SlideShare a Scribd company logo

Meningkatkan peran audit internal fungsi peran digital

ā€¢
ā€¢
Dr .Maizar Radjin, SE., M.Ak., QIA., QRMA, CRGP
Dr .Maizar Radjin, SE., M.Ak., QIA., QRMA, CRGP

you can want focus on doing things in a digital way but if you don't have the support behind you ceo and board and really have then driving you to do what you do with focus on digital, you can beat you head against the wall an not get anywhere. i dont want underestimate how important senior leadership and board support is able to be able to do this and to be successfull at it nancy J. Luquette

Government & Nonprofit
1 of 22
Elevating internal auditā€™s role: The digitally fit function 2019 State of the Internal Audit Profession Study Share
2019 State of the Internal Audit Profession Study | 2 Organisations are rapidly rolling out digital initiatives in an arena defined by more data, more automation, sophisticated cyberattacks, and constantly evolving customer expectations. In some waysā€”for internal audit functionsā€”the situation is not new: technology risks and controls have already been on their agendas for decades, and most can reliably deliver a technology audit. But digital rollouts heighten risks beyond the technology itself. For instance, as public trust in institutions and corporations has been on the wane, the implications of a data-privacy breach could be significantā€”even for a pilot project. Or a faulty artificial-intelligence (AI) algorithm could wreak havoc on financial accounting. Digital initiatives change the risk profile, and in todayā€™s information-rich era, data to inform decision makingā€”and risk takingā€”is falling short. According to PwCā€™s 22nd Annual Global CEO Survey, the quality level of the data that leaders need in order to make long-term decisions based on their companiesā€™ risk exposure is exactly the same level as it was 10 years ago. Just 22% of CEOs call such data sufficiently comprehensive. Internal audit needs (1) the dexterity to pivot quickly and to keep up with the digital pace of the business, and (2) the knowledge and skills to provide advice and strategic assurance in this new arena. Internal audit functions that increase their own levels of digital fitness will be far more effective at meeting that challenge. By harnessing digital capabilities and the power of dataā€”both data internal to their organisations and data outside themā€”internal audit functions can find correlations that will not only keep pace with changing risks but also help predict changing risk profiles. Our 2019 Global Risk, Internal Audit and Compliance Survey shows that as organisations move through digital transformation, internal audit functions that are more digitally fit more effectively help their stakeholders become smarter risk takers in the face of changing risk profiles.
2019 State of the Internal Audit Profession Study | 3 What does the expression internal audit digital fitness mean? The definition is twofold: (1) having in place the skills and competencies to provide strategic advice to stakeholders and to provide assurance with regard to risks from the organisationā€™s digital transformation and (2) changing the functionā€™s own processes and services so as to become more data driven and digitally enabled so the function can align with the organisationā€™s strategic risks and thereby anticipate and respond to risk events at the pace and scale that the organisationā€™s digital transformation requires. Talk about the upskilling of staff, about closer engagement with stakeholders, and the use of data, analytics, and workflow technologies is ongoing. And now is the time to shift from discussion to action because internal audit functionsā€™ digital fitness must match the organisationā€™s digital transformation; otherwise, gaps across the lines of defence will widen, and more points of entry for risk will appear. ā€œYou can want to focus on doing things in a digital way but if you donā€™t have the support behind it from your CEO and the board, and really have them driving you to do what you do with a focus on digital, you can beat your head against the wall and not get anywhere. I donā€™t want to underestimate how important senior leadership and board support is to be able to do this and to be successful at it.ā€ Nancy J. Luquette, Senior Vice President, Chief Risk & Audit Executive, S&P Global Inc
2019 State of the Internal Audit Profession Study | 4 Figure 1 Where digitally ļ¬t internal audit functions stand out Digital ļ¬tness in each dimension Dynamics Actives Beginners Digital maturity score on a scale of 0 to 100 based on PwC analysis and index calculation. Base: 98 Dynamics; 140 Actives; 271 Beginners 20 40 60 80 100 Vision and roadmap Ways of working Stakeholder engagement Operations Services model Which internal audit functions are the most digitally fit? As a group, the internal audit functionā€™s level of digital fitnessā€”in some areasā€” lags that of its risk management and compliance peers, according to our survey of 2,000 executives. But some internal audit functions are making significant headway (Figure 1), and their organisations are seeing greater benefits from their digital initiatives. Those benefits include more-effective management of transformation risk and more payoff than expected against planned outcomes such as improved customer experience and increased revenue growth. We evaluated internal audit survey respondents based on their digital fitness scores across five dimensions. The group that was found to be the most digitally fit consisted of 19% of total internal audit respondents, whom we call Dynamics. (See Being a smarter risk taker through digital transformation: 2019 Risk in Review for a full discussion of Dynamic risk management, compliance and internal audit functions.) Dynamics embody a mix of highly regulated and less-regulated industries, various geographic regions, and different organisation sizes. The next-most-digitally-fit group of internal audit functions are named Actives. That group, which represented 27% of internal audit functions in the survey, is taking many of the steps necessary to become more digitally fit. The balance of internal audit functions in our survey (54%), which we call Beginners, are conducting or planning to conduct some of the activities we measured, though in far more ad hoc ways, and are at a very early stage in their digital journey.
2019 State of the Internal Audit Profession Study | 5 Our study analysed the behaviours that set Dynamics apart from those a step behind in their overall digital fitness. We identified six habits that Dynamics embrace to help their stakeholders become smarter risk takers throughout digital transformation (Figure 2). The first habit centres on going all-in on the organisationā€™s digital plan. Internal audit functions canā€™t help their organisations thrive digitally if they donā€™t have a line of sight to the organisationsā€™ digital transformation strategies. So, Dynamics plug into strategy and keep the function in lockstep. CEO and board support helps them maintain alignment and advance the functionā€™s digital fitness. Two other habitsā€”actively engaging decision makers and collaborating and aligning to provide a consolidated view of riskā€”are also key elements of digital fitness. Engaging with stakeholders helps internal audit provide risk perspectives at the right times across digital initiatives. And, as the risk universe becomes more dynamic, all risk functions should push towards working from common risk information and providing a consolidated view of risks for stakeholders and theĀ board. Here we focus on the remaining three habitsā€”upskilling current staff and injecting new talent, finding the right fits for emerging technologies, and enabling the organisation to act on risks in real timeā€”because those habits combine to give internal audit a dexterity for moving all six habits forward. Our lessons from Dynamics in those areas guide internal audit functions towards a baseline of digital fitness and the things they must do in order to advance. ā€œInternal audit has to have a seat at the table with management. As you build these out, you donā€™t want internal audit to come in afterwards and identify gaps in controls. They really need to be there right at the beginning. However, itā€™s one thing physically having a seat at the table but another having the credibility to be listened to.ā€ Vanessa C. L. Chang, Member, Audit Committee, Edison International and Sykes Enterprises
2019 State of the Internal Audit Profession Study | 6 Figure 2 Six habits of dynamic internal audit functionsThe six habits of risk functions that fuel smarter risk taking 01 Go all-in on the organisationā€™s digital plan 03 Find the right fit for emerging technologies 04 Enable the organisation to act on risks in real time 05 Actively engage decision makers of key digital initiatives 02 Upskill and inject new talent to move at the speed of the organisation 06 Collaborate and align to provide a consolidated view of risks
2019 State of the Internal Audit Profession Study | 7 Upskill and inject new talent to move at the speed of theĀ organisation Creatively source talent to build the functionā€™s digital skills, and invest to protect the talent you have
2019 State of the Internal Audit Profession Study | 8 Internal auditors donā€™t require deep technical knowledge to begin engaging in their organisationā€™s digital initiatives. Auditors bring a thorough understanding of risk and processā€”which is a valuable lens that decision makers sometimes lack. Internal audit can also connect the dots on risks across multiple digital initiatives throughout an organisation. But as organisations become more and more digital, internal auditā€™s baseline levels of digital acumen and skills must rise. For instance, a deeper understanding of data is critical because data sits at the centre of all things digital. And even though auditors donā€™t have to be robotic-process- automation (RPA) experts or data scientists, they do have to understand data sources in order to assess data quality, to test whether an algorithm is performing as planned, and to know what kinds of insights can be drawn from the data. Dynamics are more capable of auditing emerging technology. Although still far from being fully staffed to address their organisationā€™s use of emerging technologies, Dynamics are more prepared to audit emerging technology than their peers areā€”particularly in such areas as cloud technologies, automation of business processes, and the Internet of Things (Figure 3). They also see a future in which theyā€™re skilled for auditing a wide variety of emerging technologiesā€”even those not in use by their organisations today. In fact, Dynamics are taking action now in anticipation of their organisationsā€™ use of those future technologies. For example, 49% of Dynamics are currently auditing or skilling up to audit AI. By contrast, 13% of Beginnersā€”who represent a mix of industries similar to the industries Dynamics are inā€”are doing so. ā€œYou donā€™t need every single team member to be data scientists, but you need the team to be on board with the direction you are going. And then you need a few with the energy, passion and knowledge around the topic to drive it forward.ā€ Sara Merian, Head of Internal Audit and Financial Compliance, Syngenta International AG
2019 State of the Internal Audit Profession Study | 9 Q. Which of the following best describes your current preparedness to audit each of the following new technologies? Base: 98 Dynamics; 140 Actives; 271 Beginners Dynamics Actives Beginners Figure 3 Dynamics are preparing to audit emerging technologies My internal audit function is fully staffed and capable of auditing or in the past 12 months has audited an area that uses this technology. 26% 14% 6% 14% 8% 4% 38% 36% 24% 25% 15% 6% 4% 2% 0% 5% 4% 0% 7% 4% 1% 6% 3% 1% 11% 1% 1% 9% 3% 1% Drones3-D printingBlockchainVRARIoTCloud technologies RoboticsIntelligent automation AI
2019 State of the Internal Audit Profession Study | 10 To keep pace with their organisationā€™s digital transformation, itā€™s essential that internal audit functions both inject new talent and upskill staff. Dynamics put digital first in the ways they recruit talent. They more often target and reach candidates through digital recruiting strategies, and they publicise the opportunity to work with new digital technologies (Figure 4). Q. How does your internal audit function plan to attract new talent or upskill current talent to meet its digital needs? (Responses are ā€˜Doing nowā€™) Base: 97 Dynamics; 137 Actives; 254 Beginners Dynamics Actives Beginners Figure 4 Dynamics put digital ļ¬rst in recruiting Publicises opportunities to work with new digital technologies 64% 34% 17% Uses digital recruiting strategies to better target and reach candidates through such channels as mobile, social media, or video 71% 51% 31% My functionā€¦
2019 State of the Internal Audit Profession Study | 11 Dynamics also invest in upskilling their full teamā€™s technology skills to an ever-rising baseline. Investment in upskilling differs significantly between Dynamics, Actives, and Beginners. Dynamics are working with their organisations on digital initiatives to increase internal auditā€™s level of digital knowledge; theyā€™re partnering with risk and compliance functions on training investments; and theyā€™re building upskilling programmes of their own. As they streamline internal audit operations through technology, internal audit leaders can redirect the generated efficiency to create time for upskilling and innovation. Nationwide Mutual Insurance senior vice president and chief audit executive, Greg Jordan has taken a creative approach to upskilling his team and the business. He knows that ā€œwhat you knew yesterday is outdated today, and what we know today is outdated tomorrow.ā€ Internal audit is driving increased value on emerging technologies by producing white papers on the risk and controls considerations on these technologies. ā€œWe also have in our plan to produce white papers on cryptocurrencies and blockchain. It will help the business with risks they should be thinking about, and it also educates our own team. For our 100 hours of office-required training, weā€™re going to be more prescriptive and assign more case studies to be more hands-on with learning. Weā€™ll also have more mock audits, more activities to move our activities to an automated fashion.ā€ Jordan believes itā€™s unacceptable to have their business partners using AI and RPA and not have a level of requisite knowledge within the internal audit team. Internal audit also has to have access to very-deep-subject-matter specialists, so Dynamics are working hard to identify people from within who have the aptitudes and adjacent skills to become experts. Auditors with business acumen who have demonstrated mathematics or data skills or who have educational backgrounds in science, math, statistics, economics, and certain other fields that build critical thinking are learning data science. Many Dynamics are creating centres of excellence and turning to outside service providers to fill specialised skills needsā€”particularly for emerging technologies expertise and for deep business understanding (Figure 5). Upskilling may require changing internal auditā€™s philosophy as a profession so it can tolerate more risk. Health insurer Health Care Service Corporationā€™s internal audit function has found success in creating a more innovative culture. ā€œWe have a culture that addresses risk by engaging with new ideas and technologies. This challenges our staff to go outside of their comfort zone and grow,ā€ reports Robert Lembach, vice president of internal audit. ā€œMost automation in the department has come from being pragmatic and engaging staff to think about how to solve problems through automation. It motivates them beyond just ticking and tying. We have to challenge our staff because there is risk in doing things the old way: not getting the most value out of our people and constantlyĀ recruiting.ā€ Internal audit will always need new skill sets. And though audit skills will continue to be foundational, auditors in the near future will look different than they do today as they blend those traditional skills with digital and business acumen. In todayā€™s highly competitive market for technical skills, if internal audit functions fail to continually invest in and reward their peopleā€™s digital skillsā€”and provide them with the technology they expectā€”retention will suffer. Dynamics understand thatĀ lesson.
2019 State of the Internal Audit Profession Study | 12 Q. How does your internal audit function plan to attract new talent or upskill current talent to meet its digital needs? (Responses are ā€˜Doing nowā€™) Base: 98 Dynamics; 140 Actives; 271 Beginners Q. Please rate your level of agreement with the following statements about your internal audit function. (Responses are ā€œAgreeā€™ or ā€˜Strongly agreeā€™) Base: 97 Dynamics; 137 Actives; 254 Beginners Dynamics Actives Beginners Figure 5 Dynamics use multiple strategies for building digital skills Partners with the organisation in digital initiatives to increase internal auditā€™s digital knowledge 68% 47% 24% Is implementing training programmes to enhance the teamā€™s technology skills 84% 66% 37% Taps external service providers for the digital skills it needs 76% 62% 57% Increasingly relies on shared services, centres of excellence, or service delivery centres for such capabilities as data testing 68% 54% 34% My functionā€¦
