Internal Audit Reporting
Analytics in Auditing Is a Game Changer
With digitalisation, robotics and business transformation gaining more momentum in organisations every day, internal audit needs to embrace analytics – and fast.
Data analytics will be a game changer for the internal audit profession. Organisations worldwide are undertaking business and digital transformation initiatives, enabling changes that will have far-reaching effects on every enterprise function. Not surprisingly, the ability to utilise data analytics and “big data” to achieve competitive advantage and manage operations and strategic plans ranks among the top risk issues for board members and C-suite executives worldwide. Machine learning and robotic process automation are among the many emerging technologies and innovations with which internal audit functions need to keep pace or else risk being left behind.
These issues are challenging enough, but for CAEs and internal auditors, the demands don’t stop there. Cyber security, enterprise risk management, fraud, vendor risk and corporate culture are among numerous areas that dominate 2018 audit plans for organisations worldwide.
In our study this year, we again take a look at how internal audit groups are leveraging analytics in the audit process, where improvements are needed, and also delve into the many priorities internal audit organisations have for the coming year.
Top 8 Audit Plan Priorities for 2018:
- Fraud risk management
- Cyber security risks/threat
- Vendor/third-party risk management
- Enterprise Risk Management – Align Risk with Strategy and Performance (COSO Enterprise risk Management Framework)
- Revenue Recognition Standard (Financial Accounting Standards Board [FASB] Accounting Standards Update No. 2014-09)
- Agile risk and compliance
- Auditing corporate culture
- Cloud computing
Our Key Findings:
- The use of analytics in auditing remains in the early stages – The maturity of using analytics in the audit process remains relatively low; many audit functions are likely using analytics tools as point solutions as opposed to part of broader initiatives to leverage analytics throughout the audit process.
- Audit analytics may be more advanced among European and Asia-Pacific organisations – These companies appear to be more advanced in numerous audit analytics capabilities relative to organisations in North America, though again, the use of analytics likely is higher for point solutions versus broader programs and initiatives.
- There is a correlation between audit committee engagement in analytics and information the committee receives around internal audit’s use of analytics – Our results suggest that if a high level of information is shared with the audit committee regarding the use of analytics in auditing, the committee’s overall engagement in the process, which can include its willingness to authorise further investments in analytics, is higher.
- Fraud, cyber security threats, third-party risk, ERM and corporate culture are top audit plan priorities – Organisations are focused on these areas in their 2018 audit plans. Internal audit functions should determine how to transition to analytics to improve their coverage of these areas.