What does a transformed internal audit function look like?
Every stage of the internal audit lifecycle is impacted. The internal audit is evolving both operationally and strategically, by:
- Moving away from point in time assessments and toward continuous risk sensing using external and internal data for risk identification and monitoring
- Building a more flexible operating model with intentional and continuous collaboration across risk functions and leverage across the three lines of defense
- Shifting from a one-size-fits-all approach to expand the audit spectrum—diversifying the nature of audit activities, including issues-based reviews, audit insight workshops and more
- Changing execution from traditional sample and controls to higher precision audits that leverage technology such as neural networks and AI to test 100% of the populations
- Using data and behavioral science to identify underlying behavioral patterns and root causes and uncovering the blind spots
How does a transformed internal audit function work with other lines of defense?
The internal audit’s stakeholder group has expanded and expectations are heightened. Change is fast and risks are complex and interconnected. As it transforms, Internal Audit can collaborate with first and second line functions in data-driven ways not previously possible—and, in doing so, reduce the likelihood of blind spots or significant issues materializing.
The three lines of defense can identify common sources of data and synergize data retrieval and analysis, so that each group is working efficiently and developing insights from a common foundation. And internal audit teams can share and other tools that can become real-time monitoring capabilities for the first and second line of defense. There are many opportunities. With an eye toward the broader risk capabilities of the organization, the internal audit can be a catalyst for bringing a greater level of insight and more effective assurance to the management team.
How to get started?
Internal audit teams have an opportunity to re-envision the impact they can make for the organization and reframe the approach they take to add value and keep pace with business change. Some areas to consider before starting your journey:
- Assemble a strong team ready and excited get started
- Discover new capabilities and ideas for the internal audit to drive value like never before
- Pick the ideas that would drive immediate impact with limited or no additional budget
- Explore alternative models for sourcing talent and technology and run some pilots
- Socialize and celebrate your successes. Every small win builds momentum!
- Develop a roadmap for a people-led, data-driven transformation
What does the NextGen internal auditor look like?
Digital upskilling is at the heart of Internal Audit’s transformation. It’s a new world that requires internal audit acumen, digital and data acumen as well as business acumen. Internal audit teams need people who can use technology effectively and who have the knowledge to audit business operations that use new technologies. Not all auditors need to be data scientists, but they do need to understand data sources to assess data quality and to know what insights can be drawn from data. Teams also need a high degree of business acumen to facilitate better conversations with business leaders and help identify where risks lie.
Digital upskilling is a journey in which no one has to be left behind. But it might require a different approach than traditional training. Start the shift to tech adoption, mass automation and a culture of innovation through a new way of learning:
- Launch online learning assets that go deeper on skill needs
- Reward learners with badges or certifications to get everyone excited
- Build digital black belts on the critical skills you need
- Create an environment and process for the best ideas to prevail
- Push curiosity on a next round of topics
- Always continue to advance and accelerate
Today’s workforce wants to stay relevant. Answer that need.