Internal auditors are under pressure on multiple fronts, with both funding and staffing levels trending down, according to a new report from the Internal Audit Foundation.
In the annual North American Pulse of Internal Audit Survey, which this year included 373 internal audit leaders, 19% said their budgets were lower in 2025 than the prior year, up from the 11% who said the same a year ago about their 2024 vs. 2023 budgets. At the same time, the percentage of IA functions enjoying budget increases fell from 34% to 23%.
The proportion of IA leaders reporting staff cuts similarly rose from 11% to 18%, matching the level reached during the height of the COVID-19 pandemic in 2020.
According to the Institute of Internal Auditors, the findings underscore the importance of aligning audit-function priorities with organizational objectives and strategy during a time of stretched resources.
“Organizations across industries are operating in an environment of constrained budgets and limited staffing,” said IIA’s president and CEO Anthony Pugliese. “In this context, alignment with enterprise priorities is not optional — it is essential.”
When IA functions are closely aligned to the organization’s strategy, they are more likely to be well-funded, the report noted. Funding sufficiency was 30 percentage points higher for IA functions that identified as being fully or almost fully aligned with organizational strategy (59%), compared with those that were only somewhat aligned with strategy (29%).
Meanwhile, financial services was the only sector in which IA budgets remained stable year over year, with 40% reporting budget growth and just 9% reporting cuts.
Among privately held organizations (excluding financial services), one in six (16%) reported falling budgets, while the same percentage suffered staffing cuts. Publicly traded and manufacturing companies experienced slightly more modest shifts, with budget cuts rising from 13% to 20% and growth declining by only five percentage points.
Nonprofit organizations, the health care sector, educational services and the public sector also reported notable budget cuts and lower budget growth last year.
The survey also asked chief audit executives what responsibilities they have that lie outside the typical scope of internal audit. A large majority (86%) said they have such responsibilities, led by fraud investigation (47%), ethics or whistleblower program (36%), enterprise risk management (34%), Sarbanes-Oxley program (31%) and compliance regulatory (27%).
In publicly traded and manufacturing companies, Sarbanes-Oxley is a primary responsibility (80% and 70%, respectively).
In terms of audit-plan composition, cybersecurity and IT account for roughly 20% of audit effort across most sectors, although it’s slightly less in manufacturing, public sector, and publicly traded companies (all 15-16%).
