Transformation In Internal audit

Now is an opportunity for internal audit leaders to pause, reflect, and consider whether it is time to leave past practices – even if they have proven remarkably successful – for a different approach to internal auditing.

The Italian authors, a CAE and a manager in a consulting firm, said:

The recent macroeconomic developments emphasize a change that is already taking place: remaining anchored to the most traditional and archaic conception of the internal audit mandate exposes the profession to the highly probable and impactful risk of losing relevance, progressively emptying not only its perceived value but the real content of the profession as well.

We live in an era of epochal changes which demand an evolution of the internal audit profession. Paraphrasing Darwin: if we as auditors will be more reactive to change and will change proactively, we will not only survive, but also consolidate a competitive advantage. The alternative would lead the function to an inexorable, progressive decline.

We are pleased to see a growing number of internal audit departments moving from a static annual (or worse) audit plan to one that is dynamic and based on a continuous understanding of how the business and its environment is changing. (Some call that risk assessment, but it’s really more than that.)

Certainly, continuous monitoring of the business that dynamically updates the audit plan, so that internal audit is addressing what matters now and soon to the leaders of the organization, is important.

But there is more to being agile, a term mentioned in the second piece.

Think about the navy ? Do its commanders send in a fleet every time there is an issue? “No.

They recognize the need for agile, fast, and mobile forces that are capable of acting quickly to achieve their mission, in addition to the more traditional use of overpowering force.

Internal audit needs similar capabilities.

There are times when a fleet of auditors needs to be sent to attack an issue.

But, that fleet takes time. It requires time to plan, mobilize, and then execute. It may also require time to consolidate, consider, evaluate, and report its findings.

Can the organization wait? Don’t they need information on significant ‘risks’ now rather than later?

The modern internal audit team needs to be as agile as its audit planning. It needs the ability to send in a one or two person commando team that will get in and out rapidly, with the information needed by leaders of the organization.

Audit at the speed of risk and the business, providing management and the board with the assurance, insight, and advice they need, when they need it (i.e., not waiting weeks for a formal report), in a readily actionable form.

In my internal audit departments, the typical audit was one or possibly two people for a week or two – total, not just fieldwork. They focused on the few risks at any location or in any business process that had the potential to be significant if poorly controlled.

If you spy an enemy risk on the horizon, you need to evaluate and respond at top speed, not waiting until the fleet has arrived.

How agile is your internal audit team? Do you have speedboats or only battleships?

Is your average audit 200 hours or more? If so, are you auditing areas where, even if there were problems, they wouldn’t rise to the level that requires CEO or board action? Why? Are you taking too long to provide management and the board with essential assurance, advice, and insight?

Audit with focus and be agile about it.

We are providing practical training (Labor Laws, Payroll, Salary Structure, PF-ESI Challan) and Labor Law, Payroll Consultant Service & more:

To Get Latest HR, IR, Labor Law Updates, Case Studies & Regular Updates(Join us on Social Media)

Leave a Comment

Your email address will not be published. Required fields are marked *

error: Content is protected !!