STANDARDS AND ALL!

by | May 20, 2025 | GRC | 0 comments

Be it for best practices sake or conforming to a single globally acceptable elevated performance level or benchmark of quality, a minimum desired or a highest possible end result or a burdening requirement for compliance, standards influence our everyday lives in more ways than we know and understand. But are they really flawless to be put faith in and do they achieve what they intend to accomplish besides increasing compliance / adherence costs?

From Quality to IT Security including Risk Management, Environment, Health & Safety, Energy, Food Safety and more, International Organization for Standardization (ISO) has issued a multiverse of standards for the business world. For accounting and financial reporting, we have a multitude of International Financial Reporting Standards (IFRS) issued by the International Accounting Standards Board (IASB). For external auditing we have International Standards on Auditing (ISAs) from International Auditing and Assurance Standards Board (IAASB) and for internal auditing we have the Global Internal Audit Standards (GIAS).

These worlds of standards are indeed meant to equip qualified professionals providing services to the business world and inspire investor confidence by virtue of assuring them about the quality of services or products being offered. But at the same time, these standards have also been the reason behind opening new opportunities for people who like to make these their bread and butter at the cost of their clients (the attesting businesses).

So, it doesn’t actually matter what comes before and what comes after; they have complemented each other and continue to do so deriving a need (and also a want) that drives evolution at both ends. But these also continue to drive the costs of doing business going north! There are businesses on whom a number of standards apply mandatorily and then there are businesses who would like to adhere to the best practices these offer.

For both of these, the ones who can’t shy away and the ones who want to be better at what they’re doing, the costs of doing business gets higher. But can we say the same about the value or return on this investment? That’s what I intend to cover in this blogpost and while I might sound to have an opinion at the end, I don’t have one right at the outset! I’ll just put out all I have for and against the standards.

Let’s get right to it. 

Arguments against:

Problems with Standards

Elaborations

At times standards appear to be principles based but they are actually rules based. At other times it’s just vice versa.

For instance, IFRS are principles-based as introduced by IASB. But if we are seeking guidance on specific disclosures and presentation of components of financial statements, the intent is to have these same from one business entity to another for investors to make comparisons and evaluate financial performance.

Here the guidance provided by standards appears to be rules-based rather than principles-based.

The world has transitioned to principles-based standards from rules-based standards to ease and improve adherence. However, principles-based standards require the use of judgement.

While the intent is to standardize, the use of judgements allows for differing interpretations on application of standards. The end result might appear to be standardized, but underneath it is differing judgements that might have been applied which essentially goes against the spirit of standardization.

Application of standards require several underlying assumptions which makes their application tricky and prone to errors.

As with the use of judgements, there’s hardly a crisp criterion one could refer to when it comes to mapping the specifics of the task at hand to the requirements of the standards unless certain estimations and assumptions are first settled. This is because while the principles-based standards allow for greater flexibility to interpret requirements for adherence, they still do not offer a solution for everything and even for those that are there, different estimations might have to be developed and used.

A case in point is the excessive use of assumptions when determining recognition, measurement, presentation and disclosure of a number of financial statement components.

Almost all standards allow applicability exceptions to any of their specific requirements if found to be not relevant.

Allowing departures / exceptions to any requirements is yet another area that requires deployment of judgment. For the purposes of being globally acceptable as the mainstay in their relevant domains, standard setters have always allowed exceptions to requirements by entities own choice. The only ‘exception’ to these exceptions is when IFRS require such departures to be adequately disclosed with impacts within the financial statements.

Standards are not perfect and that’s why they need regular reviews for evolution. And that’s why they come with disclaimers!

Nothing is perfect and definitely not the standards. That’s when the requirement for application for interpretation and judgement comes in and when standard setters give disclaimers so that the standards should be used in a manner that best suited to the entity’s requirements.

Regulated industries might require entities to adhere to several standards.

Entities working in regulated industries might have to comply with local as well as international standards and at times these requirements might conflict with each other in which case the entity has to decide for preference.

The end result is an ever present need for identification of applicable requirements and updates.

Costs of adherence including investment in infrastructure, resources, validations, audits, etc. result in higher costs of operations.

The costs might seem onerous for the entities working in highly regulated environments since costs are involved in every step of the way to achieving full or even partial compliance!

Implementation of standards might encroach upon the creative space required to perfect service/product beyond the standard.

This could be a real head scratcher! Entities attesting allegiance to standards might actually limit themselves to doing just enough to fulfill the requirements of the standards and not going beyond what else could be done to further optimize their offerings, systems and processes.

Adherence to standards might instill a culture of fulfilling requirements at all costs rather than deciding what’s best for the entity.

Entities might be easily blindsided by the requirements of the standards and in doing so might end up showing adherence rather than causing it. And all this at the cost of what’s best for both the entity and its stakeholders.

Lost competitive advantage due to adoption of standards by competing entities within an industry.

Standards might trigger uniformity of approaches for compliance that translates into similar processes and systems eroding distinction.

But this definitely doesn’t mean its all bad. And certainly, as explained below, it would never be my opinion.

Arguments for:

  • Principles-based standards are always better since they allow flexibility in application against Rules-based standards which if mandatory are most likely to be shown to be complied with.
  • Assumptions can be tested and evaluated if they hold true and continue to be valid. It shouldn’t be a reason why standards cannot be applied.
  • If standard setters only allow few exceptions / departures under stringent criteria and with elaborate reasoning allowing concessions limited to entities’ peculiar circumstances or nature of transactions, most of the requirements cannot be departed from.
  • Evolution is good as it is about improvement. Standards or no standards evolution and improvement is necessitated by the fact that no business entity is working in a static operating environment. Risks and opportunities show up all the time.
  • Standards help us aim for perfection and on the way, we can definitely score excellence!
  • For regulated entities, the benefits of compliance with standards most surely outweigh the costs. For those aiming only for best practices sake, they’re actually eyeing a value that’s definitely greater than the costs!
  • Standards need to be adopted as bare minimum, so that creative space to further improve products and services is not infringed upon.
  • Standards need to be studied, understood, evaluated against entity’s operations, processes and systems by people qualified to do so

So now that we’ve sort of busted the arguments against the standards, we need to delve into all the more goodies they offer.

Value beyond obvious:

Obvious aims of standards include standardization, improvement, comparability and evolution of the marketplace and business environment. Beyond is:

  • Standards are a means to mitigate risks. This is the most obvious in Environment, Health & Safety and Sustainability. They are also very subtle yet hugely impactful in the case of auditors; external and internal alike, since they keep audit risk at bay.
  • Standards trigger evolution in understanding the relationship between the entity and its stakeholders, causing the entity to improve upon the impacts of its operations on its stakeholders.
  • Standards are the means to improve work practices even if their sole aim is to improve outputs.
  • Standards add value to the operations by enhancing efficiencies and effectiveness of systems and processes, through a re-think of how things are and how these could be.
  • Standards help the entities earn reputation, prestige, distinction and this might trigger brand loyalty that results in greater revenues.
  • Standards might require upfront costs in infrastructural or cultural improvements, but operationally the regular costs are always expected to take a blow for the better.
  • Standards help formalize work practices, boosting organizational memory and guarding against setbacks, for instance people leaving.
  • Standards provide substantiation to the regulatory requirements, saving the entities time, effort and resources to prove compliance to regulators.
  • Standards help improve the economy and makes it possible to evaluate the health of economies since the data used for evaluations could be relied upon due to standards driven processing systems and processes.

Yeah, a lot of goodies actually and one can think of many more! But standards needs to be approached and implemented with due professional care, a task best suited for qualified professionals since most of the arguments against are because of bad workmen who aren’t equipped with a sound understanding and knowledge of standards and their benefits. These issues are in turn compounded by assessors, validators and auditors who focus on compliances on paper rather than in substance; non-standard work!

Let’s now see how standards should be approached.

Standards; How To?

  • Invest only in qualified professional resources for dealing with standards. They can help map requirements with the entity’s goals and objectives, integrate similar requirements from diverse sets of standards, help achieve synergies in systems and processes, etc. Internal Audit’s help in a consulting role could be phenomenal in this regard.
  • Entities can evaluate pre and post situation to ascertain the impact of conformance with standards. This will help in determining the degree of structural and cultural change in the entity and the value created and added down to the level of every penny saved or created.
  • Approach standards like bulk of internal and external audit standards need to be voluntary, rather than mandatory, so that creativity is not undermined. Instead, objectives these standards need to achieve should be mandatory and their fulfillment evaluated. Needless to say, the code of ethics cannot be part of standards, because there can’t be and shouldn’t be any reasons justifying departures from the code.
  • Standards should only be promoted as most minimal requirements need to be fulfilled.
  • Most standards should be built on process methodologies (like ISO standards), so that systems could be improved and outputs could be assured.
  • Standards should be developed for evaluating the performance of qualified professionals tasked with implementing standards. Hiring skilled, professionally qualified in-house talent should be preferred to the business oriented consulting firms that have a one size fits all approach towards all their clients.
  • Best practices adoption by entities and business not operating in regulated industries should be encouraged by reducing validations or auditing burdens on these or by having less stringent requirements. This helps in their transitions to bigger business entities and improve the overall state of the economy.

 

The real impact standards can make comes from their adoption as best practices even if these are or become mandatory for an entity. Because that’s where standards help improve operations, systems, processes, outputs and revenues. But when it comes down to seeking adherence just for the sake of it like in regulated business entities it would be a rarity to find understanding of the benefits associated with compliances; since they are in it because they can’t be out of it!

For those in regulated entities having mandatory standards who believe these cause more harm then good, they need to invest in good quality professional resources especially in internal auditing. Because only these resources can show the true worth of adherence with the standards, how it impacts operations, systems and processes and how these impacts turn into cash inflows or reduction of cash outflows.

And while doing so Internal Auditors always end up justifying their costs to the business, giving back many times over!

Post Views: 10
 

Submit a Comment

Your email address will not be published. Required fields are marked *