This article originally appeared in our November 6 edition of the Diligent Minute Newsletter. For more insights like these, delivered straight to your inbox, subscribe

Cyber threats, AI disruption, and geopolitical instability are
reshaping the audit landscape — and 4,000 audit leaders across
131 countries have weighed in. Whether you’re on the internal
audit team, serving on your board’s audit committee, or working in
partnership with them, the IIA’s 2026 Global Risk in Focus report
has insights for you. This year’s edition reveals the key risk areas
to focus on and highlights how risk is changing across regions and
sectors (with tips on how to achieve compliance with updated


2026 Global Risk in Focus: Top risks for internal audit (Cybersecurity, AI, Geopolitics)

 remains the number one concern for
organizations worldwide, with 73% of respondents
naming it a top five risk. 

pronounced in North America and Europe, where more

than 80% of organizations put it at the top of their list.

,
has seen the second largest jump in perceived risk with
an increase of 9 percentage points year-over-year.
Organizations are racing to implement new technologies,
but many are running into infrastructure and skills gaps.

3.Geopolitical uncertainty leapt 10 percentage points


globally, now ranking sixth overall. North America saw the
sharpest spike (up 19 points), driven by shifting U.S. trade
policies and global conflicts.

4.Business resilience (47%) and human capital (43%)

 Organizations are feeling
the pressure to shore up supply chains and crisis response
capabilities. Meanwhile, talent shortages, wage
competition, and generational shifts keep human capital
risk firmly on the agenda.
One standout: Regulatory change (41%) is closely linked to
geopolitical risk. Where political uncertainty is high, regulatory
challenges follow.

How audit committees can close the risk-to-audit gap

I asked Curtis Warfield, experienced public company director,
Audit Committee Chair, and former Chief Audit Executive, his
thoughts on bridging the risk-to-audit gap. He outlined five steps:

“As an Audit Chair, I see the gaps as driven by limited
expertise in emerging areas like AI and digital disruption,
audits taking longer than planned, and the need to balance
enterprise-wide coverage with limited resources.” says
Warfield.
“It’s a risk–reward trade-off,” he goes on. “Sometimes
management also has major deliverables in progress,
which limits timing for audits. Audit committees can help
by understanding these constraints, supporting skills
development, and encouraging dynamic adjustments to
the plan when new or fast-moving risks emerge.”

“Internal audit should not just police — it should partner,”
says Warfield. “The key is alignment with senior leadership
so internal audit can help ensure technology risks are
managed without slowing innovation.”
He adds, “Audit leaders should focus on being strategic
partners, not just reviewers, and work closely with the
business to embed technology risk considerations into
transformation projects from the start.”

Audit committees add the most value when they
understand the process behind the audit plan. “Members
should take time to learn how the ERM process connects to
strategy and how audit allocates time across the risk
profile,” advises Warfield. “That understanding makes it
easier to have meaningful dialogue about priorities.
Regular communication and progress updates help keep
the plan dynamic and aligned with emerging risks.”

4.Support advisory work while maintaining independence

“Tone at the top is critical,” Warfield emphasizes. “The
audit committee and board chair can reinforce that internal
audit’s role is not to police management, but to be a
strategic partner while maintaining independence. It’s a
delicate balance — audit must still provide objective
assurance, but it can also offer valuable advisory input on
AI governance,

, or scenario planning.
Clear boundaries and communication make both roles
possible.”

5.Build an agile, forward-looking partnership

Agility starts with alignment. “Everyone should understand
the audit process, how it ties to enterprise risk and strategy,
and how resources are deployed,” says Warfield. “The audit
committee should be willing to adjust its agenda
throughout the year for new risks and ensure flexibility in
hours and resources to respond to change. That’s how
audit and the board can stay proactive and effective in
uncertain environments.”

Looking to stay ahead of the curve on audit governance? Check
out the 

IIA’s new Center for Audit Committee Leadership. 

The
Center offers audit committee members tailored strategic advice,
best practices, and educational resources to help ensure internal
audit functions are effectively structured and integrated within
your organization’s governance framework.

Bridging the gap: Why having a strategic audit function is critical right now

The pace of change in governance, risk, compliance and audit has accelerated — and 

 is where practitioners and leaders can upskill, see what’s coming down the tracks and get hands-on with AI tools and tactics to lead confidently in this new era. Join us in Atlanta from April 22–24, 2026.

Wondering if Elevate is for you? Here are ten reasons not to miss it:

10 reasons why you won’t want to miss Diligent Elevate 2026

Elevate brings together GRC practitioners, executives and technology leaders for three days of general sessions, breakouts and workshops designed to help you turn insight into impact. It’s your hub for the 

 in governance, risk, compliance and audit.

2. Invest in yourself with continued learning

Sharpen practical skills through hands-on training and sessions designed to help you operationalize what you learn — including opportunities to earn credits like CLEs tied to specific programming.

3. Get more from your Diligent investment

Whether you’re new to the platform or an experienced admin, you’ll have direct access to Diligent product experts, roadmap previews and solution clinics to help you unlock more value, faster.

Go beyond theory. See how generative and agentic AI 

, flag emerging risks, strengthen compliance workflows and help you deliver clearer, faster and more contextual reporting to your board — with insights that connect directly to risks, controls and audit findings. Then practice those skills in workshops and labs.

Connect with a diverse community of GRC, legal and board professionals, the people who understand your challenges and can share the playbooks behind their wins. In 2024, Elevate drew 700+ attendees across 22 countries.

6. Experience Atlanta at the heart of the action

We’re convening at the Hilton Atlanta in the city’s vibrant downtown, an easy hop from Hartsfield–Jackson Atlanta International Airport (ATL). From sweeping downtown vistas to leafy historic parks and a buzzing food scene, expect a conference that fuels you from session to social.