2019 State of the Internal Audit Profession Study | 13 Find the right fit for emerging technologies Audit and advise on emerging technologies, and use them to streamline the function
2019 State of the Internal Audit Profession Study | 14 Dynamic internal audit functions are embracing new technologies from multiple dimensions by providing advice and assurance that appropriate controls are in place as their organisations adopt new technologies and by using the technologies within their own departments to streamline the function. Dynamics have firmer grasp of the role that is expected of them in emergingĀ technology. In the newest of emerging technology areas, Dynamics more often view their role as that of risk consultants who help the business understand risks from the use of the technology and its associated data, or that of governance assurance providers who perform audit or advisory activities to make sure technology governance is established. In more mature areas of emerging technology, such as cloud technology, wherein internal audit has deeper subject matter knowledge, the majority see their role as risk-and-controls-assurance providers. That shows that Dynamics recognise the importance of early involvement in their organisationā€™s new technology use so they can provide risk and governance input, even if they lack deep understanding of the technology. Then, as the technology becomes more and more integral to the organisation, they expand their role to serve as both consultant and assurance provider. Internal auditā€™s digital and data governance role Digital transformation cannot progress well without strong digital and data governance, and every internal audit function can and should be involved in that process. Regardless of levels of digital knowledge and skills, internal audit can provide a point of view on governance and can help the organisation learn how changes affect controls operations prior to executionā€”rather than after the fact. Organisations cannot make the best use of emerging technologies without trustworthy dataā€”meaning, data that is clean, accurate, and accessible. For example, RPA relies on good data to efficiently and accurately process information. But if data governance is absent or applied piecemeal, the likelihood of poor data is high, and the risk is higher that new technologies will not operate effectively. Internal audit can provide input as data governance is getting establishedā€”and assurance once it is in place. Internal audit functions should ask themselves, (1) Is data governance an area of focus within internal auditā€™s technology audits in 2019? And, (2) Is internal audit confident about data controlsā€”including those for security, privacy, access, and accuracyā€”in its organisationā€™s use of new technologies? Internal audit cannot plug into every project, and neither can risk management or compliance. But if tied closely to the organisationā€™s digital strategy and if involved early in significant initiatives, internal audit can expand its risk coverage by helping shape digital governance frameworks. Such frameworks guide the many projects that embed the same emerging technology for different use cases, thereby improving the odds that control considerations get embedded too. Internal audit can then focus on testing to see that guidelines get upheld across a selection of initiatives. Two-thirds of Dynamics ensure the right governance of digital initiatives; 40% help establish those governance standards.
2019 State of the Internal Audit Profession Study | 15 ā€œAlgorithms are in themselves their own worst enemy. I donā€™t know whether the algorithm that was built has been tested or whether third parties looked at it. I donā€™t even know whether external auditors were involved. If you use the technology tool to go through contracts and drive revenue, accounts receivable, cash, and deferred revenue, how do I know that the algorithm was correct? Who audits that? Who tests it? And importantly, how do I know itā€™s locked down so that someone canā€™t come in and change it? Thatā€™s where I get concerned.ā€ Vanessa C. L. Chang, Member, Audit Committee, Edison International and Sykes Enterprises Dynamics are beginning to find ways of using emerging technology in theirĀ work. When it comes to using emerging technologies within their function, many internal audit functions struggle to find the fit. For example, 54% of internal audit functions are either unsure of or do not plan to use AI within the next two years. Even RPA use is questioned: 49% do not plan to use RPA or are unsure how they will use it. But not Dynamics: 37% use RPA currently, and another 45% plan to do so within two years. As for automation, executives we spoke with pointed to Sarbanesā€“Oxley compliance as a logical starting point. Emerging technologies such as RPA, machine learning, and AI provide the opportunity to streamline and automate processes and to gain greater assurance over control effectiveness. For one company, testing to see whether terminated employeesā€™ system access rights were being removed in a timely manner was a highly manual process. It required using a lookup function from three disparate data sources for each IT application, which took the audit team 100 hours to test 20 instances of the control. With RPA, a bot was built in 40 hours that performs in seven hours the previously manual processes. By automating many stages of the test except human review, testing hours greatly reduced, and coverage expanded from a sample basis to full populations, which provides greater assurance.
2019 State of the Internal Audit Profession Study | 16 Dynamics are thinking about how technology can help them do things differently rather than limiting their thinking to process improvement. They donā€™t think of emerging technology as a bolt on but as a smarter way to do more. Consider how analytics have been adopted by many internal audit functions, primarily in the areas of audit planning and audit execution. Internal audit functions are far less often stepping back to reimagine how the full audit approach could change through the use of analytics, including redesigning risk assessments to be data driven, leveraging analytics to continuously monitor controls, conducting full population testing, and providing stakeholders with more insights through real- time dashboards and reporting. When a more transformative and fully integrated approach throughout the entire internal audit life cycle is considered, internal audit functions not only expand risk coverage, they also help their organisation act on risks in real time. ā€œEasy access to RPA was a warning siren about how we had to have a proper governance process in place to allow access to these digital tools but with some supervision over the operation of them...my team did a good job of getting the right governance in place balancing risk withĀ opportunity.ā€ John Merino, Chief Accounting Officer, FedEx Corporation
2019 State of the Internal Audit Profession Study | 17 Enable the organisation to act on risks in realĀ time Build new methods and services to deliver assurance at the speed the organisationĀ requires
2019 State of the Internal Audit Profession Study | 18 Q. Please rate your level of agreement with the following statements about your internal audit function. (Responses are ā€˜Agreeā€™ or ā€˜Strongly agreeā€™) Base: 98 Dynamics; 140 Actives; 271 Beginners Q. Is your internal audit function doing or planning to do the following service-related activities based on the availability of digital technologies? (Responses are ā€˜Doing nowā€™) Base: 98 Dynamics; 140 Actives; 271 Beginners Dynamics Actives Beginners Figure 6 Dynamics are using data and technology to develop more-powerful insights Develops new services for the organisation or its stakeholders such as real-time dashboards Changes its auditing plan more frequently than it used to Performs more-frequent risk assessment than it used to 78% 29% 13% 80% 74% 55% 78% 75% 50% My functionā€¦ Thereā€™s no question that new methods and services are needed for internal audit to be able to act with sufficient speed and dexterity to furnish insights to the organisation on its digital journey. If an area of the organisation is 90% digitised or if a sprint within an agile technology delivery takes just weeks to implement, can an audit approach that takes months to complete be effective? Internal audit leaders universally agree that annual plans and annual assessments are antiquated. More- frequent and more-fluid cycles are whatā€™s necessary today, and the vast majority of internal audit functions now revisit risk assessments and audit plans more frequently than they used to (Figure 6). As organisations increasingly move to agile methodologies, internal audit functions are doing the same: by planning, testing, and validating in sprint cycles rather than waiting until projects finish before they submit audit opinions.
2019 State of the Internal Audit Profession Study | 19 Dynamics are pushing hard to use data in new ways. More-frequent cycles will help internal audit functions contribute in more-real-time and more-flexible ways. In addition, Dynamics are investing in data, analytics, and technology that will help them correlate data differently, tie more closely to the organisationā€™s strategic risks, and work more cohesively with other lines of defence in the management and monitoring of risks. Visualisation tools built on a common data set also contribute to an organisationā€™s ability to act on risk in real time. S&P Global is seeing the benefits of a common tool for dashboards and board reporting. According to Nancy J. Luquette, chief risk and audit executive, all three functions she oversees (Risk Management (comprised of five Centres of Excellence), Internal Audit and Ratings Risk Review) are now using a common tool for visualisation. ā€œWe began the effort within Internal Audit by giving the business real time audit status updates and now our audit universe is also digital using the tool. Business leaders can know what the status of a particular audit is or how many Management Action Plans are due and when at any point in time by accessing the tool. With the audit universe now in the tool, the Audit Committee may ask, for example, to see all high risk entities across the Company and itā€™s a quick click and drill down to show them that information. Internal Audit and Ratings Risk Review are also beginning to do some insights analysis as we are now able to see themes across different businesses and sectors using the tool. And the business leaders are asking us to share these insights more broadly as we see trends that are new and may be useful to various teams in the Company. And Risk Management is using the tool for monitoring and reporting of the status of vendor risk assessments, for example.ā€ ā€œEvery audit shop needs to think about adding value through the insights we provide. Keeping up with technology change and understanding the risk and the control implications of those technologies is essential to an internal audit functionā€™s relevance and effectiveness.ā€ Doug Watt, Senior Vice President and Chief Audit Executive, Fannie Mae ā€œOur products, services and/or business model can significantly change within six months. So I donā€™t know what Iā€™ll need in two years. I donā€™t have a three-year audit plan. My one-year plan changes every three months.ā€ Melvin Flowers, Corporate Vice President, Internal Audit, Microsoft Corporation
2019 State of the Internal Audit Profession Study | 20 Elevating internal auditā€™s role through digital fitness The high stakes of digital initiatives demand that every internal audit function be involved early in its organisationā€™s digital transformation. Regardless of digital prowess, internal audit has the fundamental skill sets to contribute a perspective on risks and governance. But internal audit functions that are digitally fit are far more effective at helping their stakeholders become smarter risk takers on the digital journey and as such are valued partners by helping their companies meet or exceed their digital goals. Internal auditā€™s digital fitness should move at pace with the organisation. A digitally fit internal audit function may struggle to get full benefits from its digital investments if the organisation itself is lagging behind. Conversely, if internal auditā€™s digital fitness is lagging behind the rest of the organisation there will be more points of entry for risk, which challenges the function to take faster and larger steps to innovate. With a line of sight into the organisationā€™s digital strategy, internal audit can stay aligned. Then, by looking at its own strategic plan with Dynamic risk function habits in mind, internal audit functions can plan the needed steps to make sure they have the skills, technology, methods, and services to contribute with speed and dexterity. Digital transformation is shifting the maturity curve for internal audit. The baseline contribution expected by stakeholders is rising, and the potential value internal audit can deliver is expanding. Now more than ever, internal audit functions must elevate their role to see to it that their organisations are managing risk effectively in todayā€™s increasingly dynamic environment. And audit functions that are digitally fit are well on their way. ā€œWeā€™re doing preimplementation work focused on key strategic priorities to address any potential concerns real time. Our interim status reports update management on key milestones and tollgates and flag surprises for quick resolution. We also evaluate and test risks in the build-and- design phase. This allows us to modify on the fly, not wait months to resolve issues.ā€ Joseph Pizzuto, Vice President, General Auditor and Head of Strategic Risk Management, General Motors Company
The digitally fit internal audit function Six ways to advance ā€¢ Assess your internal audit functionā€™s current staff in the context of the organisationā€™s overall digital strategy. Consider recruiting talent with more data capabilities. Make sure the team has a high degree of business acumen so as to facilitate better digital conversations with business leaders and to help identify where risks lieā€”all of which contributes to the goal of earning a seat at the table. Consider ways to jump-start your journey by taking advantage of resources in other parts of the organisation and/or through third-party partnerships, includingĀ cosourcing. ā€¢ Collaborate with the other lines of defence to help the organisation develop a common digital governance platform that will make sure that digital technologies get developed consistently and contain safeguards. When such frameworks do not exist, consider the risk to theĀ organisation. ā€¢ Consider building an ongoing data governance audit into the audit plan in order to provide assurance with regard to the organisationā€™s data, which is critical to achieving the ongoing success of many of the emerging digitalĀ technologies. ā€¢ Follow a consistent framework to identify and evaluate activities throughout the internal audit life cycle with a view to finding the best candidates for automation. Sarbanesā€“Oxley is usually a great place to startā€”particularly in areas with high sample sizes. Routine audits in such areas as travel and expense, antibribery and anticorruption, and location or plant audits also may be great candidates given the efficiencies to be achieved audit after audit. ā€¢ Align with the other lines of defence to develop a common point of view on risks. Such alignment will better lead to the areas that internal audit should focus its assurance activitiesā€”particularly activities related to its digital initiatives. Consider how the lines of defence can better make investments in technology and skill sets to achieve each functionā€™s digital goalsā€”for example, a common governance, risk, and compliance platform and common analytics tools as well as investments in data lakes. Rethink the traditional risk assessment in order to recognise the importance of risk velocity. And continually evaluateā€”and consider changes inā€”the risk profile so as to better prioritise risks and keep pace with digital initiatives. ā€¢ Identify new data-driven and technology-driven capabilities and service offeringsā€”such as continual auditing of critical controlsā€”in order to monitor high-risk areas in real time.
Ā© 2019 PwC. All rights reserved. PwC refers to the US member firm or one of its subsidiaries or affiliates, and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details. This content is for general information purposes only, and should not be used as a substitute for consultation with professional advisors. 549693-2019 LL/DvL pwc.com/us/internalauditstudy To have a deeper conversation about how this subject may affect your business, please contact: Jason Pett US Risk Assurance Leader jason.pett@pwc.com +1 (410) 659 3380 Mike Maali US Internal Audit, Compliance & Risk Management Solutions Leader mike.maali@pwc.com +1 (312) 298 2462 Jim Woods Global Risk Assurance Leader jim.woods@hk.pwc.com +1 (852) 2289 2316 Verne Klunzinger US Internal Audit, Compliance & Risk Management Solutions Partner verne.d.klunzinger@pwc.com +1 (216) 875 3172 Lauren Massey US Internal Audit, Compliance & Risk Management Solutions Principal lauren.massey@pwc.com +1 (813) 222 5455 Andrew McPherson Global GRC and Internal Audit Leader andrew.mcpherson@pwc.com +61 (0) 282 663 275

