Continuous auditing: Innovations in IA

Woman working on a laptopInternal audit (IA) responsibilities are expanding to accommodate a business environment experiencing continuous change. Our podcast series — developed in coordination with the Institute of Internal Auditors — offers insights to help auditors keep pace with innovation.

First in the series is Continuous Auditing.

IA is expected to get a handle on several high-profile trends. One is real-time — continuous — auditing. The shift, said Grant Thornton’s Financial Services Advisory Practice national leader Chris Paulison, is away from an annual risk assessment and static IA plan. The replacement is continuous auditing.

This dynamic and automated approach focuses on rapidly emerging threats. As controls are monitored in real time, corrective action can be taken immediately. Results are reduced costs and increased efficiencies; better governance; improved performance, accountability and first- and second-line functions — and IA becoming an even more trusted advisor.

Continuous auditing techniques are divided into two categories, explained Paulison:

  • Continuous risk assessment is annual and drives the IA plan, identifying key risk indicators (KRIs) to be monitored throughout the year.
  • Continuous controls assessment comprises ongoing evaluations.

Both techniques can be utilized whether operating from a manual system, e.g., Excel spreadsheet, or robotic process automation, though organizations that plug KRIs directly into their system — not via Excel — have the advantage.

In innovating to address important trends, IA can add yet more value to the organization. Our three-podcast series provides direction.

Listen now for more insights about continuous auditing.