No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Internal Audit

Internal Audit’s Changing Role in a Changing Technological Environment

by Kevin Alvero and Chris Errington
May 7, 2019
in Internal Audit
red paper airplane breaking away from group of white paper airplanes flying in formation

The internal audit profession is undergoing a sea change: as technological advancements continue unabated, corporate leaders are demanding IA take a more active role in decision-making, particularly around tech transformation. Nielsen’s Kevin Alvero, Chris Errington and Wade Cassels discuss.

with co-author Wade Cassels

It’s the present neatly wrapped with a bow, the car in the showroom that glistens with a new coat of wax, the lights and sounds of Las Vegas or a million other examples that intrinsically draw our attention and turn our wants into perceived needs. For organizations, these shiny new toys have been replaced with an increasing array of technological advancements. Even without fully assessing whether they are a fit for their business model and customer base, technological financial expenditures have skyrocketed over the past few years, with no end in sight.

And internal audit is caught squarely in the middle.

As the auditor’s role continues to shift away from one of strict independence, organizational leaders are demanding more and more input from this group. No longer tasked with simply overseeing evaluations and recommending improvement for the effectiveness of risk management, control and governance processes, internal auditors are now being tasked with playing a more active role in guiding executive decision-making – especially regarding technology transformation.

This mandate is coming from the highest organizational levels, as boards and executives expect internal audit “to become proactive by throwing out its checklists of IT audits and what it thinks it should do and, instead, look further and see deeper, by engaging with stakeholders across the organization in order to discover exactly what it must do to support the company and the company’s business objectives.”

An ever-changing technological landscape mandates that businesses continually evolve to best leverage subsequent emerging opportunities. In response, internal audit must also evolve. With rapid globalization, industry convergence and changing consumer behaviors/demands forcing technology to become the most pervasive of organizational business drivers, companies are greatly increasing their technological budgets to best connect with customers across the globe and “give them the insights and efficiencies to outpace their competitors.”

A Deloitte and OnResearch survey in which 500 U.S. executives from privately held, mid-market companies were polled found that “one-third of respondents spend more than 5 percent of their annual revenues on technology… [and that] 57 percent said they’re spending more on tech this year than they did last year.”

In a separate study conducted by ROI consultancy Alinean Inc., small and medium-sized companies (with less than $50 million and between $50 million and $2 billion in annual revenue, respectively) often outspend larger ones, with midsize companies spending $13,100 per employee on IT alone.          

According to Gartner, global IT spend was projected to reach $3.5 trillion in 2017 and only increase going forward. In this atmosphere, leadership is turning to internal audit to be the determining voice regarding the true value of their IT investments.          

Changing at the Speed of Business

With a focus on leveraging “the opportunities presented by the pace of technological advances,” there are three keys Jim Pelletier, Vice President of Standards and Professional Knowledge for the IIA, points to as instigators of change for internal auditors:

  • Changes to stakeholder/client demand,
  • Changes to the competitive landscape and
  • Changes to technology.

Given that changes in technology are expected to instigate change for the internal audit profession, one wonders, is internal audit keeping pace with technological transformations?

Just as technology transformation focuses on reinventing an organization’s operations to “leverage opportunities presented by a variety of developed and emerging technologies,” leaders are challenging internal audit to become a viable piece of this critical pie by disdaining the status quo and developing ways to help companies meet stakeholder demand more effectively. As Pelletier states, “It’s no longer about how we have done it in the past. It’s about how we need to do it to survive and flourish in the future.”

Another question remains, then: How does internal audit gain a more robust understanding of how an organization’s technological investments directly impact strategy, operations, reporting and compliance? Furthermore, how does IA utilize this knowledge to accurately support leadership’s objectives?

Via four key objectives:

  1. Supporting the board through use of internal audit’s business intelligence portal and lessons learned from audits of key risk areas. This provides the impetus for clear insights to support transparency and oversight of risk management.
  2. Transforming the audit plan into real time via “automated and real-time key risk indicators, predictive analytics and AI.” With newfound agility, internal audit can execute audits wherever and whenever needed while focusing more on strategic risk and leaving routine audits to robotic process automation.
  3. With real-time information, auditors can focus on root causes that allow it to prioritize work in areas of greatest urgency. A more complete organizational view and this new data allows auditors to provide intricate analysis to the board and management.
  4. Coordinating efforts with management throughout the engagement, internal auditors “share data, information and lessons learned throughout,” effectively eliminating the need for formal audit reports.

