How to Audit in 2022
If the past two years have taught us nothing else, it’s that resilience is key. As organisations worldwide have been forced to adapt to the new normal of a hybrid workplace, bent to the need for flexibility and worked harder to remain relevant and useful; the question is how does this apply to audit?
At ground level, the basic day-to-day of internal audit has largely moved online with the majority of meetings occurring via video platforms. There has also been a visible increase in reliance on data extraction, advanced analysis, and cloud-based audit management software when it comes to streamlining the practice of audit engagements.
Working in audit in 2022 comes with its own challenges and opportunities. Developments were occurring pre-pandemic that perhaps have accelerated with the circumstances so that concepts such as agile auditing have been adopted sooner. Undertaking a more dynamic approach to the way audits are handled, agile auditing processes advocate more collaborative methods of working and place a greater focus on deep diving into matters in order to resolve them more quickly.
As processes evolve, the internal audit function of 2022 also demands different tactics for risk management and risk assessment that utilise a more focused and collaborative approach. Thinking creatively as well as staying one step ahead, internal auditors must take into account changes in traditional technologies, methods, and business strategies, which also means changing risks. Internal auditors need to be quick off the mark, planning in real-time as they deal with any new risk that may emerge.
There is a need to upskill, driven by the fact that emerging technologies are becoming an integral part of the audit process, not only as an area to audit but also as a tool for performing audits. The risks of new technologies cannot be ignored either, particularly with regards automation. While useful, especially for those in internal audit jobs, automation can also pose problematic as it can generate areas of weakness that can be exploited by cyber-terrorists.
In addition to automation, those pursuing careers in internal audit will need to gain experience in Internal Audit management software, data mining and continuous auditing. The function itself is changing, so naturally the skills and knowledge required are changing too.
So, what are the skills that internal auditors should be honing to keep up with changing processes and emerging technologies? In addition to risk management frameworks and cyber security expertise, auditors must be able to think analytically and critically as well as to consider the greater business need. They should also be skilled in persuasion in order to influence colleagues and executives alike on best practices concerning risk management, cyber security, and internal controls. Conflict resolution skills are also a necessity as working in internal audit will mean facing off to the business and pushing back on issues that may be divisive.
As the amount of data being generated continues to grow, there remains a demand for people skilled in working with big data. So experience with AI (Artificial Intelligence) applications and in cyber security are also important for internal audit careers moving forward. Cyber security and data privacy both remain prevalent as critical risk areas in 2022. In support of those tech skills, internal auditors must be strong communicators and have a broad and thorough knowledge of the business and its industry.
Looking ahead, areas to focus on as far as future risks are concerned, include the developing implementation of AI from a tech perspective. Meanwhile, the implications of the last two years mean that shifting economic conditions, disruption to business operations, workplace culture and effective management practices are all under the spotlight where risk management is concerned. Taking in the wider socioeconomic and environmental risk areas, internal auditors should consider issues of sustainability and climate change, as well as diversity and inclusion in the workplace.