Contact

 

 

The Assurance Show

 

The podcast that focuses on data & risk - for performance auditors and internal auditors.

 

Hosted by Conor McGarrity and Yusuf Moolla, the co-founders of Risk Insights. 

Subscribe

Episode 0. Introduction

New to the Podcast?

 

Start with this introductory episode

In this episode we introduce the show:

 - who it is for
 - what we discuss
 - the format / structure
 - release schedule
 - how listeners can get involved

This episode was recorded in October 2020, eight months after the real 1st episode, then backdated to reflect as the 1st episode of the show.  We explain why we did this at the beginning of the episode.

Subscribe in your favourite podcast app

(Favourite not listed? Search in app for "the assurance show")

Or sign up for email updates

(you choose - instantly or monthly)

Get notifications in your inbox

34. Taka Ariga, GAO's Chief Data Scientist & Innovation Lab Director

Taka is the inaugural Chief Data Scientist at the US Government Accountability Office.  He also leads the GAO's Innovation Lab. 

We discuss:

  • What the GAO does
  • How data science is helping GAO
  • Innovation and experimentation at GAO
  • Machine learning assurance

You can reach out to Taka via the GAO website.

33. Ten common areas to focus on when using data for audits

In this episode, we discuss 10 of the more common areas of focus in using data for audits.

  1. Get over the fear of using data
  2. Focus on the objective and develop the hypotheses
  3. Check for previous work, to avoid duplication
  4. Source the data – internal and open
  5. Prepare the data and check quality
  6. Perform the analysis, prove/disprove the hypotheses
  7. Conduct QA and business validation
  8. Report and visualize
  9. Share for potential reuse (audit team, management, other agencies)
  10. Lessons learnt: governance, quality of data, timing, process, etc.

32. Data visualization with Alli Torban

Alli is an information design consultant and host of the Data Viz Today podcast. We talk about a range of data visualization matters, including 3 key mistakes that people make when starting out in dataviz (and solutions to those). 

You can reach out to Alli via her website.


Links

31. Wrapping 2020 Up - learnings, listener feedback, what's coming in 2021

In this episode we wrap up for 2020, talking about:

  • a few things we've learned this year
  • feedback - what people found valuable
  • feedback - what people want to hear more about
  • some of the tech/software used to produce this podcast

30. John Moore - CTO of Queensland Audit Office

John talks to us about what audit offices (supreme audit institutions) do, and the role of a CTO in an audit focused org.

He shares his views on a range of issues including: 

  • His +ve experience with their (outsourced) IA
  • How he supports an audit focused organization
  • Cyber and data governance frameworks
  • Evolving IT practices that auditors need to watch.

John is open to connecting with like-minded professionals. Reach out to him on LinkedIn.


Links

29. Andrew Clark on Machine Learning Assurance

Andrew talks to us about machine learning (ML) and what auditors should consider regarding ML assurance.

You can reach out to Andrew via the Monitaur website.

28. David Haylor on Internal Audit recruitment and leadership

David talks to us about IAC's latest report, the Talent Barometer and the upcoming Diversity report. 

He shares his views on a range of issues including: 

  • Data skill gaps
  • Leadership skill gaps
  • Why culture is important

David is open to connecting with Internal Auditors. Reach out to him on LinkedIn.

27. Improve reporting by answering these questions about your audience

In this episode we discuss how answering a few simple questions about your audience can improve your audit reporting.


These help make several report areas better:

  1. Scope and title
  2. Context
  3. Findings / Improvement opps

26. Carlos Phoenix on cyber and audit

Carlos talks to us about what auditors should consider regarding cyber security and information security. 

He shares his views on a range of issues including: 

  • Cyber security
  • How cyber security and information security differ
  • What auditors should focus on in planning and conducting cyber audits
  • O.MG cables (you'll have to listen to find out more)

Carlos is open to connecting with like-minded professionals. You can reach out to him on LinkedIn.

25. An introduction to Yusuf Moolla

In this episode we learn a bit about Yusuf, one of the co-hosts of the show.


He explains what he considers to be the highlights of his career.

24. Discovery exercises can help de-risk internal audits and performance audits

In this episode we discuss why discovery exercises are becoming very useful for audits.


They help de-risk the conduct of audits, particularly for:

  1. Audit topic validation and overall audit planning
  2. Scoping, depth and deliverable
  3. Planning individual audits

23. Maximize the benefits of using data within audit

In this episode we explore Principle 3 - Maximize the Benefits of the use of data within Internal Audit and Performance Audit.

Sub-principles
3a: Sharing lessons amongst the team. 
3b: Identifying other risks and opportunities. 
3c: Continuous improvement. 


Link: The blog article where this was originally outlined 

22. Josam Watson - CRO of Tyme and ex-CAE

Josam Watson is the CRO of Tyme, a digital banking group that owns one of the world’s fastest growing digital banks. 