These opportunities for internal audit take on added significance when reviewing PwC’s 2018 State of the Internal Audit Profession survey report, “Moving at the Speed of Innovation.” Its findings reveal that numerous internal audit functions soon will be implementing transformational new technologies and that rapid technological advancements will provide a significant challenge for internal audit functions.

Download: PwC’s Annual Corporate Director’s Survey

“Not only does internal audit need to have a point of view on what risks come with those technologies,” said PwC’s Lauren Massey, “but the best way to make sure they have that point of view is by embracing these emerging technologies themselves.”

With more than 2,500 board members, senior executives and audit professionals from 92 countries surveyed, internal audit organizations using workflow/dashboarding/reporting tools within internal audit will increase from 53 percent to 85 percent and those using governance, risk management and compliance technology tools will increase from 23 percent to 62 percent.

Even more startling is that the study found almost 80 percent of Chief Audit Executives believe internal audit must expand or improve its technology skills to meet its future needs. This translates into “the most advanced internal audit organizations learning how the risk profile is changing and understand[ing] how fast it is changing… They are more prepared to have a point of view on that risk because they are also pushing forward with new technology in their own operations.”

Where Internal Audit Still Lags

Change is never easy, even when all involved realize it’s for the better. That’s why it’s not surprising that, despite a clear case of internal audit needing to become an information facilitator in an organization’s technology transformation, painfully few are assuming this role.

“Stakeholders seek to navigate the future more than revisit the past or dwell in the present. It is time for internal auditors to focus our telescopes ahead. We need to concentrate on the risks of tomorrow if we are to not only protect, but enhance value for our organizations.”

Furthermore, internal auditors understand the expectation of them to complete compliance mandates, reduce costs and act as a strategic advisor to the business.

However, an Ernst & Young survey showed just “27 percent of internal auditor functions are considered strategic advisors” and that while “54 percent intend to be advisors within the next two years, their biggest skills gap is in data analytics.”

PwC found clear evidence that internal audit is often not meeting stakeholders’ technology expectations, despite 60 percent of heads of internal audit (HIAs) stating, “they’ll need to provide value-added services and proactive advice within the next five years, [and that] only 11 percent say they are indeed doing so now.”

Even more alarming results were found via the Institute of Internal Auditors’ 2019 North American Pulse of Internal Audit, titled, “Defining Alignment in a Dynamic Risk Landscape.” The report found that companies often struggle to monitor both emerging and atypical risks, are “too often caught off guard when risks do arise” and that challenges are due in part to “disruptive technology.” Furthermore, in 85 percent of the 500 responding internal audit executives, “internal audit rarely or never provides assurance on management information sent to the board. What’s more, variations in reporting structures may be hampering internal audit findings and insights from getting through the board in key risk areas.”

Where does internal audit go from here to reverse these numbers and become that shiny new toy to help navigate the landscape of digital disruption and transformation and drive return on IT investment? According to PwC, auditors must:

  • Understand that stakeholder expectations will continue to evolve while supporting organizational objectives by proactively uncovering emerging threats and producing effective mitigation strategies. 
  • Complete a thorough risk assessment, taking into account the company’s risk appetite and potential opportunities.
  • Incorporate a future-thinking mindset by focusing advisory engagements on emerging technological risks and how they align with the most important organizational objectives.
  • Utilize its independent status to learn from the most successful organizations, then provide stakeholders with greater understanding of how technological opportunities can provide the greatest support and hindrance to the company’s objectives.

Through extensive stakeholder engagement and a willingness to assume a more substantial role, internal audit can become the business unit to develop critical, overall understanding of the “strategic, operational, reporting and compliance objectives behind the company’s IT investments.” It can then use that knowledge to “prioritize and promote activities aligned with areas of both greatest potential benefit and greatest potential impediment to the achievement of those objectives and to then identify emerging technology-related risks.”


 

Sources

KPMG. (2019). Top 10 Considerations for Impactful Internal Audit for 2019. Retrieved from https://advisory.kpmg.us/content/advisory/en/index/articles/2019/top-considerations-internal-audit.html

PwC. (2017). Transforming Internal Audit to Drive Digital Value. Retrieved from https://www.pwc.com/sg/en/risk-assurance/assets/internal-audit-transform-ia-to-drive-digital-value.pdf

Peterson, B. (2017, July 13). Companies Will Spend $3.5 Trillion On Tech This Year — the price it would cost to buy Apple 4.5 times. Business Insider. Retrieved from https://www.businessinsider.com/worldwide-it-spending-2017-7

Pelletier, J. (2018, January 4).Internal Audit’s Digital Transformation Imperative​. Internal Auditor. Retrieved from https://iaonline.theiia.org/blogs/Jim-Pelletier/2018/Pages/Internal-Audit’s-Digital-Transformation-Imperative.aspx

Benes, R. (2018, August 13). How Much Are Companies Spending on Technology? eMarketer. Retrieved from https://www.emarketer.com/content/how-much-are-companies-spending-on-technology

Tysiac, K. (2018, March 13). How Internal Audit Can Improve By Embracing Technology. Retrieved from https://www.journalofaccountancy.com/news/2018/mar/improving-internal-audit-with-technology-201818551.html

Idea. The Changing Role of Internal Audit. Retrieved from https://idea.caseware.com/the-changing-role-of-internal-audit-and-use-of-technology/ .

Institute of Internal Auditors. (2019, March 4). 2019 North American Pulse of Internal Audit Report Identifies Potential Misalignment in Corporate Risk Landscape. Retrieved from https://na.theiia.org/news/Pages/2019-North-American-Pulse-of-Internal-Audit-Report-Identifies-Potential-Misalignment-in-Corporate-Risk-Landscape.aspx

Chambers, R. (2018, August 6). Internal Audit and Emerging Risks: From Hilltops to Desktops. Internal Auditor. Retrieved from https://iaonline.theiia.org/blogs/chambers/2018/Pages/Internal-Audit-and-Emerging-Risks-From-Hilltops-to-Desktops.aspx


Tags: Artificial Intelligence (AI)Emerging TechnologiesRobotic Process Automation (RPA)
Previous Post

How Boards Can Create Inclusive Cultures for Organizations

Next Post

Cynet Announces Free Incident Response Tool to Validate, Understand and Remove Active IT Security Threats

Kevin Alvero and Chris Errington

Kevin Alvero and Chris Errington

Kevin M. Alvero, CISA, CFE, is Senior Vice President, Internal Audit, Compliance and Governance at Nielsen. Kevin leads the internal quality audit program for Nielsen Global Media, as well as its industry standards compliance initiatives, including the external accreditation process. Kevin began his career with Nielsen in 2003 and has been leading the Internal Audit department since 2010. In addition to his audit expertise, Kevin possesses more than a decade of experience with traditional audience measurement and digital ad measurement. Kevin is a Certified Fraud Examiner (CFE) and Certified Information Systems Auditor (CISA). He is also a member of the Board of Governors for the Institute of Internal Auditors (IIA) Florida West Coast chapter.
Chris Errington, CSPO, CRCMP, GRCP, is a Senior Communications Specialist – Internal Audit at Nielsen. Chris oversees the writing and editing of numerous documents within the Internal Audit department. He also writes, edits and paginates the department’s entire bimonthly newsletter while leading critical research initiatives. Chris began his career as a sports writer/editor in 1996 with a trio of newspapers in West Virginia, North Carolina and suburban Washington, D.C., earning four state press association awards for outstanding writing. In addition, Chris is a skilled resume writer, having completed more than 8,000 student resumes for a Tampa-based medical college. He holds a bachelor’s degree in Journalism from West Virginia University and is currently pursuing a master’s in Communication from Purdue University.
Wade Cassels, CCSA, CISA, is a Senior Operational Auditor at Nielsen.

Related Posts

robot nurturing a good idea

Innovation vs. Compliance: In the Age of AI, Why Not Both?

by Asha Palmer
June 17, 2025

As governments scramble to regulate AI, forward-thinking companies are writing their own compliance playbooks

human robot working as team pie chart

Smart Machines, Smarter Humans: Why Compliance Still Needs a Human Touch

by Roman Eloshvili
June 17, 2025

From the 2008 financial crisis to everyday judgment calls, the case for keeping humans in the compliance loop

surrealist businessmen on platforms doing tug of war

Regulation vs. Innovation: The Tug-of-War Defining Finance’s Future

by Alex Tsepaev
June 6, 2025

AI compliance creates a global patchwork where EU fines reach €35 million while the US encourages growth — leaving financial...

Ethiciti AI Transforming Online Compliance Training

How AI is Transforming Online Compliance Training

by Corporate Compliance Insights
June 3, 2025

Is your compliance training keeping up with AI innovation? Whitepaper How AI is Transforming Online Compliance Training What's in this...

Next Post
hand holding hovering digital padlock

Cynet Announces Free Incident Response Tool to Validate, Understand and Remove Active IT Security Threats

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights