What does a transformed internal audit function look like?
Every stage of the internal audit lifecycle is impacted. Internal Audit is evolving both operationally and strategically:
- Moving away from point in time assessments and toward continuous risk sensing using external and internal data for risk identification and monitoring
- Building a more flexible operating model with intentional and continuous collaboration across risk functions and leverage across the three lines of defense
- Shifting from a one-size fits all approach to expanding the audit spectrum—diversifying the nature of audit activities, including issues-based reviews, audit insight workshops and more
- Changing execution from traditional sample and controls focus, to higher precision audits that leverage technology such as neural networks and AI to test 100% of the populations
- And, through data and behavioral science, identifying underlying behavioral patterns and root causes and uncovering the blind spots.
How does a transformed internal audit function work with other lines of defense?
Internal Audit’s stakeholder group has expanded and expectations are heightened. Change is fast and risks are complex and interconnected. As it transforms, Internal Audit can collaborate with first and second line functions in data-driven ways not previously possible—and, in doing so, reduce the likelihood of blind spots or significant issues materializing.
The three lines of defense can identify common sources of data and synergize data retrieval and analysis, so that each group is working efficiently and developing insights from a common foundation. And, Internal Audit can share analytics and other tools that can become real-time monitoring capabilities for the first and second line of defense. There are many opportunities. With an eye toward the broader risk capabilities of the organization, Internal Audit can be a catalyst for bringing a greater level of insight and more effective assurance to the management team.
How to get started?
Internal audit has an opportunity to re-envision the impact it can make for the organization and reframe the approach it takes to add value and keep pace with business change. Some areas to consider before starting your journey:
- Assemble a strong team ready and excited to get started on your journey
- Discover new capabilities and ideas for internal audit to drive value like never before
- Pick the ideas that would drive immediate impact with limited/no additional budget
- Explore alternative models for sourcing talent and technology—run some pilots
- Socialize and celebrate your successes. Every small win builds momentum!
- Develop a roadmap for people led, data driven transformation
What does the NextGen internal auditor look like?
Digital upskilling is at the heart of Internal Audit’s transformation. It’s a new world that requires internal audit acumen, digital and data acumen as well as business acumen. Internal Audit needs people who can use technology effectively and who have the knowledge to audit business operations that use new technologies. Not all auditors need to be data scientists, but they do need to understand data sources to assess data quality and to know what insights can be drawn from data. Teams also need a high degree of business acumen to facilitate better conversations with business leaders and help identify where risks lie.
Digital upskilling is a journey in which no one has to be left behind. But, it might require a different approach than traditional training. Start the shift to tech adoption, mass automation and a culture of innovation through a new way of learning:
- Launch online learning assets that go deeper on skill needs
- Reward learners with badges or certifications to get everyone excited
- Build digital black belts on the critical skills you need
- Create an environment and process for the best ideas to prevail
- Push curiosity on a next round of topics
- And, continue to advance and accelerate
Today’s workforce wants to stay relevant. Answer that need.