The shift to control test automation

Why internal auditors are automating control testing

Compliance activities are increasingly complex and time-consuming. Yet, compliance is just as essential today as it’s ever been.

Recently, Grant Thornton and the Institute of Internal Auditors (IIA) hosted an innovation session during their General Audit Management (GAM) conference where attendees discussed the growing complexities they face today. At the top of the list was the excessive time required on control testing and other manual compliance activities.

“For every hour spent by an outside auditor, internal audit staff spend 4 – 12 hours,” said Grant Thornton Advisory Services Partner Ethan Rojhani. He explained that testing itself typically accounts more than half of an internal auditor’s time. Yet, there is little business return on testing – and traditional testing examines only a sample that might not be statistically representative of the total transactions.

The growing shift to automation 

That’s why so many internal auditors have begun automating control testing. In our survey during the IIA innovation session, 65% of respondents said that they were currently using, implementing or evaluating automation for use in the next 12 months.

The barriers to automation

However, the shift to automating control testing can present barriers. Survey respondents indicated that the top hurdle they faced was not leadership support or guidance – it was simply a lack of skills in their current workforces.

Automation can bring greater efficiency and assurance to monitoring operational effectiveness of your internal controls. But developing the related technical skills can be a significant undertaking – and might not be practical for many organizations. To accelerate the path to automation benefits, those organizations can find partners with the expertise and experience they need. “The right technology can help streamline automation so that an organization’s auditors can avoid learning to code and instead focus their skills on logical analysis for better business value,” said Grant Thornton Risk Advisory Manager Wes Luckock.

“There are some important benefits to control test automation, but to fully realize them you need to have the experience and knowledge to do it correctly,” said Grant Thornton Advisory Services Senior Manager Greg Haberer.