Emerging Technology and Role of the Internal Auditor
Kikubye John, BA. Economics, ISO 22301, CPA (U)
Technology is evolving at an unprecedented pace. Corporate entities strive to improve service delivery and consequently customer satisfaction through heavily investing in modern technology and reliance on automation like smart automatic teller machines, point of sale devices, contactless debit and credit cards, mobile phone applications etc. Resultantly, the same has opened computer networks to unprecedented levels of vulnerabilities and risks including cyber-attacks.
Albert Einstein said; “The measure of intelligence is the ability to change” -This implies that internal audit and quality assurance functions need to identify and focus on emerging risks. Internal audit should ensure that the risk assessment and audit planning process adequately incorporate emerging technology risks, understand the impact on the audit plan and update the plan as appropriate, but most importantly recognizes where internal audit can add value.
Moreover, internal auditors must step away from the traditional reactive role and embrace a more proactive role if they are to give reasonable assurance that the Governance, Risk and Control aspects are effective in risk mitigation and adequately safeguard company assets. They should not be functioning solely; but rather collaborate with different departments within an organization. Even though majority of the internal audit teams have transformed themselves, there are still a few that need to adopt these changes. Working closely with various departments within an entity will help in addressing the emerging threats arising from the technological advancements throughout the organization.
How can internal auditors help in tackling technological risks?
- Make use of technology-enabled auditing and continuous auditing techniques to monitor controls over areas that are more susceptible to fraudulent actions.
- Collaborate with department heads and business owners to ensure organizational standards and the relevant laws and regulations are taken care of while establishing vendor relationships.
- With mobile applications, bring your own devices (BYOD) and cloud computing creating novel risks, internal auditors have the responsibility to identify, assess and monitor these risks appropriately, with the assistance of executive management and business owners. Clear IT access and security policies and controls must be developed and communicated to all stakeholders. With this, security and privacy risks can be avoided to a certain extent.
- Also, Internal Audit professionals are expected to be equipped with sufficient knowledge and skills to perform audits in line with these technology disruptions and recommend feasible and cost effective controls for improving the risk posture, putting in mind that these changes can either be positive or negative: Positive in a sense that business are reaping the benefits of these technologies through increased efficiencies, and negative in a sense that they may be implemented in a manner that imperils profitability, data protection and security.
Emerging technologies bring opportunities to organizations, but they also expose the enterprise to new risk. Auditors are expected to identify the right balance between cost and benefit of internal controls for mitigating these risk factors. This includes understanding how technology integrates with business, how it is governed, which activities are automated and how they are controlled, what the business impacts are because of this automation, and how negative impacts are controlled and monitored. I personally believe that Internal Audit professionals will continue to be in demand due to their strategic position in organizations’ lines of defence.
Internal Audit Services UAE
A good internal auditing system ensures better management of an enterprise by improving its governance, risk management, and management controls.
The UAE’s new Labour Law has been formally Announced
The UAE has introduced a new labour law for employees, which came into effect on February 2, 2022. The New labour Law, like the current labour law,
Get in touch
Whatever your question our team will point you in the right directionStart the conversation