Recommended

Bureaucratic Reform through Implementation of Admission Selection for Public ...
Bureaucratic Reform through Implementation of Admission Selection for Public ...Bureaucratic Reform through Implementation of Admission Selection for Public ...
Bureaucratic Reform through Implementation of Admission Selection for Public ...teguh kurniawan
Ā 
Thailand digital governance in supporting in dealing with uncertainty
Thailand digital governance in supporting in dealing with uncertainty Thailand digital governance in supporting in dealing with uncertainty
Thailand digital governance in supporting in dealing with uncertainty KutsiyatinMSi
Ā 
20211104 rok mpm_e-saram_electronic__human_resource_management_system
20211104 rok mpm_e-saram_electronic__human_resource_management_system20211104 rok mpm_e-saram_electronic__human_resource_management_system
20211104 rok mpm_e-saram_electronic__human_resource_management_systemKutsiyatinMSi
Ā 
English ppt seminar internasional emerging issues in debates on public sector...
English ppt seminar internasional emerging issues in debates on public sector...English ppt seminar internasional emerging issues in debates on public sector...
English ppt seminar internasional emerging issues in debates on public sector...KutsiyatinMSi
Ā 
The difficult art of quantifying return on digital investments
The difficult art of quantifying return on digital investmentsThe difficult art of quantifying return on digital investments
The difficult art of quantifying return on digital investmentsBen Gilchriest
Ā 
2015 IA survey - Protiviti
2015 IA survey - Protiviti2015 IA survey - Protiviti
2015 IA survey - ProtivitiSimone Luca Giargia
Ā 
Measure for measure - the difficult art of quantifying return on digital inve...
Measure for measure - the difficult art of quantifying return on digital inve...Measure for measure - the difficult art of quantifying return on digital inve...
Measure for measure - the difficult art of quantifying return on digital inve...Rick Bouter
Ā 
How Insurers Bring Focus to Digital Initiatives through a Maturity Looking Glass
How Insurers Bring Focus to Digital Initiatives through a Maturity Looking GlassHow Insurers Bring Focus to Digital Initiatives through a Maturity Looking Glass
How Insurers Bring Focus to Digital Initiatives through a Maturity Looking GlassCognizant
Ā 

