Our new whitepaper, The Transformation of Internal Audit, examines the ways in which the Internal Audit profession must respond to changes in the business landscape in order to remain relevant and add maximum value to business.
As has been well documented, the Covid-19 pandemic turned the business world on its head, with the associated lockdowns, advances in cloud-based technologies and advent of flexible work arrangements bringing about a fundamental shift in the way that business is done. In today’s landscape, organisations of all sizes have IT environments in place, and automation is driving process improvements across all spheres of business. Many roles are being impacted by this, and as a result, businesses are identifying requirements that are critical to their operations and upskilling their employees accordingly. The rise of automation has also changed the nature and complexity of risk that businesses face, with the growth of cyber risk being an example of this.
Internal Audit thought leadership has long agreed that the profession must transform, but various factors have obstructed the process. With business having undergone a metamorphosis, the time has come for Internal Audit to overcome the challenges it faces, and execute a radical change of its own. The profession’s building blocks need to reassessed, with a specific focus on five areas, namely Strategy, Technology, People, Process and Budget.
In order to achieve the strategic objective of transforming into the data-driven and data-led function that is optimal to support business, Internal Audit must take advantage of technological advances and automation. A data-driven and data-led Internal Audit function has the ability to understand the data landscape, and can connect to business systems and data environments, analyse and perform audit procedures on entire datasets, quantify audit outcomes and transform these into audit evidence and business insights.
The implementation of solutions that facilitate controlled and secure access to core business systems is a fundamental requirement. Today’s technology enables this without impacting performance or security, and with no disruption to business activities. Performing audit procedures at source rather than on data extracts significantly improves the reliability of results and is a complete departure from the typical approach.
Changing Internal Audit processes, including but not limited to the implementation of Agile methodology, is key. From a people perspective, as basic audit processes are automated, teams will need new and more advanced skills, for which training will be required. Budgets should be redirected accordingly, with priority being given to technologies that support the transformation of the function.
As a next step, Internal Audit functions are advised to undertake a critical self-review exercise, during which they interrogate whether the strategy they have in place provides a platform for their function to transform. They should also consider whether the technologies they are utilising are optimal in supporting the strategic objective of becoming a data-driven and data-led function. In addition, they must identify which of their current processes can be automated to improve efficiencies, what skills and training staff require to deliver on their strategy, and how the budget their function has been allocated can be used most effectively.
Thank you for contacting us.
We will be in touch shortly.