What are the biggest risks for Internal Auditors in 2018?
24 January 2018
In an article published on November 17th, 2017, Norman Marks asks, “What are the biggest risks for internal auditors in 2018?”, in response to a question that had been asked by corporate governance recruitment firm Barclay Simpson.
Following on from Norman’s question, and the risks he identifies, our question is “How can Pentana Audit help Internal Auditors meet these challenges in 2018?”
1. Auditing risks that don’t matter to the board and top executives
Our audit management software is fully risk-driven. Risks can be identified top-down and bottom-up, enabling the audit team to capture the risks that are most important to the organisation and to drive their audit planning around these.
Board and executive objectives can be broken down into more detailed risks, which can be managed and self-assessed within the business. Internal Audit can use these risks to align their work to the overarching top-level objectives, and compare their assessments against management’s view of risk.
2. Failing to communicate what matters when it matters
There is no doubt that the audit report remains important and the formal channel for the communication of the results of audit work. Pentana Audit can automate audit report creation base on the work undertaken.
However, as Norman Marks notes, the audit report may be months after the issues have been identified. With offline working and action web modules, Pentana Audit enables an ongoing dialogue between Internal Audit and management, allowing management to proactively address findings even before the end of the formal audit.
How much better for all if issues can be quickly communicated and resolved, supported by a fully transparent action management process.
3. An inability to change direction as risks change
As noted above, Pentana Audit captures risks at multiple levels. Management can maintain their own risks in the software, or risk feeds can be taken from other corporate risk registers. Internal Audit have a full picture of management risks, controls and self-assessments.
Pentana Audit does not restrict Internal Audit to an annual planning methodology, or fix the audit plan so that it cannot be changed. Therefore, a change in risks can be acted upon very quickly, some may say in an ‘agile’ way.
4. A lack of the resources necessary to address the risks that matter
By enabling auditors to focus on key risks, integrating with audit analytics results, and providing full working paper library facilities, Pentana Audit enables Internal Audit teams to make the most of their scarce resources.
With time-recording and risk-coverage reporting, Internal Audit can also objectively demonstrate to management where additional resources are needed, and what the impact on audit delivery would be.
5. Wasting precious time and resources
Norman Marks’ point is that “once you have an opinion and agreed with management on the necessary corrective actions, stop.”
With milestone-linked audits steps and easy-to-use inbuilt reporting and customizable screens, Pentana Audit enables the Internal Audit management team to track the progress of audits and to dip-in to ensure that scarce time and resources are being focused where needed.
6. Auditing the past and not the future
Pentana Audit does not force a past-perspective of risk, or a future-perspective. Mainly it gives a current-perspective. This allows audit to look at the past and future and consider what challenges the organisation may face and share this with management.
7. Losing key members of the audit department
Staff leave for many reasons. Pentana Audit can remove a lot of the repetitive administrative burden that can come with audits and enable auditors to focus on auditing. This allows the auditor to focus on what they are good at and what motivates them, and gets the most out of a scarce resource.
By addressing risks 1 to 6 above, we would argue that Pentana Audit also brings Internal Audit closer to the business and enables the auditor to have a bigger impact and see the effect of their work.
8. Failing to attain and retain the confidence of management
No software provides a magic solution to make management have confidence in Internal Audit. However, by taking a lot of the administrative burden off the audit team, and allowing for findings to be pulled together into thematic ‘problems’, Pentana Audit allows auditors to take a deeper view of the underlying problems and to make recommendations that are pertinent and practical for the business.
Pentana Audit is part of our Pentana Assurance product suite. Discover today how Pentana Audit can help you address the risks and challenges you face in 2018.