Data analytics to become a game changer for internal audit

25 April 2018 Consultancy.uk

According to a new white paper, data analytics is becoming a game changer for the internal audit profession. However, as current maturity in data analytics in auditing is still low, many companies still have a long way to go before they can get the best from the innovative technology.

The ability to utilise data analytics and “big data” to achieve a competitive advantage and manage operations and strategic plans ranks among the top risk issues for board members and C-suite executives worldwide. In combination with an ever growing set of demands from boards and executive management for deeper insights into strategic risks, analytics and robotics are top priorities for chief audit executives looking to offset the mounting workload of themselves and their teams. By leveraging effective data analytics strategies, a business can boost efficiency, while improving the quality of evaluation risks and controls receive, as well as placating stakeholder scrutiny.

Data analytics can be applied across three key areas. In terms of planning, it can be used for effective risk profiling, the testing of data via simulation, and statistical sampling. Data analytics can also enhance the execution of audits – providing quick and effective monitoring of continuous controls, keeping watch for indications of fraud (which cost UK firms alone over £2 billion last year), recognising patterns to anticipate future risks, and control simulation. Finally, it can enhance reporting of risk quantification, real-time exception management, and root cause investigations, to provide better understanding of how to avoid future breaches.

The Analytics Advantage

Data analytics is subsequently gaining a growing foothold in internal audit. According to a recent report, two out of three departments now utilise the technique as part of their internal audit process, seeking valuable improvements, efficiencies and insights buried within internal workflows and cultural habits. At companies where data analytics is a dedicated part of the governance (i.e. a separate team or function), the growth in demand was significantly higher, at 80%, with an 11% higher percentage score for ‘significant increase’.

According to a new report from consulting firm Protiviti, however, despite the potential of data analytics, due to the nascence of the technology which remains in a phase of rapid development, many of its applications remain untapped. In line with this, the use of analytics in auditing remains in its early stages, as the maturity of using analytics in the audit process remains relatively low.

Partially this is likely due to the fact that many firms are fundamentally not ready for full leveraging of data analytics. While 76% of organisations in Asia Pacific and Europe currently employ data analytics in their auditing efforts, only 59% and 58% respectively believe the data available to be analysed is up to scratch. The gap is even more pronounced in the US, where while 63% of entities use data analytics in their auditing process, 28% said the data available was of high quality.

Protiviti’s researchers believe that another reason why firms are not fully realising the potential of data analytics could be that many audit functions are likely using analytics tools as point solutions as opposed to part of broader initiatives to leverage analytics throughout the audit process. In order to work toward improving the current situation, the consulting firm set out a ten-point programme for Chief Audit Officers to follow, in order to get the best from data analytics in auditing.

Internal audit departments that currently utilize data analytics as part of the audit process

Ten actions to improve data analytics maturity

1. Chief Audit Officers should recognise that demand for data analytics in internal auditing is growing across all organisations and industries. This trend is poised to continue as more organisations undergo business and digital transformation initiatives and employ robotic process automation (RPA) strategies, in part due to the growing regulatory burden placed on organisations to weed out fraud via the use of analytics.

2. By seeking out opportunities to expand internal audit's knowledge of sophisticated data analytics capabilities, Chief Audit Officers can ensure that the organisation has a more comprehensive and precise understanding of what is possible with analytics, what similar organisations are doing with analytics, as well as what progress is needed to advance these capabilities.

3. Conducting even modest demonstrations of analytics capabilities that can set an influential tone are positive steps toward building a stronger internal audit data analytics function. Chief Auditing Officers can use this strategy to boost organisational understanding of budget and resource constraints, along with business-as-usual workloads, and how they can limit their internal audit team's ability to optimise data analytics efforts.

4. In comparison with other organisations, those with analytics champions and dedicated analytics functions in place see data analytics deliver more value, experience higher demand for their analytics services and obtain better access to higher-quality data. Chief Auditing Officers should also consider the use of champions to lead the analytics effort and, when appropriate, create a dedicated analytics function. Having champions could help organisations to bridge the gap between the analytics function and operational auditors. It also encourages the use of analytics, including basic usage by the whole team.

5. As many of the current problems with leveraging data analytics currently revolve around the quality of data available, Chief Auditing Officers should explore avenues to expand internal audit's access to quality data. They should also implement protocols (including those related to completeness, conformity, data quality and reliability) which will govern the extraction of data used during the audit process in future.