Recommended

Bureaucratic Reform through Implementation of Admission Selection for Public ...
Bureaucratic Reform through Implementation of Admission Selection for Public ...Bureaucratic Reform through Implementation of Admission Selection for Public ...
Bureaucratic Reform through Implementation of Admission Selection for Public ...teguh kurniawan
Ā 
Thailand digital governance in supporting in dealing with uncertainty
Thailand digital governance in supporting in dealing with uncertainty Thailand digital governance in supporting in dealing with uncertainty
Thailand digital governance in supporting in dealing with uncertainty KutsiyatinMSi
Ā 
20211104 rok mpm_e-saram_electronic__human_resource_management_system
20211104 rok mpm_e-saram_electronic__human_resource_management_system20211104 rok mpm_e-saram_electronic__human_resource_management_system
20211104 rok mpm_e-saram_electronic__human_resource_management_systemKutsiyatinMSi
Ā 
English ppt seminar internasional emerging issues in debates on public sector...
English ppt seminar internasional emerging issues in debates on public sector...English ppt seminar internasional emerging issues in debates on public sector...
English ppt seminar internasional emerging issues in debates on public sector...KutsiyatinMSi
Ā 
The difficult art of quantifying return on digital investments
The difficult art of quantifying return on digital investmentsThe difficult art of quantifying return on digital investments
The difficult art of quantifying return on digital investmentsBen Gilchriest
Ā 
2015 IA survey - Protiviti
2015 IA survey - Protiviti2015 IA survey - Protiviti
2015 IA survey - ProtivitiSimone Luca Giargia
Ā 
Measure for measure - the difficult art of quantifying return on digital inve...
Measure for measure - the difficult art of quantifying return on digital inve...Measure for measure - the difficult art of quantifying return on digital inve...
Measure for measure - the difficult art of quantifying return on digital inve...Rick Bouter
Ā 
How Insurers Bring Focus to Digital Initiatives through a Maturity Looking Glass
How Insurers Bring Focus to Digital Initiatives through a Maturity Looking GlassHow Insurers Bring Focus to Digital Initiatives through a Maturity Looking Glass
How Insurers Bring Focus to Digital Initiatives through a Maturity Looking GlassCognizant
Ā 
PwC Transforming Internal Audit to Drive Digital Value
PwC Transforming Internal Audit to Drive Digital ValuePwC Transforming Internal Audit to Drive Digital Value
PwC Transforming Internal Audit to Drive Digital ValueEileen Chan
Ā 
189 .docx
189 .docx189 .docx
189 .docxdrennanmicah
Ā 
Digital iq-survey-2015 pwc
Digital iq-survey-2015 pwcDigital iq-survey-2015 pwc
Digital iq-survey-2015 pwcUmberto Tessitore
Ā 
SĆ©ptima Encuesta Mundial del Coeficiente Digital de las empresas
SĆ©ptima Encuesta Mundial del Coeficiente Digital de las empresasSĆ©ptima Encuesta Mundial del Coeficiente Digital de las empresas
SƩptima Encuesta Mundial del Coeficiente Digital de las empresasPwC EspaƱa
Ā 
Key considerations for your internal audit plan
Key considerations for your internal audit planKey considerations for your internal audit plan
Key considerations for your internal audit planessbaih
Ā 
Trends in Technology for the year 2014
Trends in Technology for the year 2014Trends in Technology for the year 2014
Trends in Technology for the year 2014Winston DeLoney
Ā 
eob_dec14.artok
eob_dec14.artokeob_dec14.artok
eob_dec14.artokAndrew Simpson
Ā 
Top Internal Audit Priorities for Financial Services Organizations, 2016
Top Internal Audit Priorities for Financial Services Organizations, 2016Top Internal Audit Priorities for Financial Services Organizations, 2016
Top Internal Audit Priorities for Financial Services Organizations, 2016jennyhollingworth
Ā 
Tech trends-2014 final-electronic-single.2.11
Tech trends-2014 final-electronic-single.2.11Tech trends-2014 final-electronic-single.2.11
Tech trends-2014 final-electronic-single.2.11Executive Search Partners LLC
Ā 
Deloitte University Press Tech Trends 2014
Deloitte University Press Tech Trends 2014Deloitte University Press Tech Trends 2014
Deloitte University Press Tech Trends 2014Luis Alejandro Molina SƔnchez
Ā 
Tech trends-2014 final-electronic-single.2.24
Tech trends-2014 final-electronic-single.2.24Tech trends-2014 final-electronic-single.2.24
Tech trends-2014 final-electronic-single.2.24Vivekin
Ā 
Dtt en wp_techtrends_10022014
Dtt en wp_techtrends_10022014Dtt en wp_techtrends_10022014
Dtt en wp_techtrends_10022014Thierry Labro
Ā 
Digital Readiness and the Pandemic: Assessing the Impact
Digital Readiness and the Pandemic: Assessing the ImpactDigital Readiness and the Pandemic: Assessing the Impact
Digital Readiness and the Pandemic: Assessing the ImpactTata Consultancy Services
Ā 
Analytics - The speed advantage
Analytics - The speed advantageAnalytics - The speed advantage
Analytics - The speed advantageIBM Software India
Ā 
The cognitive CFO
The cognitive CFOThe cognitive CFO
The cognitive CFOQuanam
Ā 
GRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfGRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfbasilmph
Ā 
Digital disruption ā€“ dive in to thrive
Digital disruption ā€“ dive in to thriveDigital disruption ā€“ dive in to thrive
Digital disruption ā€“ dive in to thriveŠŠøŠŗŠ¾Š»Š°Š¹ Š”Š¾Š»Š¾Š²ŃŒŃ‘Š²
Ā 
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationHow Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationCognizant
Ā 
PWC 2014 Global Digital IQ Survey
PWC 2014 Global Digital IQ SurveyPWC 2014 Global Digital IQ Survey
PWC 2014 Global Digital IQ Surveypolenumerique33
Ā 
Etude PwC Digital IQ (2014)
Etude PwC Digital IQ (2014)Etude PwC Digital IQ (2014)
Etude PwC Digital IQ (2014)PwC France
Ā 
Detasering_secondment_BLU_SPI_APIP.pdf
Detasering_secondment_BLU_SPI_APIP.pdfDetasering_secondment_BLU_SPI_APIP.pdf
Detasering_secondment_BLU_SPI_APIP.pdfDr .Maizar Radjin, SE., M.Ak., QIA., QRMA, CRGP
Ā 
Aturan pALING LENGKAP Manajemen ASN_pns _sESUAI_NSPK_SLIDE SHARE.pdf
Aturan pALING LENGKAP Manajemen ASN_pns _sESUAI_NSPK_SLIDE SHARE.pdfAturan pALING LENGKAP Manajemen ASN_pns _sESUAI_NSPK_SLIDE SHARE.pdf
Aturan pALING LENGKAP Manajemen ASN_pns _sESUAI_NSPK_SLIDE SHARE.pdfDr .Maizar Radjin, SE., M.Ak., QIA., QRMA, CRGP
Ā 

More Related Content

Similar to Meningkatkan peran audit internal fungsi peran digital

PwC Transforming Internal Audit to Drive Digital Value
PwC Transforming Internal Audit to Drive Digital ValuePwC Transforming Internal Audit to Drive Digital Value
PwC Transforming Internal Audit to Drive Digital ValueEileen Chan
Ā 
Digital iq-survey-2015 pwc
Digital iq-survey-2015 pwcDigital iq-survey-2015 pwc
Digital iq-survey-2015 pwcUmberto Tessitore
Ā 
SĆ©ptima Encuesta Mundial del Coeficiente Digital de las empresas
SĆ©ptima Encuesta Mundial del Coeficiente Digital de las empresasSĆ©ptima Encuesta Mundial del Coeficiente Digital de las empresas
SƩptima Encuesta Mundial del Coeficiente Digital de las empresasPwC EspaƱa
Ā 
Key considerations for your internal audit plan
Key considerations for your internal audit planKey considerations for your internal audit plan
Key considerations for your internal audit planessbaih
Ā 
Trends in Technology for the year 2014
Trends in Technology for the year 2014Trends in Technology for the year 2014
Trends in Technology for the year 2014Winston DeLoney
Ā 
Top Internal Audit Priorities for Financial Services Organizations, 2016
Top Internal Audit Priorities for Financial Services Organizations, 2016Top Internal Audit Priorities for Financial Services Organizations, 2016
Top Internal Audit Priorities for Financial Services Organizations, 2016jennyhollingworth
Ā 
Tech trends-2014 final-electronic-single.2.24
Tech trends-2014 final-electronic-single.2.24Tech trends-2014 final-electronic-single.2.24
Tech trends-2014 final-electronic-single.2.24Vivekin
Ā 
Dtt en wp_techtrends_10022014
Dtt en wp_techtrends_10022014Dtt en wp_techtrends_10022014
Dtt en wp_techtrends_10022014Thierry Labro
Ā 
Digital Readiness and the Pandemic: Assessing the Impact
Digital Readiness and the Pandemic: Assessing the ImpactDigital Readiness and the Pandemic: Assessing the Impact
Digital Readiness and the Pandemic: Assessing the ImpactTata Consultancy Services
Ā 
Analytics - The speed advantage
Analytics - The speed advantageAnalytics - The speed advantage
Analytics - The speed advantageIBM Software India
Ā 
The cognitive CFO
The cognitive CFOThe cognitive CFO
The cognitive CFOQuanam
Ā 
GRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfGRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfbasilmph
Ā 
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationHow Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationCognizant
Ā 
PWC 2014 Global Digital IQ Survey
PWC 2014 Global Digital IQ SurveyPWC 2014 Global Digital IQ Survey
PWC 2014 Global Digital IQ Surveypolenumerique33
Ā 
Etude PwC Digital IQ (2014)
Etude PwC Digital IQ (2014)Etude PwC Digital IQ (2014)
Etude PwC Digital IQ (2014)PwC France
Ā 

Similar to Meningkatkan peran audit internal fungsi peran digital (20)

PwC Transforming Internal Audit to Drive Digital Value
PwC Transforming Internal Audit to Drive Digital ValuePwC Transforming Internal Audit to Drive Digital Value
PwC Transforming Internal Audit to Drive Digital Value
Ā 
189 .docx
189 .docx189 .docx
189 .docx
Ā 
Digital iq-survey-2015 pwc
Digital iq-survey-2015 pwcDigital iq-survey-2015 pwc
Digital iq-survey-2015 pwc
Ā 
SĆ©ptima Encuesta Mundial del Coeficiente Digital de las empresas
SĆ©ptima Encuesta Mundial del Coeficiente Digital de las empresasSĆ©ptima Encuesta Mundial del Coeficiente Digital de las empresas
SĆ©ptima Encuesta Mundial del Coeficiente Digital de las empresas
Ā 
Key considerations for your internal audit plan
Key considerations for your internal audit planKey considerations for your internal audit plan
Key considerations for your internal audit plan
Ā 
Trends in Technology for the year 2014
Trends in Technology for the year 2014Trends in Technology for the year 2014
Trends in Technology for the year 2014
Ā 
eob_dec14.artok
eob_dec14.artokeob_dec14.artok
eob_dec14.artok
Ā 
Top Internal Audit Priorities for Financial Services Organizations, 2016
Top Internal Audit Priorities for Financial Services Organizations, 2016Top Internal Audit Priorities for Financial Services Organizations, 2016
Top Internal Audit Priorities for Financial Services Organizations, 2016
Ā 
Tech trends-2014 final-electronic-single.2.11
Tech trends-2014 final-electronic-single.2.11Tech trends-2014 final-electronic-single.2.11
Tech trends-2014 final-electronic-single.2.11
Ā 
Deloitte University Press Tech Trends 2014
Deloitte University Press Tech Trends 2014Deloitte University Press Tech Trends 2014
Deloitte University Press Tech Trends 2014
Ā 
Tech trends-2014 final-electronic-single.2.24
Tech trends-2014 final-electronic-single.2.24Tech trends-2014 final-electronic-single.2.24
Tech trends-2014 final-electronic-single.2.24
Ā 
Dtt en wp_techtrends_10022014
Dtt en wp_techtrends_10022014Dtt en wp_techtrends_10022014
Dtt en wp_techtrends_10022014
Ā 
Digital Readiness and the Pandemic: Assessing the Impact
Digital Readiness and the Pandemic: Assessing the ImpactDigital Readiness and the Pandemic: Assessing the Impact
Digital Readiness and the Pandemic: Assessing the Impact
Ā 
Analytics - The speed advantage
Analytics - The speed advantageAnalytics - The speed advantage
Analytics - The speed advantage
Ā 
The cognitive CFO
The cognitive CFOThe cognitive CFO
The cognitive CFO
Ā 
GRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfGRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdf
Ā 
Digital disruption ā€“ dive in to thrive
Digital disruption ā€“ dive in to thriveDigital disruption ā€“ dive in to thrive
Digital disruption ā€“ dive in to thrive
Ā 
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationHow Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
Ā 
PWC 2014 Global Digital IQ Survey
PWC 2014 Global Digital IQ SurveyPWC 2014 Global Digital IQ Survey
PWC 2014 Global Digital IQ Survey
Ā 
Etude PwC Digital IQ (2014)
Etude PwC Digital IQ (2014)Etude PwC Digital IQ (2014)
Etude PwC Digital IQ (2014)
Ā 

More from Dr .Maizar Radjin, SE., M.Ak., QIA., QRMA, CRGP

More from Dr .Maizar Radjin, SE., M.Ak., QIA., QRMA, CRGP (20)

