No Match Found
As the world enters a risk landscape that’s more complex and connected than ever before, it’s time for Internal Audit (IA) to shine.
IA is at the heart of trust. It gives companies and their stakeholders confidence in their people, processes, systems and data, allowing them to see risk differently, move faster and make better decisions.
IA has a unique combination of risk-mindset, objectivity and organisational reach. At PwC, we believe that—with the right vision, approach and technology—IA can act as a ‘lighthouse’ to help companies navigate risk and see around corners. This both protects value and casts light on new opportunities for value creation.
IA is the last line of defence, but increasingly the first one called to help.
PwC helps companies around the world set up, plan, enhance and deliver leading Internal Audit capabilities. What would you like to do?
Plan, develop and structure IA, so that it is the right fit for your organisation—and fit for the future.
PwC Perspective: A bold IA vision - aligned to other governance functions - helps position IA as a pioneer, reduces duplication, increases collaboration, and ultimately strengthens the ‘risk shield’ around the organisation.
Combine modern audit methods, technology, industry knowledge and subject matter expertise to deliver effective IA, anywhere in the world
PwC perspective: Many IA functions are considering how they tackle strategic risks in an organisation, such as corporate strategy and decision-making, transformation, M&A and cost management. This requires IA to have a clear and conscious plan of how to achieve the right balance in the audit programme so that more ‘traditional’ risk areas receive adequate coverage, and the right tools and talent are available. Effective stakeholder communication is also needed to ensure different expectations are understood.
The diagram below is a simple way of considering how to balance this audit effort:
Deploy, configure and use technology to increase the efficiency and effectiveness of IA, and extract knowledge and insights from data.
PwC Perspective: There is an increasing convergence of technology used for IA, risk, compliance, and business operations. This means IA has the opportunity to help digitise governance and assurance across the organisation and benefit from better risk data and automation. A clear IA technology strategy and good communication with first and second line is needed so that investment is not siloed and the whole organisation can benefit.
Build confidence and develop new skills to unleash the potential of your people and equip them for success.
PwC Perspective: Whilst technology is critical to modern IA, becoming a pioneer and trusted advisor is as much about the human journey. This means having people who can turn data into insight, risk into opportunity, and ideas into action. This requires a holistic and strategic approach to getting the right mix of technical and human skills, such as communication, project management and negotiation.
Evolve your capabilities to meet the promises and potential of ‘next-gen’ IA, and the expectations of your stakeholders.
PwC Perspective: Like any ecosystem, the governance ecosystem benefits from renewal and evolution. There is an opportunity, for example, to relook at what KPIs drive IA excellence, and ensure that these are aligned with corporate strategies and priorities, and properly reflect what stakeholders value. This includes getting the right balance between quantitative, qualitative and ‘inward and outward’ looking KPIs.
Leverage IA’s ‘superpowers’ to understand or quantify problems, provide advice on improvement and remediation, and offer perspectives on blindspots and emerging risks.
Examples of areas that IA can add value to:
PwC Perspective: Organisations always benefit from an objective viewpoint and IA is well placed to provide this. This does not always require a traditional audit, and can be more effective as a risk position paper, executive update, or simple discussion, for example.
IA is increasingly including ESG in their audit plans. PwC is able to use its Connected Risk Engine (CRE) technology to help IA assess and benchmark the maturity of ESG processes in their organisation.
Our assessment covers key areas of an effective ESG framework, including governance, culture and reporting. It can be tailored to compare different parts of the organisation or understand the views of different stakeholder groups.
The output can be used to update your ESG strategy, target areas of higher priority, and gauge the success of investment in ESG. In other words, it can give you a blueprint to help navigate complexity, manage risk, and plan for the next stage of maturity in ESG.
PwC’s CRE tool has over 20 other assessment modules, and this is increasing. These include topics like IA effectiveness, cyber security, and compliance management. To find out more, please speak to your PwC team or use the form below.
These are examples of the specialist areas that IA draws on to multiply its value to organisations. Click on the links to explore the capabilities and insights in each:
Risk isn't about responding to change. It's about changing the way we see. Shifting our perspective. Considering different angles. Strong risk and resilience capabilities can be the difference between those that thrive and those that fight to survive.