Webinar: 21st Century Business Requires 21st Century Audit Preparation

While “teamwork” and “collaboration” are often overused as the solutions to any business challenge, a recent webinar highlighted the insights that can be gained when auditors work with, rather than against, teams like enterprise risk management (ERM). ERM teams can give valuable insight into audit topics, as well as auditees, who are more likely to cooperate during remediation when auditors keep their strategic goals in mind.

According to the webinar “21st Century Business Requires 21st Century Audit Preparation”, presented by Justin Fimlaid of NuHarbor Security and Dan Schrotberger of LockPath, the proactive audit process involves:

  1. Identifying Audit Universe
  2. Managing Audit Projects
  3. Communicating Audit Findings

Identifying the scope of an audit and setting project boundaries will help keep auditors focused on the task at hand. Here are a few recommendations and insights from the webinar:

  • Establish the audit universe, which are all the auditable entities that exist within your organization.
  • The continuous auditing methodology aims to:
    • Identify deviations from your risk tolerance.
    • Aggregate risk in a dashboard.
    • Capture risk levels on a transactional basis, at both the business unit and enterprise levels.
  • The ERM team can be valuable in identifying an audit universe, as ERM is usually aware of top concerns of the executive team and the board.
  • The best way to define your audit universe is to identify where money is coming in and going out of your organization.
  • Capturing the goals and initiatives of an auditee allows auditors to act as a business partner. Auditees will then be more likely to help in remediation because it’s in their best interests.
  • Auditors should look to ingest risk and validate whether risk is true, but also uncover risks that were previously unknown to the organization
  • Many auditors still use spreadsheets to keep track of audits and risk, which can be time-consuming. There are much more sophisticated solutions available that allow for automation of tasks, collecting evidence and reporting.

For more educational webinars, check out http://lockpath.com/events/.

Related Articles