He was previously CAE of a large credit union. Before that, he spent time in internal audit, risk consulting, external audit and in banking operations.

Josam talks to us about what he has learned working in various international markets. 

He shares his views on a range of issues including: 

  • internal audit independence (spoiler: he thinks it is overplayed)
  • how IA and risk functions have the same focus
  • exerting +ve influence over organizational culture
  • Internal audit creating value – by focusing on both performance and conformance
  • why every auditor should have a data mindset, to find and solve business problems.  

Josam enjoys networking with risk and assurance professionals. You can reach out to him on LinkedIn.

21. Four ways to approach the use of data for internal audits and performance audits

In this episode we discuss four (4) approaches to using data for internal audits and performance audits.

  1. Reporting only
  2. Process focused
  3. Hypothesis-based
  4. Exploratory (a.k.a. data driven or data led)

Link: The blog article where this was originally detailed.

20. Data related terminology that is commonly misused

In this episode we discuss six (6) sets of words and phrases that are commonly misused:

  1. Using data vs analytics
  2. Algorithm vs model
  3. Data owner vs data "custodian"
  4. AI vs machine learning
  5. Open source vs open data
  6. Big data vs Big data

19. An introduction to Conor McGarrity

In this episode we learn a bit about Conor, one of the co-hosts of the show.


He explains what inspires him to promote the use of data for integrity and assurance.

18. Why auditors are moving away from traditional audit software

In this episode we explain why auditors are looking for alternatives to traditional audit management software and audit analytics software.

17. What auditors need to know about using and auditing Artificial Intelligence

In this episode we discuss a few key matters that auditors need to know relating to the use of AI and auditing AI.

3 key objectives: 

  1. Bias and ethics. 
  2. Providing sound decision making support. 
  3. Maximizing the opportunities. 

3 key considerations:

  1. Model accuracy.
  2. The quality of data. 
  3. Deploying, controlling, security and change.

16. The power of small data for audits: 5 ways to extract value

In this episode we explore five ideas for working with small datasets as part of internal audits or performance audits:

  1. Extend the timeframe
  2. Combine with proprietary data
  3. Combine with open data
  4. Scenario analysis
  5. Natural language processing (free text)

15. Using data for audit efficiency outcomes

In this episode we discuss how using data enables audit efficiency outcomes.

That is, if we think outside of the audit bubble and consider the broader organizational context (in the case of internal audit) or broader public sector context (in the case of performance audit), then using data for our audits can help improve efficiency.

Link: The blog article where this was originally detailed

14. How auditors need to think about Data Governance

In this episode we discuss:

  • 3 perspectives that auditors should consider regarding data governance, and 
  • 3 considerations for auditors in implementing data governance within their functions/teams.

Link: Blog article - Controlling access to data within the audit team – open or closed?

13. Open Data for internal audit and performance audit

In this episode we discuss the use of Open Data for internal audit and performance audit.

We mention The Open Data Handbook and Google dataset search.

12. Open Source software for internal audit and performance audit

In this episode we discuss the use of open source software for internal audit and performance audit.

We bust 3 common open source myths:

  1. Security - that open source is less secure
  2. Skills - that open source software has smaller talent pools
  3. Quality - that open source has lower quality.

Link: Blog article - 3 open source myths that might be inhibiting your team's progress

11. Evaluating and using customer feedback and complaints data for audits

In this episode we discuss the evaluation of customer feedback/complaints and the use of customer feedback data, within internal audit and performance audit.

This includes:

  1. Auditing the customer feedback process
  2. Using the customer feedback content (data/information)
  3. Using customer feedback data for deeper, more effective, audit analytics.

Link: Blog article - Why are auditors increasingly using complaints and customer feedback data?

5-10. The five most commonly cited challenges when using data for audits

In this set of 6 episodes we discuss five key challenges that assurance professionals - internal & performance auditors - face in using data for audits.

Episode 5 outlines the challenges.  

Episodes 6-10 each discuss solutions:

  1. Access to data - you can't get all the data, or you can't get it quickly enough. (Episode 6)
  2. Low value - the analysis doesn't provide new insights. (Episode 7)
  3. False positives - too many of them; results are overwhelmingly noisy, distracting your focus. (Episode 8)
  4. Superficiality - the results are not deep enough to properly understand and refine the problems or to provide opportunities for improvement. (Episode 9)
  5. Reporting and timing - the results are not available in time for reporting, the report is not tailored to the audience. (Episode 10)

Links 

4. Increasing audit value by going beyond the audit report

In this episode we discuss going beyond the audit report. That is, the audit report is not necessarily the end point or final deliverable. There are a few things that we can do to go beyond that and increase the value that we provide. 

This includes:

  1. Remedial actions - going beyond the initial remedial action (related blog article here). 
  2. Using the report for maximum impact. 
  3. Following up on reported items. 

Link: The Plain English Campaign