Staying Remote, Yet Relevant: Essentials of a Value-Based Audit During PandemicAudit Management | 4 Min Read |13 July 21|by Pallavi Singh
The COVID-19 pandemic is a major crisis affecting every organization across every sector. To adapt to the new operational environment brought about by the outbreak, organizations worldwide increasingly switched to a digital-first business model and adjusted their business functions, including internal audit, to remote setup in 2020. With various pockets around the world still in the clutches of the coronavirus and its deadlier variants, remote auditing seems to be the norm this year as well for a number of organizations.
Remote auditing is not new—organizations, particularly those with global operations, have been using this audit method for years now. However, the pandemic has made the pivot towards remote auditing an absolute necessity for almost all organizations, regardless of their size and global footprint.
According to the International Organization for Standardization (ISO), the value of remote auditing “resides in its potential to provide flexibility to achieving the audit objectives. In order to realize the benefits of this audit method, all interested parties should be aware of their role in the process, inputs, expected outputs, and risks and opportunities that will provide the basis to achieve the audit and audit program objectives.”
How to Scope a Value-Driven Remote Audit
Broadly speaking, the audit lifecycle remains the same whether conducted on-premises or remotely. And, organizations have to ensure that their IA function is agile, relevant, and effective. MetricStream’s State of Internal Audit Survey Report 2021 highlighted the dire need to revamp the IA function at most organizations – 60% of the respondents said that their organization doesn’t yet follow an agile approach to internal auditing, while 80% of auditors still use office productivity software or point solutions despite the limitations of these tools.
That said, there are certain key considerations to ensure the effectiveness of the remote auditing approach in today’s digitized and fast-paced world:
- Devising a Comprehensive Remote Audit Plan
A well-planned strategy is the first step in developing a successful remote auditing program. It is important that the plan is aligned with the strategic goals and the current business environment and circumstances. In this post-COVID era, for instance, remote working, macroeconomic shifts, and structural changes have heightened existing risks and created new ones in areas such as supply chain, remote supervision and training, cybersecurity, and many more. Internal auditors, therefore, must refocus on areas they may not have considered as high risk before or risks they may not have considered at all.
In addition, implementing a rapid assurance model should be included in the plan. By breaking down the audit cycle into shorter segments or cycles with compressed timelines for reviews, insights, and action, this approach can help provide real-time assurance and instill more agility into an organizations’ working models. This will also help facilitate a more risk-based approach to auditing.
- Communicating the Plan
Effective communication is critical for ensuring that the remote auditing approach yields the desired results. The best practice is to organize a kick-off meeting with all relevant stakeholders to explain the scope and the strategy – the timelines of the process, how the information will be collected, tools used, etc. This is critical to ensure that the auditees are aligned with the overall plan.
In addition to the kick-off meeting, remote auditors must also schedule additional engagements for discussing issues and status updates, reviewing the audit report, etc. For remote interviews, the meetings must be scheduled well in advance to ensure the availability of the auditees.
- Leveraging Advanced Tools and Analytics
For conducting the audit process remotely, the reliance on video conferencing tools and document sharing platforms increases manifold. Remote auditors today can also leverage advanced technologies, such as cloud computing, artificial intelligence, machine learning, etc., and data analytics, which facilitate digitized risk assessments, provide real-time access to audit data, dashboard, and reports, enable real-time reporting, and more.
By automating various processes, these tools enable a systematic, workflow-driven, risk-based audit process, thereby reducing the burden on the IA team. Technology, in fact, is a key element for effectively driving remote auditing and enhancing the efficiency of the process. Implementing the right audit management tool or software can help streamline and standardize audit processes and better equip the executive management to make timely, data-driven business decisions.
MetricStream Internal Audit Management enables organizations to infuse more agility into their internal audit program and ensure that it is aligned with business goals and prepared for multi-dimensional risks. It also strengthens collaboration across the three lines, optimizes productivity, and boosts the board’s confidence with improved visibility into risks and potential opportunities. In addition, with the latest Arno release, MetricStream has delivered some exciting new features to the product in order to ease the pressure on Internal Auditors and complement their skills and knowledge.
To request a demo, click here.
1. Navigating New Terrain: Internal Auditing in a Covid-19 Era (To download the eBook, click here)
2. Importance of Robotic Process Automation (RPA) and Data Analytics (DA) in Internal Audit (To download the eBook, click here)
3. Can Artificial Intelligence Help Internal Audit Step Up Its Game? (To download the insight, click here)