Last week I boarded a transatlantic flight from London to the U.S. and apart from the security checks that we have all become accustomed to, the guidance from the airport ground staff and the mumbled voice projected over the ear-crackling speakers were very conversant (once you could hear them). Let me explain! The airport would have had to update its processes and controls in line with the virus and additional COVID-19 tests that passengers need to adhere to before they can even step foot on a plane.
Just to be clear, I am not someone who wanders through airports leisurely looking for flawless instructions. I usually drift through with a coffee in one hand while wrestling a stubborn suitcase in the other, as the four wheels disobediently spin in all directions.
Airports have had to pivot their operations to survive the pandemic and adopt the everchanging guidelines that have been imposed by governments. Without the implementation of a solid internal control framework, they may not have been allowed to operate efficiently in the pandemic and continue their business.
Internal controls are essential to the survival of an organization. I recently had the opportunity to listen, learn, and moderate a session on this very topic titled “Internal Controls for the New Norm.”
Some of the discussion points included:
Watch the Webinar: Internal Controls for the New Normal
2 years into the COVID-19 pandemic and much has changed. Although on the medical front various concepts have advanced, the chaos caused to organizations and their professionals resulting from lockdowns and mandates has impacted every aspect of compliance, operations, and financial reporting. It goes without saying that internal controls have also been impacted.
This all comes at a time when the requirements outlined by Sarbanes-Oxley have not changed and other regulatory requirements on internal controls have stayed static. However, we must ask if management has maintained a consistent focus on control processes. At the same time, controls over financial reporting have deteriorated in many cases because of the dynamics of a remote work environment including:
Then there are things that have changed including:
Ultimately, changes in the workforce, remote working, and in the business as a result of COVID-19 may increase control deficiencies making Risk assessment more important than ever.
In today’s environment, consider some of the following risk areas and how they may impact your organization.
At MetricStream, we can navigate you in the right direction, as we focus on continuous risk monitoring.
Our solution updates the audit universe and libraries periodically in response to changes in the organization’s business, operations, programs, or systems. There is better collaboration across resources to create dynamic audit plans.
We focus on cyber security by
With ConnectedGRC, we enable collaboration between different lines of business. We integrate GRC to achieve the common ultimate objective. With a federated data model and a common risk and control language, our cross-product insights make information sharing easy and effective.
This blog is part of the Instagram of Risk Blog Series, authored by Suneel Sahi, VP, Product Marketing at MetricStream, which captures discussions and insights trending in the risk community.
Read his most recent blog for a quick recap on “moving from risk to resilience and making your organization anti-fragile.” Check out Suneel’s other ‘Instagram of Risk’ ’blogs on the key takeaways from the Charted Institute of Internal Auditors event in London, the European Compliance Week event, and the October 21 MetricStream GRC Summit held in London, Copenhagen, and Zurich.