Detasering_secondment_BLU_SPI_APIP.pdf
Detasering_secondment_BLU_SPI_APIP.pdfDetasering_secondment_BLU_SPI_APIP.pdf
Detasering_secondment_BLU_SPI_APIP.pdf
Ā 
Aturan pALING LENGKAP Manajemen ASN_pns _sESUAI_NSPK_SLIDE SHARE.pdf
Aturan pALING LENGKAP Manajemen ASN_pns _sESUAI_NSPK_SLIDE SHARE.pdfAturan pALING LENGKAP Manajemen ASN_pns _sESUAI_NSPK_SLIDE SHARE.pdf
Aturan pALING LENGKAP Manajemen ASN_pns _sESUAI_NSPK_SLIDE SHARE.pdf
Ā 
Transformasi Internal Audit_APIP_Auditor Agile_Itjen_Kemenhub_Agile Auditing_...
Transformasi Internal Audit_APIP_Auditor Agile_Itjen_Kemenhub_Agile Auditing_...Transformasi Internal Audit_APIP_Auditor Agile_Itjen_Kemenhub_Agile Auditing_...
Transformasi Internal Audit_APIP_Auditor Agile_Itjen_Kemenhub_Agile Auditing_...
Ā 
Perilaku Kerja Inovatif Memediasi Pengaruh Integritas, Kompetensi Dan Leader...
Perilaku Kerja Inovatif Memediasi Pengaruh Integritas, Kompetensi Dan Leader...Perilaku Kerja Inovatif Memediasi Pengaruh Integritas, Kompetensi Dan Leader...
Perilaku Kerja Inovatif Memediasi Pengaruh Integritas, Kompetensi Dan Leader...
Ā 
Buku Saku Perilaku Kerja Inovatif dan Efektivitas Kerja Internal Audit
Buku Saku Perilaku Kerja Inovatif dan Efektivitas Kerja Internal AuditBuku Saku Perilaku Kerja Inovatif dan Efektivitas Kerja Internal Audit
Buku Saku Perilaku Kerja Inovatif dan Efektivitas Kerja Internal Audit
Ā 
Sistem manajemen kinerja pns permenpan 8 tahun 2021
Sistem manajemen kinerja pns permenpan 8 tahun 2021Sistem manajemen kinerja pns permenpan 8 tahun 2021
Sistem manajemen kinerja pns permenpan 8 tahun 2021
Ā 
Change it today birokrasi is modern model
Change it today birokrasi is modern modelChange it today birokrasi is modern model
Change it today birokrasi is modern model
Ā 
Penyederhanaan struktur organisasi kementerian lembaga penyederhanaan birokrasi
Penyederhanaan struktur organisasi kementerian lembaga penyederhanaan birokrasiPenyederhanaan struktur organisasi kementerian lembaga penyederhanaan birokrasi
Penyederhanaan struktur organisasi kementerian lembaga penyederhanaan birokrasi
Ā 
Manajemen talenta ASN arah model birokrasi 2020 2024
Manajemen talenta ASN arah model birokrasi 2020 2024Manajemen talenta ASN arah model birokrasi 2020 2024
Manajemen talenta ASN arah model birokrasi 2020 2024
Ā 
Pentingnya pengendalian risiko bagi organsiasi menghadapi revolusi global dar...
Pentingnya pengendalian risiko bagi organsiasi menghadapi revolusi global dar...Pentingnya pengendalian risiko bagi organsiasi menghadapi revolusi global dar...
Pentingnya pengendalian risiko bagi organsiasi menghadapi revolusi global dar...
Ā 
Mewujudkan birokrasi di era disrupsi dan tatanan normal baru
Mewujudkan birokrasi di era disrupsi dan tatanan normal baruMewujudkan birokrasi di era disrupsi dan tatanan normal baru
Mewujudkan birokrasi di era disrupsi dan tatanan normal baru
Ā 
Three lines model updated, IIA update model tiga lapis pertahanan risiko
Three lines model updated, IIA update model tiga lapis pertahanan risikoThree lines model updated, IIA update model tiga lapis pertahanan risiko
Three lines model updated, IIA update model tiga lapis pertahanan risiko
Ā 
Dua model pengukuran dampak ekonomi proyek infrastruktur publik
Dua model pengukuran dampak ekonomi proyek infrastruktur publikDua model pengukuran dampak ekonomi proyek infrastruktur publik
Dua model pengukuran dampak ekonomi proyek infrastruktur publik
Ā 
Perencanaan dan penganggaran yang lebih efisien, efektif dan bermanfaat bagi ...
Perencanaan dan penganggaran yang lebih efisien, efektif dan bermanfaat bagi ...Perencanaan dan penganggaran yang lebih efisien, efektif dan bermanfaat bagi ...
Perencanaan dan penganggaran yang lebih efisien, efektif dan bermanfaat bagi ...
Ā 
Redesain sistem perencanaan dan penganggaran kementerian dan lembaga
Redesain sistem perencanaan dan penganggaran kementerian dan lembagaRedesain sistem perencanaan dan penganggaran kementerian dan lembaga
Redesain sistem perencanaan dan penganggaran kementerian dan lembaga
Ā 
Maizar_Pembangunan zona integritas zi wbk wbbm tahun 2020 kementerian perhubu...
Maizar_Pembangunan zona integritas zi wbk wbbm tahun 2020 kementerian perhubu...Maizar_Pembangunan zona integritas zi wbk wbbm tahun 2020 kementerian perhubu...
Maizar_Pembangunan zona integritas zi wbk wbbm tahun 2020 kementerian perhubu...
Ā 
Kebijakan implementasi reformasi birokrasi RB 2020 2024
Kebijakan implementasi reformasi birokrasi RB 2020 2024Kebijakan implementasi reformasi birokrasi RB 2020 2024
Kebijakan implementasi reformasi birokrasi RB 2020 2024
Ā 
Proses audit jarak jauh selama dan setelah corona virus disease 2019 covid 19
Proses audit jarak jauh selama dan setelah corona virus disease 2019 covid 19Proses audit jarak jauh selama dan setelah corona virus disease 2019 covid 19
Proses audit jarak jauh selama dan setelah corona virus disease 2019 covid 19
Ā 
Pembangunan Zona Integritas (ZI) menuju predikat Wilayah Bebas dari Korupsi (...
Pembangunan Zona Integritas (ZI) menuju predikat Wilayah Bebas dari Korupsi (...Pembangunan Zona Integritas (ZI) menuju predikat Wilayah Bebas dari Korupsi (...
Pembangunan Zona Integritas (ZI) menuju predikat Wilayah Bebas dari Korupsi (...
Ā 
Value based internal auditing - Nilai Dasar Internal Audit
Value based internal auditing - Nilai Dasar Internal AuditValue based internal auditing - Nilai Dasar Internal Audit
Value based internal auditing - Nilai Dasar Internal Audit
Ā 

Recently uploaded

Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...
Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...
Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...tanu pandey
Ā 
The U.S. Budget and Economic Outlook (Presentation)
The U.S. Budget and Economic Outlook (Presentation)The U.S. Budget and Economic Outlook (Presentation)
The U.S. Budget and Economic Outlook (Presentation)Congressional Budget Office
Ā 
Regional Snapshot Atlanta Aging Trends 2024
Regional Snapshot Atlanta Aging Trends 2024Regional Snapshot Atlanta Aging Trends 2024
Regional Snapshot Atlanta Aging Trends 2024ARCResearch
Ā 
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
Ā 
Finance strategies for adaptation. Presentation for CANCC
Finance strategies for adaptation. Presentation for CANCCFinance strategies for adaptation. Presentation for CANCC
Finance strategies for adaptation. Presentation for CANCCNAP Global Network
Ā 
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
Ā 
Get Premium Budhwar Peth Call Girls (8005736733) 24x7 Rate 15999 with A/c Roo...
Get Premium Budhwar Peth Call Girls (8005736733) 24x7 Rate 15999 with A/c Roo...Get Premium Budhwar Peth Call Girls (8005736733) 24x7 Rate 15999 with A/c Roo...
Get Premium Budhwar Peth Call Girls (8005736733) 24x7 Rate 15999 with A/c Roo...MOHANI PANDEY
Ā 
2024: The FAR, Federal Acquisition Regulations - Part 29
2024: The FAR, Federal Acquisition Regulations - Part 292024: The FAR, Federal Acquisition Regulations - Part 29
2024: The FAR, Federal Acquisition Regulations - Part 29JSchaus & Associates
Ā 
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...tanu pandey
Ā 
Pimpri Chinchwad ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi R...
Pimpri Chinchwad ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi R...Pimpri Chinchwad ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi R...
Pimpri Chinchwad ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi R...tanu pandey
Ā 
celebrity šŸ’‹ Agra Escorts Just Dail 8250092165 service available anytime 24 hour
celebrity šŸ’‹ Agra Escorts Just Dail 8250092165 service available anytime 24 hourcelebrity šŸ’‹ Agra Escorts Just Dail 8250092165 service available anytime 24 hour
celebrity šŸ’‹ Agra Escorts Just Dail 8250092165 service available anytime 24 hourCall Girls in Nagpur High Profile
Ā 
A Press for the Planet: Journalism in the face of the Environmental Crisis
A Press for the Planet: Journalism in the face of the Environmental CrisisA Press for the Planet: Journalism in the face of the Environmental Crisis
A Press for the Planet: Journalism in the face of the Environmental CrisisChristina Parmionova
Ā 
Postal Ballots-For home voting step by step process 2024.pptx
Postal Ballots-For home voting step by step process 2024.pptxPostal Ballots-For home voting step by step process 2024.pptx
Postal Ballots-For home voting step by step process 2024.pptxSwastiRanjanNayak
Ā 
The Economic and Organised Crime Office (EOCO) has been advised by the Office...
The Economic and Organised Crime Office (EOCO) has been advised by the Office...The Economic and Organised Crime Office (EOCO) has been advised by the Office...
The Economic and Organised Crime Office (EOCO) has been advised by the Office...nservice241
Ā 
TEST BANK For Essentials of Negotiation, 7th Edition by Roy Lewicki, Bruce Ba...
TEST BANK For Essentials of Negotiation, 7th Edition by Roy Lewicki, Bruce Ba...TEST BANK For Essentials of Negotiation, 7th Edition by Roy Lewicki, Bruce Ba...
TEST BANK For Essentials of Negotiation, 7th Edition by Roy Lewicki, Bruce Ba...robinsonayot
Ā 
Just Call Vip call girls Wardha Escorts ā˜Žļø8617370543 Starting From 5K to 25K ...
Just Call Vip call girls Wardha Escorts ā˜Žļø8617370543 Starting From 5K to 25K ...Just Call Vip call girls Wardha Escorts ā˜Žļø8617370543 Starting From 5K to 25K ...
Just Call Vip call girls Wardha Escorts ā˜Žļø8617370543 Starting From 5K to 25K ...Dipal Arora
Ā 
RussianšŸŒDazzling Hottie Getā˜Žļø 9053900678 ā˜Žļøcall girl In Chandigarh By Chandig...
RussianšŸŒDazzling Hottie Getā˜Žļø 9053900678 ā˜Žļøcall girl In Chandigarh By Chandig...RussianšŸŒDazzling Hottie Getā˜Žļø 9053900678 ā˜Žļøcall girl In Chandigarh By Chandig...
RussianšŸŒDazzling Hottie Getā˜Žļø 9053900678 ā˜Žļøcall girl In Chandigarh By Chandig...Chandigarh Call girls 9053900678 Call girls in Chandigarh
Ā 
2024: The FAR, Federal Acquisition Regulations, Part 30
2024: The FAR, Federal Acquisition Regulations, Part 302024: The FAR, Federal Acquisition Regulations, Part 30
2024: The FAR, Federal Acquisition Regulations, Part 30JSchaus & Associates
Ā 

