In this episode, Dhiraj Malhotra joins Mike Maali to discuss how internal audit can shift to a more proactive risk focus through a data-enabled risk assessment process to develop continuous risk sensing capabilities.
We discuss the following questions:
0:50 - How might the risk assessment process change as the internal audit evolves?
4:25 - What is the importance of linking the single source of truth to business issues?
5:20 - What types of tools and capabilities will internal audit need to create these risk sensing capabilities at scale?
7:43 - How often does this capability need to be reviewed or monitored?
10:30 - What capabilities will internal audit need to interpret the results and act on them?
12:03 - What is the ideal process to initially set up this data platform and who should be included?
15:37 - What are key takeaways for organizations to think about?
Mike Maali is a Partner in PwC’s Risk and Regulatory Practice. For nearly 30 years, Mike has delivered a range of risk management, external audit and internal audit services to leading global and national organizations. His expertise includes implementing and optimizing enterprise-wide risk management programs and systems, and performing risk assessments, translating the results into efficient, risk-based plans for internal audit, risk and compliance functions. He has advised clients on how to stand up their internal audit, risk management and compliance functions, and how to transform existing functions to be strategically aligned with the business and other risk prevention lines of defense. He also offers best practices to embed data analytics and advanced technology into all components of risk management and control, and leverages PwC’s deep industry and technical capabilities for enhanced insights in the planning, execution and reporting of internal audit projects, risk management programs and compliance testing solutions.
Dhiraj Malhotra is a Principal in PwC’s Risk and Regulatory Practice. He has spent more than 19 years helping clients manage and run businesses more effectively. From business process re-engineering of end-to-end business processes (procurement, supply chain, content management, contracting) to managing risks across functional areas for a variety of industries, he has advised Fortune 500 clients in transforming their business and compliance activities from strategy, framework to execution and sustainable managed services platforms.