Something to Consider June 2019 2
Traditionally, internal audit has been viewed as the Third Line of Defence in risk management and regarded by skeptics as seeing business “through the rear view mirror”.
Often Internal Audit has been involved in business process change and technology adoption after the fact. It is becoming evident that this is an outdated approach that is costing businesses in the rapidly evolving business and technology environment.
Internal audit needs to be involved at the outset, in developing strategies and objectives in terms of risk, governance and oversight, and providing advice on threats and opportunities of the new world.
Auditors are just as crucial to success as the business leaders who have the vision of the outcome and the technology experts who can enable systemic change.
Internal Audit are becoming strategic advisers with a sense of optimism that they are no longer just ‘spoiling the fun’ of business, and flagging up where things went wrong. Audit work is not just about assurance of yesterday’s operating model and policies, but about becoming better business partners and advisers on change and transformation initiatives.
With the adoption of AI, for example, there needs to be even greater scrutiny on appropriate governance and control to manage risks. Internal audit can act as the bridge between the old and new.
I encourage you to read the unusually optimistic, at times entertaining and cleverly written opinion piece from Business Times on why Internal Audit are the new guardians of emerging technology, which you can find here. We will leave you with this excerpt which is a verse in a song called IGY by Donald Fagen which aptly, but unintentionally describes a ‘humanistic auditor’:
Just machines to make big decisions
Programmed by fellas with compassion and vision
We’ll be clean when their work is done
We’ll be eternally free and eternally young