The Internal Audit Foundation’s Risk in Focus 2026: North America report, sponsored by AuditBoard, provides a detailed look at the top risks identified by North American internal audit leaders — and how they’re taking action. For the first time, geopolitical risks have entered the top five, while AI and cybersecurity maintain spots in the top three. Download your copy for a deep dive into the results and what they mean for audit teams.
In a major shift from previous Internal Audit Foundation Risk in Focus surveys, 45% of North American internal audit leaders said geopolitical uncertainty was one of the five highest risks at their organization (up from 26% the prior year). Rapid changes in U.S. policies initiated by the Trump administration are the likely drivers for this change, particularly tariffs and changes in federal funding.
At the same time, cybersecurity and digital disruption topped the risk rankings in North America, with an overwhelming 86% citing cybersecurity as the number one risk, and 53% citing digital disruption second. Risk ratings for regulatory change and business resilience increased moderately, keeping them on the list of top-five risks.
Internal auditors are responding to geopolitical uncertainty with expanded advisory services and participation in broader strategic planning. They are joining cross-functional teams to proactively address new risks related to supply chain disruptions and changes in federal funding for the public sector, nonprofit organizations, and other industries.
The major driver for digital disruption risks in North America is generative artificial intelligence (AI), with cybercriminals taking advantage of it to increase their attacks. Organizations are forming AI governance teams to manage deployment and risks. At the same time, internal audit is increasing its own use of AI to automate routine tasks, increase efficiency, and provide data for stakeholders.
Download your free copy of the report to explore the full results, including a look at audit priorities vs. top risks; how North America compares to global responses; and steps you can take to effectively manage geopolitical and AI risks.
