly different ways depending
on the organizational level—whether it’s frontline
CA, CIA, DISA India Lead in the Governance employees, middle management, or senior
Risk and Compliance group of Sikich LLC leadership. This discrepancy in reception can
saket.kanodia@sikich.com influence how effectively issues are addressed
and improvements implemented. Understanding
why this happens is key to fostering better
communication, alignment, and action across all
Effective risk communication by internal
auditors is essential for promoting good levels of an organization.
governance, informed decision-making, and
proactive risk mitigation. Let’s first understand Differing Perspectives and Priorities
the different types of risk communication
typically done by internal auditors: Each organizational level operates with distinct
priorities, shaped by their roles and responsibilities.
Formal Written Reports: Frontline employees are often focused on day-
• Audit Reports to-day operations and immediate tasks, so any
• Annual Audit Plans communication might feel like an additional
• Risk Assessment Reports burden or criticism of their work. For example, a
• Progress Reports/Dashboards message about incomplete documentation may be
seen as nitpicking by staff who prioritize customer
Formal Verbal Presentations: service over paperwork.
• Presentations to the Audit Committee and Middle managers, caught between executing
Board of Directors directives from above and supporting their teams,
• Presentations to Senior Management may view the same message as a challenge to their
• Kick-off and Exit Meetings oversight or resource allocation. They might worry
about how it reflects on their leadership or the
Informal Communication: feasibility of addressing it with limited time and
• Ongoing Dialogue and Consultations budget.
• Advisory Conversations
• Follow-up Discussions Senior leaders, on the other hand, typically
focus on strategic objectives, risk exposure, and
Digital and Collaborative Platforms: organizational reputation. They may interpret
• Risk Management Systems/Software the same message as a signal of systemic
• Other Collaboration Tools issues or a potential threat to compliance or
39 INTERNAL AUDIT TODAY
