Contact
4 ways to approach the use of data: internal audit and performance audit Aug 25, 2020

If we are looking to use data as part of an audit, we need to know what broad approach we will use before we start.

How specifically we will scope and plan the use of data. How we will determine...

Continue Reading...
Efficiency audits: why you shouldn’t avoid them and how to tackle the objections Jun 19, 2020

This article focuses on public sector performance auditors. However, it will also be useful for internal auditors who want to go beyond traditional conformance audits.

In a recent article, we...

Continue Reading...
A broader perspective on how auditors can use data for efficiency Jun 02, 2020

Using data for our audits can help improve efficiency.

But not only in a traditional sense.

 

Audit efficiency and audit effectiveness are important objectives.

Most discussions about using...

Continue Reading...
Crisis as an opportunity for a strategic reset of assurance priorities Apr 16, 2020

Infrequent but significant crises present new challenges for assurance leaders. But with challenge comes opportunity. Opportunity to re-assess how assurance activity is performed and, most...

Continue Reading...
Principle 3 - Maximize benefits - data governance within IA Apr 01, 2020

This article focuses on principle #3 – Maximizing the benefits of using data in audit.

This is the 5th article in this series.  The four earlier articles addressed related topics:

    ...
Continue Reading...
Principle 2 - Quality - for data governance within audit Mar 01, 2020

This article focuses on principle #2 – Quality – for governing data within audit.

This is the 4th article in this series.  The previous articles:

  1. Outlined why the use of data...
Continue Reading...
3 key principles for data governance within audit Feb 16, 2020

This article sets out 3 key principles for Data Governance within audit.

A core set of guidelines that we, as audit professionals, can check ourselves against in planning for and using data.

This...

Continue Reading...
Controlling access to data within the audit team – open or closed? (DGIA #2) Feb 02, 2020

This article is about control over access to data within the audit function, to help guide the decision regarding which of these two options would be appropriate:

  • Open access:...
Continue Reading...
Do you focus on your customer when thinking about risks? Jan 30, 2020

As a business leader, you are risk-aware. You want to innovate to add value, while maintaining compliance.

You do this because you want your organisation to succeed, and delight customers.

As...

Continue Reading...
Why auditors need a specific data governance approach (DGIA #1) Dec 03, 2019

Why you, as an auditor, need to think a bit differently to the rest of the organization, and specifically govern the data that you use for audits.

 

In your audits, you will regularly...

Continue Reading...
Why are auditors increasingly using complaints & customer feedback data? Nov 20, 2019

It’s not often that internal auditors get the opportunity to help in identifying revenue leakage. 

Most audits focus on compliance matters or loss prevention. 

So, when the...

Continue Reading...
Data in audit - reducing noise, false positives Oct 13, 2019

When using data, one of the main challenges faced by auditors is the volume of exceptions generated. How can we overcome this?

Traditional audit sampling typically involves evaluation of...

Continue Reading...
Performance Audits - creating and sustaining Public Value Oct 08, 2019

This article is for:                            

  • ...
Continue Reading...
SAS70 Certification and other common SOC report myths Oct 01, 2019

If you use or plan to use a cloud/SaaS/hosted solution, how do you ensure that the service provider is protecting your systems and data?

Rely on their SAS70 reports, right?

Not quite.

In this...

Continue Reading...
Supply chain risks - brand damage & financial loss Sep 23, 2019

This post originally detailed how contingent resourcing and SEO could damage brands.

It has since been expanded, with the update first, followed by the original post.

 

Update: 24 Sep 2019

If...

Continue Reading...
Is "risk management" creating more risk in how you manage & use data? Sep 09, 2019

In a recent article we spoke about a privacy impact assessment (PIA) that did not consider all the risks. The resulting breach occurred, in part, because of the false sense of security...

Continue Reading...
Protect against inadvertent privacy breaches Sep 02, 2019

There has been a raft of data breaches over the past few months.

Some of those were due to poor controls and/or significant effort by hackers.

But some recent breaches have been rather inadvertent....

Continue Reading...
Going beyond the initial remedial action Aug 26, 2019

Management action often focuses on the sample or weakness that audit identified.

We call this "remedial action" - but is it really a remedy at all?

We must ask: Does the action minimise the risk?...

Continue Reading...
More access to data to reduce risk & enable better decisions Apr 04, 2019

You already know that there is untapped value within your systems and the data they contain.

But user access limitations - because of audit, risk and compliance expectations – mean that it is...

Continue Reading...
Data warehouse (DW) projects - as an auditor, have you been asked to get involved in a big bang DW project? Mar 28, 2019

During the late 90's, the strategic planners at an African university decided to improve access to information.

So they created a data warehouse.

At the time, financials and payroll were delivered...

Continue Reading...
Are you augmenting your team or just automating your processes? Mar 20, 2019

As an auditor, you will be involved in automation for your own function and the business more broadly. 

In this article, reference to automation and augmentation covers both scenarios i.e.,...

Continue Reading...
Can you survive the damage caused by a spreadsheet model error? Mar 13, 2019

Spreadsheets are often used (and have been for decades) for modelling and analysis, largely because they are easy to use and highly flexible.

But what happens when a simple error like...

Continue Reading...
Emerging risks - Artificial Intelligence Mar 05, 2019

When you hear the phrases "artificial intelligence", "machine learning" or "autonomous systems", what images do they conjure up?

You might be imagining a world with endless possibility. The eternal...

Continue Reading...
5 challenges to tackle - data in audit Feb 11, 2019

If you are an assurance leader (internal audit/performance audit/risk assurance), you want to:

  • provide assurance to the Board and to management.

  • help maximise value (efficiency,...

Continue Reading...
1 2