Recently uploaded (20)

(NEHA) Call Girls Nagpur Call Now 8250077686 Nagpur Escorts 24x7
(NEHA) Call Girls Nagpur Call Now 8250077686 Nagpur Escorts 24x7(NEHA) Call Girls Nagpur Call Now 8250077686 Nagpur Escorts 24x7
(NEHA) Call Girls Nagpur Call Now 8250077686 Nagpur Escorts 24x7
Ā 
Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...
Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...
Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...
Ā 
The U.S. Budget and Economic Outlook (Presentation)
The U.S. Budget and Economic Outlook (Presentation)The U.S. Budget and Economic Outlook (Presentation)
The U.S. Budget and Economic Outlook (Presentation)
Ā 
Regional Snapshot Atlanta Aging Trends 2024
Regional Snapshot Atlanta Aging Trends 2024Regional Snapshot Atlanta Aging Trends 2024
Regional Snapshot Atlanta Aging Trends 2024
Ā 
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Ā 
Finance strategies for adaptation. Presentation for CANCC
Finance strategies for adaptation. Presentation for CANCCFinance strategies for adaptation. Presentation for CANCC
Finance strategies for adaptation. Presentation for CANCC
Ā 
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Ā 
Get Premium Budhwar Peth Call Girls (8005736733) 24x7 Rate 15999 with A/c Roo...
Get Premium Budhwar Peth Call Girls (8005736733) 24x7 Rate 15999 with A/c Roo...Get Premium Budhwar Peth Call Girls (8005736733) 24x7 Rate 15999 with A/c Roo...
Get Premium Budhwar Peth Call Girls (8005736733) 24x7 Rate 15999 with A/c Roo...
Ā 
2024: The FAR, Federal Acquisition Regulations - Part 29
2024: The FAR, Federal Acquisition Regulations - Part 292024: The FAR, Federal Acquisition Regulations - Part 29
2024: The FAR, Federal Acquisition Regulations - Part 29
Ā 
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Ā 
Pimpri Chinchwad ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi R...
Pimpri Chinchwad ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi R...Pimpri Chinchwad ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi R...
Pimpri Chinchwad ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi R...
Ā 
celebrity šŸ’‹ Agra Escorts Just Dail 8250092165 service available anytime 24 hour
celebrity šŸ’‹ Agra Escorts Just Dail 8250092165 service available anytime 24 hourcelebrity šŸ’‹ Agra Escorts Just Dail 8250092165 service available anytime 24 hour
celebrity šŸ’‹ Agra Escorts Just Dail 8250092165 service available anytime 24 hour
Ā 
A Press for the Planet: Journalism in the face of the Environmental Crisis
A Press for the Planet: Journalism in the face of the Environmental CrisisA Press for the Planet: Journalism in the face of the Environmental Crisis
A Press for the Planet: Journalism in the face of the Environmental Crisis
Ā 
Call Girls in Chandni Chowk (delhi) call me [9953056974] escort service 24X7
Call Girls in Chandni Chowk (delhi) call me [9953056974] escort service 24X7Call Girls in Chandni Chowk (delhi) call me [9953056974] escort service 24X7
Call Girls in Chandni Chowk (delhi) call me [9953056974] escort service 24X7
Ā 
Postal Ballots-For home voting step by step process 2024.pptx
Postal Ballots-For home voting step by step process 2024.pptxPostal Ballots-For home voting step by step process 2024.pptx
Postal Ballots-For home voting step by step process 2024.pptx
Ā 
The Economic and Organised Crime Office (EOCO) has been advised by the Office...
The Economic and Organised Crime Office (EOCO) has been advised by the Office...The Economic and Organised Crime Office (EOCO) has been advised by the Office...
The Economic and Organised Crime Office (EOCO) has been advised by the Office...
Ā 
TEST BANK For Essentials of Negotiation, 7th Edition by Roy Lewicki, Bruce Ba...
TEST BANK For Essentials of Negotiation, 7th Edition by Roy Lewicki, Bruce Ba...TEST BANK For Essentials of Negotiation, 7th Edition by Roy Lewicki, Bruce Ba...
TEST BANK For Essentials of Negotiation, 7th Edition by Roy Lewicki, Bruce Ba...
Ā 
Just Call Vip call girls Wardha Escorts ā˜Žļø8617370543 Starting From 5K to 25K ...
Just Call Vip call girls Wardha Escorts ā˜Žļø8617370543 Starting From 5K to 25K ...Just Call Vip call girls Wardha Escorts ā˜Žļø8617370543 Starting From 5K to 25K ...
Just Call Vip call girls Wardha Escorts ā˜Žļø8617370543 Starting From 5K to 25K ...
Ā 
RussianšŸŒDazzling Hottie Getā˜Žļø 9053900678 ā˜Žļøcall girl In Chandigarh By Chandig...
RussianšŸŒDazzling Hottie Getā˜Žļø 9053900678 ā˜Žļøcall girl In Chandigarh By Chandig...RussianšŸŒDazzling Hottie Getā˜Žļø 9053900678 ā˜Žļøcall girl In Chandigarh By Chandig...
RussianšŸŒDazzling Hottie Getā˜Žļø 9053900678 ā˜Žļøcall girl In Chandigarh By Chandig...
Ā 
2024: The FAR, Federal Acquisition Regulations, Part 30
2024: The FAR, Federal Acquisition Regulations, Part 302024: The FAR, Federal Acquisition Regulations, Part 30
2024: The FAR, Federal Acquisition Regulations, Part 30
Ā 