Use roundtables, workshops and cohort sessions to test ideas, workshop processes and trade templates — with Diligent experts on hand to guide you.

8. Take home practical, ready-to-use tools

Expect actionable takeaways: AI prompts tailored for board reporting and compliance workflows, templates, checklists and step-by-step practices you can apply on day one — including a focus on responsible AI and boardroom readiness.

9. See what’s next on the Diligent One Platform

Preview AI innovations and integrations that enhance governance, clarify risk and streamline compliance — and give direct feedback to the teams building them.

10. Build a long-term plan for AI-era leadership

 — not just features to try, but a plan to elevate your role and your organization’s governance maturity in 30, 60 and 90 days.

Is it obvious that we want leaders like you to be part of Elevate 2026? We hope so. Join us in Atlanta this April and get everything you need to make a difference in your organization and in the communities you serve.

 Wed Apr 22 — training, breakouts, welcome reception; Thu Apr 23 — general sessions + breakouts; Fri Apr 24 — general session + breakouts.

 Early bird prices through January 23, 2026: Corporate: $1,295 and Education / Government / Nonprofit: $895. 

to secure your spot (and save!) at Elevate 2026. Register early to save your seat and take advantage of the best rates.

This article originally appeared in our October 23rd edition of the Diligent Minute Newsletter. For more insights like these, delivered straight to your inbox, subscribe

After months of buzz in the third quarter of 2024, many expected 2025 would finally spark a wave of IPOs and breathe new life into public markets. Instead, mounting economic pressures and sudden shifts in U.S. fiscal and trade policy have forced companies to reconsider even their most basic transaction strategies. Traditionally, when IPO activity slows, mergers and acquisitions pick up the slack. But this year, deal-making has slowed, raising a critical question for organizations everywhere: are they genuinely prepared for transactions in this climate?

2025 IPO slowdown and M&A outlook: Transaction readiness under pressure

We surveyed over 230 chief financial officers, general counsels and directors

 from public and private companies around the world about their growth strategies and transaction plans in this uncertain landscape, in partnership with Wilson Sonsini, 

, CFO Alliance, and the CFO Leadership Council. Here’s what they had to say:

Nearly half of organizations stay the course, with caveats

Interestingly, we found that nearly half of organizations (49%) are still prioritizing M&A or strategic partnerships in their growth strategies. “[Companies are] taking much longer to evaluate deals and are being more selective about opportunities,” NetSuite’s Ranga Bodla, Vice President of Field Engagement and Marketing at NetSuite explains.

Geopolitical uncertainty accounts for some of this hesitancy. Thirty-five percent of the senior leaders we surveyed cited it as a major challenge when it comes to their transaction plans. But many companies just don’t feel ready for complex transactions right now, calling out increased caution, adjusted valuation models and financial projections, and enhanced focus on due diligence and risk as their responses to economic uncertainty.

Confidence in organizational readiness to support a major transaction right now ranks just 5.7 on a scale from 1 to 10, even as 

 say they are prioritizing M&A or strategic partnerships in their game plans for growth. 

“We need to strengthen our governance structures to suit the current VUCA [volatility, uncertainty, complexity, ambiguity] environment,” one survey respondent bluntly declares.

Over half (56%) cited limited resources, over one third (35%) data access, and over one quarter (28%) a lack of experienced personnel as challenges in the transaction process, with many also calling for better defined roles (42%) and stronger board communication and support (31%).

Close the readiness gap: Integrated GRC, finance and AI to accelerate due diligence

But here’s what stuck out as a red flag to me: A mere 4% of organizations reported having fully integrated governance, risk compliance (GRC), and finance systems for transactions. Just 5% use 

, 10% financial reporting tools, 16% ERP software and 20% secure data rooms. All of these technologies can bolster 

, valuations, analysis and planning, and help companies learn about and act on deal opportunities faster. In fact, a full 60% still operate with siloed or only partially integrated platforms.

“Many organizations remain stuck in analog transaction processes,” my colleague Nithya Das, General Manager and Chief Legal Officer at Diligent, said. “Technology adoption directly addresses the operational risks companies frequently cite.”

In short, insufficient tools are holding too many corporate deal teams back, and inefficient processes are slowing them down.

If 2025 has taught us anything, it’s that you can’t control the external environment your organization operates in. But you can adapt to it, think proactively, and get your internal processes in order to support and prepare for transactions. “Companies can do a lot of things day-to-day to improve readiness for a potential transaction,” notes Rich Mullen, Partner at Wilson Sonsini.

Think digital workrooms that engage internal stakeholders and external advisors in activities from onboarding to planning.

Collaboration workflows that standardize due diligence and keep it on track. Secure communications channels for sensitive information, along with records, checklists, playbooks, and “lessons learned” logs stored in one centralized place. “Transaction readiness requires integrated preparation across people, processes, and technology,” Nithya reminds readers.

Nick Araco, CEO of the CFO Alliance, said that “the most effective finance leaders are turning the discipline of transaction readiness into a year-round capability.”

He explains how these leaders are “integrating lessons learned into their planning cycles and building internal muscle for deal execution. We’re also seeing growing interest in how AI can accelerate diligence, flag risks earlier, and free teams from manual work so they can focus on value creation.”

That’s a sentiment we apply to financial modeling, data analysis, enhanced due diligence and more in our report. As Bodla concludes: “The organizations that invest in these technological capabilities now will be better positioned to move quickly and confidently when the right opportunities arise.”

Delve into the details — and step up your own game for deal preparation — by downloading the full analysis: “

Diligent

Blog

Bridging the gap: Why having a strategic audit function is critical right now

10 reasons why you won’t want to miss Diligent Elevate 2026

Your Data Matters