In 1908, Henry Ford developed his famous Ford Model T car and successfully sold it for almost 20 years. Today, it would be unimaginable to produce and sell the exact same product for such a long period of time. For example, since the creation of the iPhone just 11 years ago, we have witnessed the development of 14 different types. Today, in the globalised and digital era, time seems to go faster and the world looks smaller. In these accelerated times, leaders must frequently make fast decisions that weigh opportunity against risk. In order to face these new challenges, companies are increasingly taking a digital transformation journey and risk functions must provide more proactive and real-time insights to support these decisions. Consequently, the urge to use digital tools (like real-time dashboards) and get more insights from data (e.g. with data analytics), not only to better inform decision makers, but also to act on risks in real-time and detect competitive advantages, is everywhere.
Digital Transformation and its need for new methods, services and innovative tools
During this time of digital transformation, it is important that the Internal Audit function is involved in the organisation’s digital journey from the beginning. Internal Audit can bring its fundamental skillsets to contribute a perspective on risks and governance, which are highly valuable in a transformation process. If Internal Audit has strong digital abilities within its team, this can help key stakeholders to become smarter risk-takers on the digital journey and support companies in meeting or even exceeding their digital goals.
The need for Internal Audit to use new methods and services in order to be able to act quickly and skilfully to provide insights into the organisation on its digital path has also been identified in the ‘PwC 2019 State of the Internal Audit Study’.
What is most needed to improve the digital capabilities of your function and remain relevant to stakeholders? (Ranked most needed)
Source: PwC 2019 Global Risk, Internal Audit and Compliance Survey
Visualisation tools, such as dashboards, provide multiple advantages that enable the Internal Audit function to contribute in a more real-time and more flexible way. These tools can be coupled, for example, with data analytics solutions and technology that can correlate data and allow Internal Audit to provide even more insights to key stakeholders. Moreover, dashboards can also make it easier to work more coherently with other lines of defence in managing and monitoring risk. Further, dashboards can be an asset to business leaders by providing them with easy access to real-time updates on Internal Audit’s progress/results (e.g. which audits are in preparation, fieldwork, finalisation; what is the status of actions agreed by Management).
In addition, dashboards can be used to provide Audit Committees and Management with an overview of key risk indicators within the organisation. Such key risk indicator (KRI) dashboards can be used to monitor the possible exposure from a given risk, help predict potentially higher risk areas and highlight emerging trends. Risks and related controls can then be further assessed to determine where Internal Audit can make recommendations to Management to further improve control reliability and better manage risks.
When thinking about dashboards, it is important that a systematic approach is taken to managing the dashboard and the data that feeds it. A tool is only as effective as the people, processes and, in particular, the data it uses. In this regard, especially the availability and quality of data can be a challenge in some companies and hinder the development of useful dashboards and analytics. Even the best algorithm and processes involved in a dashboard are no guarantee that the critical information can be relied on. And even the best decision-makers are only as good as the critical information they base decisions on. For this reason, relevant, accurate and timely data are essential.
How to handle the risk of data
In order to help mitigate the risk of unavailability and/or poor quality of data, it is important to have a strong data governance in place. Internal Audit can provide value add to organisations in assessing the effectiveness of data governance processes and making recommendations to strengthen the overall governance structure, including data governance policies, procedures, processes and controls.
Conclusion
Digital transformation requires organisations to go through a learning journey. In the fast-paced digital transformation, governance models need to be critically assessed and flexed to adequately address emerging risks from new technology. During this journey, the Business will need a strong partner on board that can contribute additional insights and perspectives on risks and governance – this is where we see Internal Audit stepping up to the plate and supporting the organisation in achieving its digital objectives. The Business will be looking to Internal Audit to provide more proactive and real-time insights to support decision-making. Ultimately, Internal Audit’s contribution will lead to strengthening the Business’ management of risks in the digital transformation with additional insight, robust governance models and agile, reliable control frameworks. Internal Audit will definitely be challenged in the digital transformation, but it is a challenge that Internal Audit is well equipped to take on.