Meningkatkan peran audit internal fungsi peran digital

  • 1. Elevating internal auditā€™s role: The digitally fit function 2019 State of the Internal Audit Profession Study Share
  • 2. 2019 State of the Internal Audit Profession Study | 2 Organisations are rapidly rolling out digital initiatives in an arena defined by more data, more automation, sophisticated cyberattacks, and constantly evolving customer expectations. In some waysā€”for internal audit functionsā€”the situation is not new: technology risks and controls have already been on their agendas for decades, and most can reliably deliver a technology audit. But digital rollouts heighten risks beyond the technology itself. For instance, as public trust in institutions and corporations has been on the wane, the implications of a data-privacy breach could be significantā€”even for a pilot project. Or a faulty artificial-intelligence (AI) algorithm could wreak havoc on financial accounting. Digital initiatives change the risk profile, and in todayā€™s information-rich era, data to inform decision makingā€”and risk takingā€”is falling short. According to PwCā€™s 22nd Annual Global CEO Survey, the quality level of the data that leaders need in order to make long-term decisions based on their companiesā€™ risk exposure is exactly the same level as it was 10 years ago. Just 22% of CEOs call such data sufficiently comprehensive. Internal audit needs (1) the dexterity to pivot quickly and to keep up with the digital pace of the business, and (2) the knowledge and skills to provide advice and strategic assurance in this new arena. Internal audit functions that increase their own levels of digital fitness will be far more effective at meeting that challenge. By harnessing digital capabilities and the power of dataā€”both data internal to their organisations and data outside themā€”internal audit functions can find correlations that will not only keep pace with changing risks but also help predict changing risk profiles. Our 2019 Global Risk, Internal Audit and Compliance Survey shows that as organisations move through digital transformation, internal audit functions that are more digitally fit more effectively help their stakeholders become smarter risk takers in the face of changing risk profiles.
  • 3. 2019 State of the Internal Audit Profession Study | 3 What does the expression internal audit digital fitness mean? The definition is twofold: (1) having in place the skills and competencies to provide strategic advice to stakeholders and to provide assurance with regard to risks from the organisationā€™s digital transformation and (2) changing the functionā€™s own processes and services so as to become more data driven and digitally enabled so the function can align with the organisationā€™s strategic risks and thereby anticipate and respond to risk events at the pace and scale that the organisationā€™s digital transformation requires. Talk about the upskilling of staff, about closer engagement with stakeholders, and the use of data, analytics, and workflow technologies is ongoing. And now is the time to shift from discussion to action because internal audit functionsā€™ digital fitness must match the organisationā€™s digital transformation; otherwise, gaps across the lines of defence will widen, and more points of entry for risk will appear. ā€œYou can want to focus on doing things in a digital way but if you donā€™t have the support behind it from your CEO and the board, and really have them driving you to do what you do with a focus on digital, you can beat your head against the wall and not get anywhere. I donā€™t want to underestimate how important senior leadership and board support is to be able to do this and to be successful at it.ā€ Nancy J. Luquette, Senior Vice President, Chief Risk & Audit Executive, S&P Global Inc
  • 4. 2019 State of the Internal Audit Profession Study | 4 Figure 1 Where digitally ļ¬t internal audit functions stand out Digital ļ¬tness in each dimension Dynamics Actives Beginners Digital maturity score on a scale of 0 to 100 based on PwC analysis and index calculation. Base: 98 Dynamics; 140 Actives; 271 Beginners 20 40 60 80 100 Vision and roadmap Ways of working Stakeholder engagement Operations Services model Which internal audit functions are the most digitally fit? As a group, the internal audit functionā€™s level of digital fitnessā€”in some areasā€” lags that of its risk management and compliance peers, according to our survey of 2,000 executives. But some internal audit functions are making significant headway (Figure 1), and their organisations are seeing greater benefits from their digital initiatives. Those benefits include more-effective management of transformation risk and more payoff than expected against planned outcomes such as improved customer experience and increased revenue growth. We evaluated internal audit survey respondents based on their digital fitness scores across five dimensions. The group that was found to be the most digitally fit consisted of 19% of total internal audit respondents, whom we call Dynamics. (See Being a smarter risk taker through digital transformation: 2019 Risk in Review for a full discussion of Dynamic risk management, compliance and internal audit functions.) Dynamics embody a mix of highly regulated and less-regulated industries, various geographic regions, and different organisation sizes. The next-most-digitally-fit group of internal audit functions are named Actives. That group, which represented 27% of internal audit functions in the survey, is taking many of the steps necessary to become more digitally fit. The balance of internal audit functions in our survey (54%), which we call Beginners, are conducting or planning to conduct some of the activities we measured, though in far more ad hoc ways, and are at a very early stage in their digital journey.
  • 5. 2019 State of the Internal Audit Profession Study | 5 Our study analysed the behaviours that set Dynamics apart from those a step behind in their overall digital fitness. We identified six habits that Dynamics embrace to help their stakeholders become smarter risk takers throughout digital transformation (Figure 2). The first habit centres on going all-in on the organisationā€™s digital plan. Internal audit functions canā€™t help their organisations thrive digitally if they donā€™t have a line of sight to the organisationsā€™ digital transformation strategies. So, Dynamics plug into strategy and keep the function in lockstep. CEO and board support helps them maintain alignment and advance the functionā€™s digital fitness. Two other habitsā€”actively engaging decision makers and collaborating and aligning to provide a consolidated view of riskā€”are also key elements of digital fitness. Engaging with stakeholders helps internal audit provide risk perspectives at the right times across digital initiatives. And, as the risk universe becomes more dynamic, all risk functions should push towards working from common risk information and providing a consolidated view of risks for stakeholders and theĀ board. Here we focus on the remaining three habitsā€”upskilling current staff and injecting new talent, finding the right fits for emerging technologies, and enabling the organisation to act on risks in real timeā€”because those habits combine to give internal audit a dexterity for moving all six habits forward. Our lessons from Dynamics in those areas guide internal audit functions towards a baseline of digital fitness and the things they must do in order to advance. ā€œInternal audit has to have a seat at the table with management. As you build these out, you donā€™t want internal audit to come in afterwards and identify gaps in controls. They really need to be there right at the beginning. However, itā€™s one thing physically having a seat at the table but another having the credibility to be listened to.ā€ Vanessa C. L. Chang, Member, Audit Committee, Edison International and Sykes Enterprises
  • 6. 2019 State of the Internal Audit Profession Study | 6 Figure 2 Six habits of dynamic internal audit functionsThe six habits of risk functions that fuel smarter risk taking 01 Go all-in on the organisationā€™s digital plan 03 Find the right fit for emerging technologies 04 Enable the organisation to act on risks in real time 05 Actively engage decision makers of key digital initiatives 02 Upskill and inject new talent to move at the speed of the organisation 06 Collaborate and align to provide a consolidated view of risks
  • 7. 2019 State of the Internal Audit Profession Study | 7 Upskill and inject new talent to move at the speed of theĀ organisation Creatively source talent to build the functionā€™s digital skills, and invest to protect the talent you have
  • 8. 2019 State of the Internal Audit Profession Study | 8 Internal auditors donā€™t require deep technical knowledge to begin engaging in their organisationā€™s digital initiatives. Auditors bring a thorough understanding of risk and processā€”which is a valuable lens that decision makers sometimes lack. Internal audit can also connect the dots on risks across multiple digital initiatives throughout an organisation. But as organisations become more and more digital, internal auditā€™s baseline levels of digital acumen and skills must rise. For instance, a deeper understanding of data is critical because data sits at the centre of all things digital. And even though auditors donā€™t have to be robotic-process- automation (RPA) experts or data scientists, they do have to understand data sources in order to assess data quality, to test whether an algorithm is performing as planned, and to know what kinds of insights can be drawn from the data. Dynamics are more capable of auditing emerging technology. Although still far from being fully staffed to address their organisationā€™s use of emerging technologies, Dynamics are more prepared to audit emerging technology than their peers areā€”particularly in such areas as cloud technologies, automation of business processes, and the Internet of Things (Figure 3). They also see a future in which theyā€™re skilled for auditing a wide variety of emerging technologiesā€”even those not in use by their organisations today. In fact, Dynamics are taking action now in anticipation of their organisationsā€™ use of those future technologies. For example, 49% of Dynamics are currently auditing or skilling up to audit AI. By contrast, 13% of Beginnersā€”who represent a mix of industries similar to the industries Dynamics are inā€”are doing so. ā€œYou donā€™t need every single team member to be data scientists, but you need the team to be on board with the direction you are going. And then you need a few with the energy, passion and knowledge around the topic to drive it forward.ā€ Sara Merian, Head of Internal Audit and Financial Compliance, Syngenta International AG
  • 9. 2019 State of the Internal Audit Profession Study | 9 Q. Which of the following best describes your current preparedness to audit each of the following new technologies? Base: 98 Dynamics; 140 Actives; 271 Beginners Dynamics Actives Beginners Figure 3 Dynamics are preparing to audit emerging technologies My internal audit function is fully staffed and capable of auditing or in the past 12 months has audited an area that uses this technology. 26% 14% 6% 14% 8% 4% 38% 36% 24% 25% 15% 6% 4% 2% 0% 5% 4% 0% 7% 4% 1% 6% 3% 1% 11% 1% 1% 9% 3% 1% Drones3-D printingBlockchainVRARIoTCloud technologies RoboticsIntelligent automation AI
  • 10. 2019 State of the Internal Audit Profession Study | 10 To keep pace with their organisationā€™s digital transformation, itā€™s essential that internal audit functions both inject new talent and upskill staff. Dynamics put digital first in the ways they recruit talent. They more often target and reach candidates through digital recruiting strategies, and they publicise the opportunity to work with new digital technologies (Figure 4). Q. How does your internal audit function plan to attract new talent or upskill current talent to meet its digital needs? (Responses are ā€˜Doing nowā€™) Base: 97 Dynamics; 137 Actives; 254 Beginners Dynamics Actives Beginners Figure 4 Dynamics put digital ļ¬rst in recruiting Publicises opportunities to work with new digital technologies 64% 34% 17% Uses digital recruiting strategies to better target and reach candidates through such channels as mobile, social media, or video 71% 51% 31% My functionā€¦
  • 11. 2019 State of the Internal Audit Profession Study | 11 Dynamics also invest in upskilling their full teamā€™s technology skills to an ever-rising baseline. Investment in upskilling differs significantly between Dynamics, Actives, and Beginners. Dynamics are working with their organisations on digital initiatives to increase internal auditā€™s level of digital knowledge; theyā€™re partnering with risk and compliance functions on training investments; and theyā€™re building upskilling programmes of their own. As they streamline internal audit operations through technology, internal audit leaders can redirect the generated efficiency to create time for upskilling and innovation. Nationwide Mutual Insurance senior vice president and chief audit executive, Greg Jordan has taken a creative approach to upskilling his team and the business. He knows that ā€œwhat you knew yesterday is outdated today, and what we know today is outdated tomorrow.ā€ Internal audit is driving increased value on emerging technologies by producing white papers on the risk and controls considerations on these technologies. ā€œWe also have in our plan to produce white papers on cryptocurrencies and blockchain. It will help the business with risks they should be thinking about, and it also educates our own team. For our 100 hours of office-required training, weā€™re going to be more prescriptive and assign more case studies to be more hands-on with learning. Weā€™ll also have more mock audits, more activities to move our activities to an automated fashion.ā€ Jordan believes itā€™s unacceptable to have their business partners using AI and RPA and not have a level of requisite knowledge within the internal audit team. Internal audit also has to have access to very-deep-subject-matter specialists, so Dynamics are working hard to identify people from within who have the aptitudes and adjacent skills to become experts. Auditors with business acumen who have demonstrated mathematics or data skills or who have educational backgrounds in science, math, statistics, economics, and certain other fields that build critical thinking are learning data science. Many Dynamics are creating centres of excellence and turning to outside service providers to fill specialised skills needsā€”particularly for emerging technologies expertise and for deep business understanding (Figure 5). Upskilling may require changing internal auditā€™s philosophy as a profession so it can tolerate more risk. Health insurer Health Care Service Corporationā€™s internal audit function has found success in creating a more innovative culture. ā€œWe have a culture that addresses risk by engaging with new ideas and technologies. This challenges our staff to go outside of their comfort zone and grow,ā€ reports Robert Lembach, vice president of internal audit. ā€œMost automation in the department has come from being pragmatic and engaging staff to think about how to solve problems through automation. It motivates them beyond just ticking and tying. We have to challenge our staff because there is risk in doing things the old way: not getting the most value out of our people and constantlyĀ recruiting.ā€ Internal audit will always need new skill sets. And though audit skills will continue to be foundational, auditors in the near future will look different than they do today as they blend those traditional skills with digital and business acumen. In todayā€™s highly competitive market for technical skills, if internal audit functions fail to continually invest in and reward their peopleā€™s digital skillsā€”and provide them with the technology they expectā€”retention will suffer. Dynamics understand thatĀ lesson.
  • 12. 2019 State of the Internal Audit Profession Study | 12 Q. How does your internal audit function plan to attract new talent or upskill current talent to meet its digital needs? (Responses are ā€˜Doing nowā€™) Base: 98 Dynamics; 140 Actives; 271 Beginners Q. Please rate your level of agreement with the following statements about your internal audit function. (Responses are ā€œAgreeā€™ or ā€˜Strongly agreeā€™) Base: 97 Dynamics; 137 Actives; 254 Beginners Dynamics Actives Beginners Figure 5 Dynamics use multiple strategies for building digital skills Partners with the organisation in digital initiatives to increase internal auditā€™s digital knowledge 68% 47% 24% Is implementing training programmes to enhance the teamā€™s technology skills 84% 66% 37% Taps external service providers for the digital skills it needs 76% 62% 57% Increasingly relies on shared services, centres of excellence, or service delivery centres for such capabilities as data testing 68% 54% 34% My functionā€¦
  • 13. 2019 State of the Internal Audit Profession Study | 13 Find the right fit for emerging technologies Audit and advise on emerging technologies, and use them to streamline the function
