This presentation is my endeavor to bring to notice the new position that internal audit enjoys today in the corporate framework, expectations of the industry and emerging opportunities for the professionals.
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance Company
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
1. POSITION OF INTERNAL AUDIT IN THE
CORPORATE FRAMEWORK
Recent developments have highlighted critical role of board of directors in
promoting effectiveness of their organizations internal control system.
These developments have highlighted key role that internal audit can play
in supporting the board in ensuring adequate oversight of internal controls
and in doing so form an integral part of organizations corporate governance
framework. Resulting into change in needs and aspirations of organizations
changed towards their Internal Auditors and across the Value Chain.
Internal audit functions being emphasized today pre-existed but it is the
management who have accepted Internal Audit functions due to changes in
the environment. These views can be very much supported if we take a
Quick overview of the definition of Internal Audit as defined by the Institute
of Internal Auditors (IIA):
Independent
Objective
Assurance
Consulting
Value Additions
Improved Operations
„Internal auditing is an independent, objective assurance and
consulting activity designed to add value and improve an organization‟s
operations.
2. It helps an agency accomplish its objectives by bringing a systematic,
disciplined approach to evaluate and improve the effectiveness of risk
management, control and governance processes.‟
Control
Risk
Management
Governance
Processess
Evaluate & Improve
Definition and Objective of an Assurance Engagement as per Handbook
of Auditing Pronouncements Edition 2013 “Assurance engagement”
means an engagement in which a practitioner expresses a conclusion
designed to enhance the degree of confidence of the intended users other
than the responsible party about the outcome of the evaluation or
measurement of a subject matter against criteria.
And this is the very much need of the Organizations & Stakeholders as on
date.
In this presentation Endeavor has been to bring to light various facets
depicting Internal Audit‟s key role within the organization which is not just
3. restricted to corporate governance but also encompasses other wide areas
covered in later part of presentation.
There has been paradigm shift for need of Internal Audit and its scope.
Today organization expect Internal Audit functions to identify risks and
guiding in setting strategies to encounter them with long term horizon, align
business structure with business and fits organizational culture. Areas for
Internal Audit are no more restricted to Compliance or Governance part.
Today reports have evolved from traditional spreadsheet reports to reports
aiding in decision making.
So have Internal Audit functions moved beyond the compliance centric
focus for which the function has been historically known and continues to
drive business and strategic insights. Auditors are now efficiently and
effectively delivering value to organization by conducting specialized audits
which are increasingly appearing on audit plan in present demand driven
environment.
Internal Audit functions have evolved by adopting to technological changes
(ie use of data mining, data ware housing, benchmarking etc.) better
understanding of organization and its goals, identifying the environmental
changes and using same for the welfare and growth of stakeholders at
large and organizations in particular.
Listed are few of the issues which brought Internal Audit in driving position,
to aid Corporate Framework strategically:
1. Changing Operating Environment:
Change in Regulatory Climate
Corporate Governance
Reporting Structures
Markets
Organizations are under immense pressure by the regulatory bodies to
not only abide by the laws but fulfill their responsibilities towards the
society. Governance Risk Compliance (GRC), Clause 49 of Listing
4. Agreements issued by SEBI, Applicability of Schedule VI and recently
enacted Companies Bill 2013 are few of the examples.
Moreover change in markets like demand, supply, new entrants,
consumer behavior, a superior position enjoyed in market may or may
not be available in future this has resulted in risk analysis its implications
on real time basis.
Core competencies of Internal Audit Department and personnel have not
only helped organizations to survive in spontaneous environment but
have helped grow in a better way by developing best practices or
following same.
The standards on auditing issued by ICAI guide auditors on same lines,
as per SA 250 CONSIDERATION OF LAWS & REGULATIONS IN AN
AUDIT OF FINANCIAL STATEMENTS (Revised) though onus is on
management to follow laws applicable to them auditor is supposed to
obtain certificate from management and at the same time check
compliance of same on random basis.
2. Convergence of Perspectives
It is balancing of risks with the organizational goals so as to bring
multiple factors together in a cohesive way to deal with issue. For e.g.
Balancing or risk of new entrants with maintaining adequate margins in
product line or Going Concern Concept has to be matched up with the
Compliance Procedures.
3. Emerging Risks
Business decisions & processes have grown far complex and given rise to
new set of risks which earlier never existed like risk of social media.