6. On top of this, Chief Auditing Officers must identify new data sources, both internal and external, that can enhance internal audit's view of risk across the organisation. This can ensure that the organisation will be able to supplement data analytics procedures with a supply of quality data.

7. Chief Auditing Officers would also benefit from increasing the reach and usage of continuous auditing and monitoring to perform activities such as monitoring fraud indicators, KRIS in operational processes and information used in the leadership team's strategic decision-making activities.

8. By leveraging continuous auditing, develop real-time snapshots of the organisation's risks and incorporating results into a risk-based audit approach that is adaptable and flexible enough to focus on the highest areas of risk at any point in time, Chief Auditing Officers could further boost their data analytics maturity.

9. Chief Auditing Officers should seek ways to increase the level of input stakeholders provide when building and using continuous auditing tools and when determining what data should be monitored by these tools. While many different stakeholders have important insights to help determine areas of focus, it is key that the effort is focused on building tools that internal audit can leverage to monitor risk in the business.

10. Finally, Chief Auditing Officers can implement steps to measure the success of your data analytics efforts, and also consider the most effective ways to report success and value to management and other key stakeholders. Internal audit groups which successfully demonstrate tangible value are the ones which build a stronger business case for increased budgets and resources dedicated to a data analytics function, as well as underscore throughout the organisation the importance of analytics. In the process, this can also boost the internal audit department's reputation from within.

More on: Protiviti
United Kingdom
Company profile
Protiviti
Protiviti is not a United Kingdom partner of Consultancy.org
Partnership information »
Partnership information

Consultancy.org works with three partnership levels: Local, Regional and Global.

Protiviti is a Local partner of Consultancy.org in Middle East, India, Netherlands.

Upgrade or more information? Get in touch with our team for details.

Send
Protiviti named Platinum partner of Financial Review Banking Summit in Sydney
Australia
Protiviti named Platinum partner of Financial Review Banking Summit in Sydney Held mid-way this month, the Financial Review Banking Summit will bring together leaders from across Australia’s banking sector to discuss future challenges and opportunities.
04 March 2025
Protiviti cycles in Tour de Cure in support of cancer research and awareness
Australia
Protiviti cycles in Tour de Cure in support of cancer research and awareness For the second year in a row, Protiviti is participating in Tour de Cure 2025, with ‘Team Protiviti’ already surpassing its fundraising target with two weeks still to go.
24 February 2025
Gihan Mallawaarachchi and Tony Sanfrancesco return to Protiviti
Australia
Gihan Mallawaarachchi and Tony Sanfrancesco return to Protiviti Protiviti has seen two former members return to the firm in leadership positions, strengthening its Public Sector consulting team.
06 February 2025
Protiviti promotes three new directors in Australia
Australia
Protiviti promotes three new directors in Australia Protiviti has added three new directors to its Australian line-up amid the global professional services firm's annual new year’s promotions: Jacob Bosden, William Hunt, and Layla Shakkour.
29 January 2025
Protiviti promotes 15 leaders to senior positions in United States
United States
Protiviti promotes 15 leaders to senior positions in United States Protiviti, a Menlo Park, CA-headquartered consulting firm, has promoted 15 team members to managing director and senior director.
28 January 2025
The EU AI Act: The impact on financial services institutions
Europe
The EU AI Act: The impact on financial services institutions The EU AI Act is arguably the most significant and wide-reaching AI regulation to date issued by any jurisdiction.
07 January 2025
How AI-powered crisis simulations help organizations avert nightmare scenarios
Europe
How AI-powered crisis simulations help organizations avert nightmare scenarios We spoke with Maarten Schreuder and Rob Grondhuis from consulting firm Protiviti to explore how AI-powered crisis simulations are transforming organizational preparedness and providing companies with a competitive edge.
12 November 2024
Meet the consultants shaping the agenda of the Audit, Anti-Fraud & IT Congress
Middle East
Meet the consultants shaping the agenda of the Audit, Anti-Fraud & IT Congress The inaugural Audit, Anti-Fraud & IT Congress will take place next week, bringing together over 1,200 leaders and pioneers from across the landscape to discuss the latest trends and developments.
08 November 2024

Big Data news

More Big Data

Data Science news

Data Science consulting firms Data Science consulting services

Finance news

Finance consulting firms Finance consulting services