Innovation and tech advancements are hitting the market at a breakneck speed. All companies are either trying to leverage the AI, Chat-Bots, ML or any form of new models available in the market or even they're trying to make their own. With this comes additional
challenges. Security is a big concern. No ML / AI model will work without empirical data data. And data is the single most important asset for any organisation that can be a market differential.
Internal Audit at an Infection point
Challenges for internal Audit were already there. Data Quality, Audit Methodology and periodical & cyclic nature of Internal Audit has already got Audit in crossroads of many departments many times in most of the companies. In my 15 years if experience I
have seen perception for Audit hasn't been great as well. Departments see Audit as a watchdog and sometimes extra work instead of realising that the function is merely there to be the last line of defence for the organisation. The data breaches we see today
is sometimes put squarely on Audit and Compliance department's failure to identify the threats & risks. Still some noticeable highlights of the AFAANZ Conference in Auckland, NZ
were the questions Internal Audit functions discussed about:
- Crisis in confidence that Audit can be trusted to safeguard against the current threats
- Regulators questioning the adequacy of Audit quality
- International Monitoring Group suggesting that Standard setting model needs to evolve
- Users questioning the value of AuditA
- A general lack of investment in Technology by the Audit functions
- How to apply data analytics in this changing age of Tech driven business apps
- Last but not least is lack of quality talent. Talent who can bring relevant questions
Opportunities & Avenues
We all know that Internal Audit as a depart face the manpower & Quality manpower resources since ages. Also in some organisations there is an over reliance on external auditors to bring in the quality which internal Audit may be lacking, (after all the end
goal is to create a ring of safety for the organisation and hiring a skilled external auditor enforces that). In this scenario I see the ultimate reason for the Audit functions to start looking into data analytics and new models and ways to get the function
more effective and efficient.
Traditional challenges that Audit function used to face are getting solved in many organisations already, like lack of data and timely availability of data. Organisations today understand the importance of data flowing across the organisation quickly and
it even creates more business opportunities which were not there earlier.
- With that data problem getting resolved, Audit can utilise this and channel the data easily to their systems to get the periodic audit frequency reduced.
- Now data being available putting data analytics models is possible, which was not very efficient earlier, thus paving way for potential Machine Learning models working over these large sets of data.
- Maturity of the processes and models brings in the insights of where the business functions are heading. Hence a potential to identify future risks and failure points
- As Internal Audit brings these insights to be business units, the engagement model with the Business users changes from data gatherers to security partners and advisers
The Final Frontier
The ultimate frontier where I could see Audit function to reach is by following ways:
- By having their own AI / ML models that can Audit the AI models put by business.
- Internal & external API Infrastructure Audit that organisation is interacting with for data sharing
- Having a stable, mature and capable AI / ML models that can even Audit external or 3rd party AIs that interact with organisations in future.
From my vantage point the things for internal Audit function are challenging but are very very exciting.