Management may not be able to foresee the impact of decisions taken at a
certain stage but risk assurance and data mining techniques, internal audit
shall not only help in adjusting with the risks but to tap opportunities latent
to the risk assigned and thereby deliver value to the organization.
5. CASE: Challenger Space Shuttle Disaster (January 28, 1986) a
Management Decision Error - Risk of explosion of Shuttle exploding at
take off was grossly under estimated. Had the Internal Audit be given
opportunity to undertake risk based audit may be this disaster would have
never occurred.
List of Emerging Risks in Environment:
Economic instability
Cyber security
Major shift in technology
Strategic transactions in global locations (e.g., M&A, divestitures)
Regulations around data privacy
Risks in third-world countries/emerging markets
Customer preferences
Competitor innovation
Social media
Climate change and sustainability
Sovereign risk
4. Real Time Business Processes
Business Processes have evolved to Real Time Business Processes
brining higher amount of information exchange at faster pace. The rapid
evolution of technology is creating a number of risks as it raises the
potential to completely change the business landscape across entire
industries. These changes are creating both internal and external
challenges which have profound implication.
Internal Audit Department have prepared organizations aggressively
leveraging new technologies so as to remain competitive, while at the same
time effectively manage the related risks.
5. Emphasis on Risk Based Audits
The Risk based approaches rationalizes the IA resources to more
productive, impactful channels, it improves the ratio of Input to Output (of IA
process. Organizations have realized significance of risk based audits in
6. course of business and decision making. These audits not only help in
collaboration of perspectives but also help in averting ill of poor decision
making.
6. Complex Supply Chain
With change in environment supply chains have also evolved. They are
now more complex and multi layered. This puts pressure on management
to ensure that Supply Chains are Cost Effective, Streamlined and
Automated. Again audit plays a key role here by not only providing
comparatives but by identifying gaps in the chain and suggesting alternate
course of action.
7. Increased Interdependencies between and within Organizations
Today organization structures and processes are not limited to vertical
hierarchy but are interconnected at various levels, change frequently and
are in a way disconnected from organization.
Even Standardized Operating Procedures fail to perform if not changed
with change in environment. This is where Internal Audit comes to rescue
by developing proactive SOP‟s.
8. Favoring Cohesive decisions against single point decisions
An organization within itself is fragmented into various verticals and
departments with their own set of goals, strengths, weaknesses,
opportunities and threats. Henceforth decisions taken should be keeping in
mind enterprise level scenario and not restricted to department or vertical
level. There has been a paradigm shift within the organization to endeavor
planned strategic decisions against taking last moment single point
decisions as and when situation arises. As a result audit managers are
expected to serve as a fulcrum in not only decision making but also giving
audit observations in same lines.
9. Economic Downturn
7. Though it being an emerging risk in environment requires to be mentioned
and discussed separately at this forum. Volatility, financial instability and
the pace of technological change has consumers, investors and regulators
demanding greater visibility into what organizations are doing and on the
other hand increasing gap on demand side is putting immense pressure on
management to reduce operational costs and at same time reduce
inconsistencies existing in the organization. . In this increasingly complex
environment, organizations need Internal Audit to take on a broader
mandate within the organization and help in achieve the desired goals.
Above list is not exhaustive other facets too exist like Greater Assurance on
financial controls, Increasing reliance of External Auditors on Internal
Auditors Reports, etc.
As the Corporate continues to expand scope of deliverables by IA, it has
led to spectrum of services as we talk now:
8. .
• Financial Audit and Accounting
.
• Internal Control
.
• Compliance / Regulatory
.
• Operational Audit
.
• Data Analytics
.
• Fraud Prevention / Detection
.
• Risk Management
.
• Deep Industry Experience
.
• Business Strategy
.
• Process Improvement
.
• Verbal / Written Communication
.
• Critical / Analytical Thinking
.
• Relationship Acumen
.
• Leadership and Network
.
• Presentation and Facilitation
.
• Project Management
.
• Advisory and Consulting
.
• Technology
.
• Change Management
9. Internal Auditors have to balance between assurance and advisory audits
for achieving greater business insights. For e.g. balancing Audit Committee
and management expectations on one side and business initiatives on the
other. Finding this balance is unique to each organization and its strategic
objectives. With the right balance Internal Audit provides key business
insights and strategic advice, the organization seeks.
Role of Internal auditors has grown with span of time and proactiveness of
this industry shall determine their existence in the corporate framework.
Internal Audit is need of Time for organizations to make next success story.
VOTE OF THANKS