Addressing enterprise risk while enabling business performance
Chief Audit Executives (CAEs) say Internal Audit provides significant value
CAEs rate the Internal Audit leader as very effective
CAEs see the Internal Audit function as a trusted advisor
Does your Internal Audit function bring maximum value to the key stakeholders? Read here: PwC CEO Survey
The risk landscape is expanding providing both challenges and opportunities for organisations. While being ready to respond is essential, it’s not easy. Internal Audit has emerged as a critical lever for change giving boards the confidence to deal with the demands of a dynamic marketplace. Now, more than ever, Internal Audit needs to rise to the challenge and demonstrate its value.
At PwC, we are driving Internal Audit innovation merging the skills of our people with a robust, leading edge Internal Audit approach and state-of-the-art technology. The result is The PwC Internal Audit. Relevant, aligned and agile, it delivers insight and quality in equal measure and to the highest standard, helping you build the confidence to move faster and act decisively.
Data Driven Internal Audit
Using analytics provides a more comprehensive and real-time view of changing risk and efficient testing of controls. We can test entire populations of data, target certain attributes of a population based on risk, identify root causes of problems, and generate insights to strengthen your approach to managing risks.
Outsourcing and co-sourcing solutions
A co-sourcing solution offers cooperation on particular engagements and knowledge sharing with your internal staff. We are ready to provide you with the assistance of our specialists under short-term or long-term secondments as well.
The aim is to assess the compliance of the activities and processes implemented with the requirements of both external and internal regulations, standards and best practices. We assess the extent and complexity of your methodology, evaluate its adequacy and compare it with the best practices on the market.
Internal Audit Quality Assurance Reviews and benchmarking
The aim is to assess the compliance of internal audit activities with IIA Standards, evaluate the effectiveness and performance of an internal audit function, including its tools and techniques and the identification of its strengths and weaknesses.
Internal audit function set up
Our team of specialists will help you to set up and establish a functional internal audit model that will provide your company with added value and assist you in achieving your long-term goals. Our policies are based on a proven methodology and an individualised approach.
Companies have increasingly looked to outsourcing over the past few decades as a means of reducing costs and improving processing efficiency. The growing rates of adoption of software as a service, platform as a service, and other cloud based infrastructure models as well as physical hosting to store customers sensitive information will continue to drive increases in outsourcing. Because of those increases, the need for an independent assurance on internal controls as a third-party entity (or “service organization”) has also increased. Also known as International Standard on Assurance Engagements 3402 (or “ISAE 3402”) or its US version SSAE 18, the Service Organization Control (SOC) Report 1 is designed to deal with internal controls over financial reporting (ICFR). To assess the effectiveness of an entity’s non-financial operational and compliance controls, two reporting vehicles to meet this need were created: SOC2 and SOC3. These reports use the Trust Services Principles and Criteria as a framework for reporting on a service organization’s operational and compliance controls relevant to user organization.
These principles are:
Clarity over service providers’ controls can go far to strengthen your brand and operations. PwC offers a full range of service organization control reports. By developing and delivering an independent and customized attestation, we pave the way so a service organization can approach both existing and prospective customers with confidence and vigorously convey the trust and transparency that those customers need and expect.
Most organisations face the ongoing challenge of obtaining value from contracts and transactions with third parties. Our experience shows that even where there are standard controls and purchase to pay processes in place, the value identified at he negotiation stage often erodes over time. This erosion leaves gaps between the perceived value and the value actually delivered. Engaging PwC for Commercial Assurance enables organisations to quickly identify savings opportunities resulting in greater value now , and also reap the benefits of process enhancements, knowledge transfer and ongoing assurance mechanisms needed to sustain value across the contract lifecycle.
The solution for you may be implementing a robust Third Party Risk Management (TPRM) program.
The TPRM function manages and monitors the sourcing activities and risks associated with using third parties to enable your operations and operational strategies. PwC professionals can provide a comprehensive suite of services.
A complex and continually shifting business landscape, and increasing competitive pressure require effective management of risk across the organisation.
PwC can assist you in optimizing your business controls environment by: