Ellen John De Guzman did not begin his career expecting to specialize in internal controls. But one early assignment changed everything.
“I started assessing controls and auditing when I was given an engagement that involved a suspected fraud,” he says.
It was his first real exposure to how weaknesses in internal controls can create opportunities for risk. More importantly, it showed how governance failures are often not obvious—until the consequences surface.
That experience shaped the direction of his career.
Today, De Guzman is an Internal Audit Manager with years of experience in internal auditing, risk assessment, and leadership. He has worked across retail, merchandising, and manufacturing—industries where operational complexity makes strong controls essential.
Why Internal Controls Matter More Today
For De Guzman, the role of internal controls has only become more critical in today’s environment.
“Internal controls are at its most relevance especially in these times where there’s unpredictability of economic conditions,” he says.
In stable periods, weak controls can remain hidden. But during volatile markets or economic downturns, those weaknesses are exposed quickly—through losses, inefficiencies, or compliance failures.
This is why he sees internal controls not as a back-office function, but as a core part of business resilience.
Companies that invest in strong controls are better positioned to navigate uncertainty. Those that do not often find themselves reacting to problems instead of preventing them.
The Skill That Makes the Difference
While internal auditing requires technical knowledge, De Guzman points to a simpler—but often overlooked—skill as essential.
“Attention to detail,” he says.
In internal controls, small gaps can lead to large consequences. A missed reconciliation, an overlooked exception, or a poorly designed process can create vulnerabilities over time.
Detail is what allows auditors to identify risks before they escalate.
But beyond technical skills, he emphasizes the importance of mindset—remaining disciplined, objective, and consistent even when dealing with complex or sensitive issues.
Leadership in Internal Controls
As a leader, De Guzman describes his style as structured and disciplined, but also supportive and empowering.
Internal controls often require coordination across departments. Policies must be implemented consistently, but also understood by the people responsible for executing them.
This is where leadership plays a critical role.
“Be consultative in your approach when tackling issues in internal controls,” he advises.
Rather than imposing controls in isolation, effective leaders engage stakeholders, explain the rationale behind policies, and align control measures with operational realities.
One of his key contributions has been in system and process engineering—improving how controls are embedded within workflows rather than treated as separate compliance requirements.
This approach strengthens governance while maintaining efficiency.
The Importance of Independence
Handling internal control issues often involves sensitive situations—potential fraud, compliance gaps, or operational weaknesses.
In these cases, maintaining objectivity is critical.
“There should be independence,” De Guzman says.
Independence allows auditors to assess situations fairly, without influence from internal pressures or relationships.
It ensures that decisions are based on evidence and aligned with the organization’s long-term interests—not short-term convenience.
Adapting to a Changing Risk Environment
The internal controls profession continues to evolve, shaped by both global and local challenges.
“Volatile markets and economic downturns” are among the key forces influencing how organizations approach risk today, De Guzman notes.
At the same time, technology is changing how controls are designed and monitored. Automation, data analytics, and digital systems are improving efficiency—but they also introduce new risks that require updated control frameworks.
For internal audit professionals, this means one thing: adaptability.
Processes that worked in the past may no longer be sufficient. Risk environments shift, and control systems must evolve with them.
“Be adaptable,” he says when asked what advice he would give to aspiring leaders in the field.
Building Credibility Through Certification
To strengthen his expertise, De Guzman pursued certification with The Institute for Internal Controls and earned the Certified Internal Control Auditor (CICA) designation.
His motivation was straightforward: to deepen his knowledge and enhance his competence in the field.
The process required discipline and focus, but the impact was clear.
“More credibility,” he says.
Since earning the credential, he has taken on bigger projects and expanded his role within the organization—demonstrating how structured learning can translate into real career growth.
Beyond technical knowledge, the certification reinforced his ability to contribute at a higher level—designing systems, advising management, and strengthening governance frameworks.
A Discipline Built on Learning and Integrity
For De Guzman, internal controls are not just about compliance—they are about building systems that allow organizations to operate with confidence, even in uncertain conditions.
It requires technical skill, attention to detail, and strong leadership. But it also requires something deeper: a commitment to continuous learning and integrity.
His message to professionals considering a path in internal controls reflects that mindset.
“Be relentless and humble when it comes to learning.”
Because in a world where risks continue to evolve, the strength of an organization often depends on the strength of its controls—and the people behind them.