  • 14. 2019 State of the Internal Audit Profession Study | 14 Dynamic internal audit functions are embracing new technologies from multiple dimensions by providing advice and assurance that appropriate controls are in place as their organisations adopt new technologies and by using the technologies within their own departments to streamline the function. Dynamics have firmer grasp of the role that is expected of them in emergingĀ technology. In the newest of emerging technology areas, Dynamics more often view their role as that of risk consultants who help the business understand risks from the use of the technology and its associated data, or that of governance assurance providers who perform audit or advisory activities to make sure technology governance is established. In more mature areas of emerging technology, such as cloud technology, wherein internal audit has deeper subject matter knowledge, the majority see their role as risk-and-controls-assurance providers. That shows that Dynamics recognise the importance of early involvement in their organisationā€™s new technology use so they can provide risk and governance input, even if they lack deep understanding of the technology. Then, as the technology becomes more and more integral to the organisation, they expand their role to serve as both consultant and assurance provider. Internal auditā€™s digital and data governance role Digital transformation cannot progress well without strong digital and data governance, and every internal audit function can and should be involved in that process. Regardless of levels of digital knowledge and skills, internal audit can provide a point of view on governance and can help the organisation learn how changes affect controls operations prior to executionā€”rather than after the fact. Organisations cannot make the best use of emerging technologies without trustworthy dataā€”meaning, data that is clean, accurate, and accessible. For example, RPA relies on good data to efficiently and accurately process information. But if data governance is absent or applied piecemeal, the likelihood of poor data is high, and the risk is higher that new technologies will not operate effectively. Internal audit can provide input as data governance is getting establishedā€”and assurance once it is in place. Internal audit functions should ask themselves, (1) Is data governance an area of focus within internal auditā€™s technology audits in 2019? And, (2) Is internal audit confident about data controlsā€”including those for security, privacy, access, and accuracyā€”in its organisationā€™s use of new technologies? Internal audit cannot plug into every project, and neither can risk management or compliance. But if tied closely to the organisationā€™s digital strategy and if involved early in significant initiatives, internal audit can expand its risk coverage by helping shape digital governance frameworks. Such frameworks guide the many projects that embed the same emerging technology for different use cases, thereby improving the odds that control considerations get embedded too. Internal audit can then focus on testing to see that guidelines get upheld across a selection of initiatives. Two-thirds of Dynamics ensure the right governance of digital initiatives; 40% help establish those governance standards.
  • 15. 2019 State of the Internal Audit Profession Study | 15 ā€œAlgorithms are in themselves their own worst enemy. I donā€™t know whether the algorithm that was built has been tested or whether third parties looked at it. I donā€™t even know whether external auditors were involved. If you use the technology tool to go through contracts and drive revenue, accounts receivable, cash, and deferred revenue, how do I know that the algorithm was correct? Who audits that? Who tests it? And importantly, how do I know itā€™s locked down so that someone canā€™t come in and change it? Thatā€™s where I get concerned.ā€ Vanessa C. L. Chang, Member, Audit Committee, Edison International and Sykes Enterprises Dynamics are beginning to find ways of using emerging technology in theirĀ work. When it comes to using emerging technologies within their function, many internal audit functions struggle to find the fit. For example, 54% of internal audit functions are either unsure of or do not plan to use AI within the next two years. Even RPA use is questioned: 49% do not plan to use RPA or are unsure how they will use it. But not Dynamics: 37% use RPA currently, and another 45% plan to do so within two years. As for automation, executives we spoke with pointed to Sarbanesā€“Oxley compliance as a logical starting point. Emerging technologies such as RPA, machine learning, and AI provide the opportunity to streamline and automate processes and to gain greater assurance over control effectiveness. For one company, testing to see whether terminated employeesā€™ system access rights were being removed in a timely manner was a highly manual process. It required using a lookup function from three disparate data sources for each IT application, which took the audit team 100 hours to test 20 instances of the control. With RPA, a bot was built in 40 hours that performs in seven hours the previously manual processes. By automating many stages of the test except human review, testing hours greatly reduced, and coverage expanded from a sample basis to full populations, which provides greater assurance.
  • 16. 2019 State of the Internal Audit Profession Study | 16 Dynamics are thinking about how technology can help them do things differently rather than limiting their thinking to process improvement. They donā€™t think of emerging technology as a bolt on but as a smarter way to do more. Consider how analytics have been adopted by many internal audit functions, primarily in the areas of audit planning and audit execution. Internal audit functions are far less often stepping back to reimagine how the full audit approach could change through the use of analytics, including redesigning risk assessments to be data driven, leveraging analytics to continuously monitor controls, conducting full population testing, and providing stakeholders with more insights through real- time dashboards and reporting. When a more transformative and fully integrated approach throughout the entire internal audit life cycle is considered, internal audit functions not only expand risk coverage, they also help their organisation act on risks in real time. ā€œEasy access to RPA was a warning siren about how we had to have a proper governance process in place to allow access to these digital tools but with some supervision over the operation of them...my team did a good job of getting the right governance in place balancing risk withĀ opportunity.ā€ John Merino, Chief Accounting Officer, FedEx Corporation
  • 17. 2019 State of the Internal Audit Profession Study | 17 Enable the organisation to act on risks in realĀ time Build new methods and services to deliver assurance at the speed the organisationĀ requires
  • 18. 2019 State of the Internal Audit Profession Study | 18 Q. Please rate your level of agreement with the following statements about your internal audit function. (Responses are ā€˜Agreeā€™ or ā€˜Strongly agreeā€™) Base: 98 Dynamics; 140 Actives; 271 Beginners Q. Is your internal audit function doing or planning to do the following service-related activities based on the availability of digital technologies? (Responses are ā€˜Doing nowā€™) Base: 98 Dynamics; 140 Actives; 271 Beginners Dynamics Actives Beginners Figure 6 Dynamics are using data and technology to develop more-powerful insights Develops new services for the organisation or its stakeholders such as real-time dashboards Changes its auditing plan more frequently than it used to Performs more-frequent risk assessment than it used to 78% 29% 13% 80% 74% 55% 78% 75% 50% My functionā€¦ Thereā€™s no question that new methods and services are needed for internal audit to be able to act with sufficient speed and dexterity to furnish insights to the organisation on its digital journey. If an area of the organisation is 90% digitised or if a sprint within an agile technology delivery takes just weeks to implement, can an audit approach that takes months to complete be effective? Internal audit leaders universally agree that annual plans and annual assessments are antiquated. More- frequent and more-fluid cycles are whatā€™s necessary today, and the vast majority of internal audit functions now revisit risk assessments and audit plans more frequently than they used to (Figure 6). As organisations increasingly move to agile methodologies, internal audit functions are doing the same: by planning, testing, and validating in sprint cycles rather than waiting until projects finish before they submit audit opinions.
  • 19. 2019 State of the Internal Audit Profession Study | 19 Dynamics are pushing hard to use data in new ways. More-frequent cycles will help internal audit functions contribute in more-real-time and more-flexible ways. In addition, Dynamics are investing in data, analytics, and technology that will help them correlate data differently, tie more closely to the organisationā€™s strategic risks, and work more cohesively with other lines of defence in the management and monitoring of risks. Visualisation tools built on a common data set also contribute to an organisationā€™s ability to act on risk in real time. S&P Global is seeing the benefits of a common tool for dashboards and board reporting. According to Nancy J. Luquette, chief risk and audit executive, all three functions she oversees (Risk Management (comprised of five Centres of Excellence), Internal Audit and Ratings Risk Review) are now using a common tool for visualisation. ā€œWe began the effort within Internal Audit by giving the business real time audit status updates and now our audit universe is also digital using the tool. Business leaders can know what the status of a particular audit is or how many Management Action Plans are due and when at any point in time by accessing the tool. With the audit universe now in the tool, the Audit Committee may ask, for example, to see all high risk entities across the Company and itā€™s a quick click and drill down to show them that information. Internal Audit and Ratings Risk Review are also beginning to do some insights analysis as we are now able to see themes across different businesses and sectors using the tool. And the business leaders are asking us to share these insights more broadly as we see trends that are new and may be useful to various teams in the Company. And Risk Management is using the tool for monitoring and reporting of the status of vendor risk assessments, for example.ā€ ā€œEvery audit shop needs to think about adding value through the insights we provide. Keeping up with technology change and understanding the risk and the control implications of those technologies is essential to an internal audit functionā€™s relevance and effectiveness.ā€ Doug Watt, Senior Vice President and Chief Audit Executive, Fannie Mae ā€œOur products, services and/or business model can significantly change within six months. So I donā€™t know what Iā€™ll need in two years. I donā€™t have a three-year audit plan. My one-year plan changes every three months.ā€ Melvin Flowers, Corporate Vice President, Internal Audit, Microsoft Corporation
  • 20. 2019 State of the Internal Audit Profession Study | 20 Elevating internal auditā€™s role through digital fitness The high stakes of digital initiatives demand that every internal audit function be involved early in its organisationā€™s digital transformation. Regardless of digital prowess, internal audit has the fundamental skill sets to contribute a perspective on risks and governance. But internal audit functions that are digitally fit are far more effective at helping their stakeholders become smarter risk takers on the digital journey and as such are valued partners by helping their companies meet or exceed their digital goals. Internal auditā€™s digital fitness should move at pace with the organisation. A digitally fit internal audit function may struggle to get full benefits from its digital investments if the organisation itself is lagging behind. Conversely, if internal auditā€™s digital fitness is lagging behind the rest of the organisation there will be more points of entry for risk, which challenges the function to take faster and larger steps to innovate. With a line of sight into the organisationā€™s digital strategy, internal audit can stay aligned. Then, by looking at its own strategic plan with Dynamic risk function habits in mind, internal audit functions can plan the needed steps to make sure they have the skills, technology, methods, and services to contribute with speed and dexterity. Digital transformation is shifting the maturity curve for internal audit. The baseline contribution expected by stakeholders is rising, and the potential value internal audit can deliver is expanding. Now more than ever, internal audit functions must elevate their role to see to it that their organisations are managing risk effectively in todayā€™s increasingly dynamic environment. And audit functions that are digitally fit are well on their way. ā€œWeā€™re doing preimplementation work focused on key strategic priorities to address any potential concerns real time. Our interim status reports update management on key milestones and tollgates and flag surprises for quick resolution. We also evaluate and test risks in the build-and- design phase. This allows us to modify on the fly, not wait months to resolve issues.ā€ Joseph Pizzuto, Vice President, General Auditor and Head of Strategic Risk Management, General Motors Company
  • 21. The digitally fit internal audit function Six ways to advance ā€¢ Assess your internal audit functionā€™s current staff in the context of the organisationā€™s overall digital strategy. Consider recruiting talent with more data capabilities. Make sure the team has a high degree of business acumen so as to facilitate better digital conversations with business leaders and to help identify where risks lieā€”all of which contributes to the goal of earning a seat at the table. Consider ways to jump-start your journey by taking advantage of resources in other parts of the organisation and/or through third-party partnerships, includingĀ cosourcing. ā€¢ Collaborate with the other lines of defence to help the organisation develop a common digital governance platform that will make sure that digital technologies get developed consistently and contain safeguards. When such frameworks do not exist, consider the risk to theĀ organisation. ā€¢ Consider building an ongoing data governance audit into the audit plan in order to provide assurance with regard to the organisationā€™s data, which is critical to achieving the ongoing success of many of the emerging digitalĀ technologies. ā€¢ Follow a consistent framework to identify and evaluate activities throughout the internal audit life cycle with a view to finding the best candidates for automation. Sarbanesā€“Oxley is usually a great place to startā€”particularly in areas with high sample sizes. Routine audits in such areas as travel and expense, antibribery and anticorruption, and location or plant audits also may be great candidates given the efficiencies to be achieved audit after audit. ā€¢ Align with the other lines of defence to develop a common point of view on risks. Such alignment will better lead to the areas that internal audit should focus its assurance activitiesā€”particularly activities related to its digital initiatives. Consider how the lines of defence can better make investments in technology and skill sets to achieve each functionā€™s digital goalsā€”for example, a common governance, risk, and compliance platform and common analytics tools as well as investments in data lakes. Rethink the traditional risk assessment in order to recognise the importance of risk velocity. And continually evaluateā€”and consider changes inā€”the risk profile so as to better prioritise risks and keep pace with digital initiatives. ā€¢ Identify new data-driven and technology-driven capabilities and service offeringsā€”such as continual auditing of critical controlsā€”in order to monitor high-risk areas in real time.
  • 22. Ā© 2019 PwC. All rights reserved. PwC refers to the US member firm or one of its subsidiaries or affiliates, and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details. This content is for general information purposes only, and should not be used as a substitute for consultation with professional advisors. 549693-2019 LL/DvL pwc.com/us/internalauditstudy To have a deeper conversation about how this subject may affect your business, please contact: Jason Pett US Risk Assurance Leader jason.pett@pwc.com +1 (410) 659 3380 Mike Maali US Internal Audit, Compliance & Risk Management Solutions Leader mike.maali@pwc.com +1 (312) 298 2462 Jim Woods Global Risk Assurance Leader jim.woods@hk.pwc.com +1 (852) 2289 2316 Verne Klunzinger US Internal Audit, Compliance & Risk Management Solutions Partner verne.d.klunzinger@pwc.com +1 (216) 875 3172 Lauren Massey US Internal Audit, Compliance & Risk Management Solutions Principal lauren.massey@pwc.com +1 (813) 222 5455 Andrew McPherson Global GRC and Internal Audit Leader andrew.mcpherson@pwc.com +61 (0) 282 663 275