Thursday, February 25, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

Internal Audit Awareness

by Dennis Keglovits
May 23, 2017
in Featured, Internal Audit
diagram of internal audit on chalkboard

Challenges, Trends and Recommendations

May is Internal Audit Awareness Month. What better time to discuss the challenges that come with preparing for audits and what companies can do to be better prepared? This article highlights trends in IA, insights into how auditors can continue to push their organizations forward and advice on how to better manage communication with the board by making education a priority.

Central Challenges

Determining Audit Scope

What are we auditing and why? Determining where to look is one of the biggest challenges auditors face today. The majority of companies use risk assessments to determine their auditable entities and help with scoping specific activities. Once the auditors know what they will audit, narrowing the scope of the audit to finish within the desired time period is the next hurdle. Beyond that, audits aren’t just looking at financial risk anymore. The overall focus should be linked to management’s strategic objectives to ensure optimal value. Finally, working with the auditees to understand the existing process and gather the applicable supporting documentation can prove more valuable for both the auditor and auditee.

Staffing

Having the right skill sets available at the right time is a challenge for internal audit teams. They’re under pressure to do more with less, but risks are increasing and projects are becoming more complicated. Couple that with the fact that auditors are occasionally tasked with assessing risks in an area outside their expertise and the result is an audit that provides less-than-effective results. The alternative is employing a creative mix of outsourcing and technologies to get the audits done – and in an effective and efficient manner.

Emerging Trends

Data Analytics

Auditors are using data analytics to focus the scope of audits by pre-emptively analyzing the data to identify specific trends and unexpected patterns. If inconsistencies in a high-risk area are identified, that area will likely be audited. Automated techniques allow auditors to look at an entire population instead of a smaller sampling, increasing both efficiency and thoroughness.

Self-Assessments

Employees and partners are increasingly testing themselves and reporting results to internal audit. To validate controls, the auditors perform independent checks on these self-assessments. Self-testing drives down the expenses associated with select audits and eases the staffing challenge without impacting the results.

IT Audit Function

Assessing cyber risk is a huge responsibility for internal auditors. Surveys tend to show that a majority of companies are concerned about cyber risk, but few believe they have adequately addressed or even adequately audit the risk area. Most have defined a separate IT audit function, but too often, this team operates in a silo, which means the organization has not properly incorporated the associated risks and controls into its overall risk appetite and program.

Recommendations for Process and Progress

Education

Traditionally, internal audit has done an inadequate job of educating the board, executives, managers and even users regarding the scope and purpose of the internal audit function. International Internal Audit Awareness Month presents a prime opportunity to make education a top priority.

Formalizing a sound audit charter and mission statement is a critical first step. Hone and practice the mission statement like an elevator pitch — you don’t get many opportunities to articulate the virtues of internal auditing. Senior executives will be more engaged if they understand the return on investment (ROI) and the value internal audit brings by helping the company to achieve strategic objectives.

Another critical area for improvement is the risk assessment process, which should be formalized and communicated to auditees and senior management. Some teams create an internal handbook but find it difficult to follow when senior management requests a fast-tracked audit. Developing clear documentation that details how audits are executed will foster collaboration with the departments being assessed.

Continuous Improvement

To keep an organization’s operations primed, you have to perform regular check-ups. Effective, regularly scheduled audits provide that third and final line of defense in risk management. Audit findings must be unbiased and authoritative, providing valuable insight for making decisions, prioritizing efforts and catching problems before they escalate.

Listen to your audit committee. Problem areas revealed by audits must be addressed to meet standards and optimize operations; follow up and remediate processes as indicated. The findings of an internal audit in advance of an external audit allow the business to address issues proactively, ensuring fewer external findings and enforcement actions.

Technology Solutions

Audits don’t have to be as painful as they used to be. Using spreadsheets to document and present evidence turns audit preparation into tedious work. Fortunately, audit management can now leverage comprehensive technology known as governance, risk management and compliance (GRC) solutions.

These cloud-based solutions organize the data collection and collaborative projects required for compiling audits. They automate the assembling of work papers, processing of findings, assessing of audit risk, distribution of reports and monitoring of time and expense. The systemization of audit activities on a GRC platform streamlines the entire process, increases accountability and integrates departmental data and procedures into an enterprise-wide view.

With stakeholder cooperation, technology support and strategic focus, the benefits of optimized audit processes will be realized well beyond the internal audit team. A well-audited organization is prepared to face adverse conditions with resilience and tackle growth opportunities with confidence.


Tags: cyber riskdata analyticsrisk assessment
Previous Post

DLA Piper’s 2017 Compliance & Risk Report: Compliance Grows Up

Next Post

The “More Muscular” Buy American Policy Involves a Waiting Period

Dennis Keglovits

Dennis Keglovits is Vice President of IRM Services at Lockpath, a NAVEX Global Company. Dennis has over 20 years of consulting experience in the areas of risk management, internal audit and compliance services across several industries. A veteran of Big 4 Accounting and Consulting Firms, Dennis has served some of the world’s most recognizable brands. As a regional managing director in a national firm, he developed the service delivery model and go-to-market strategy across the Midwest.  

Related Posts

woman looking at horizon from mountain top

What’s on the Horizon for Anti-Corruption Enforcement?

February 25, 2021
cannabis leaf on $100 bill

The Intersection of EDD and Banking Cannabis

February 24, 2021
gold cup award on red background with stars

Ethisphere Announces the 2021 World’s Most Ethical Companies

February 23, 2021
illustration of hand holding flashlight illuminating hidden stairs

The Corporate Transparency Act: Pulling Back the Veil

February 23, 2021
Next Post
made in America tag on flannel garment

The "More Muscular" Buy American Policy Involves a Waiting Period

Access realtime data
Addressing systemic racism in the workplace SAI Global
Dynamic Risk Assessments with Workiva
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights