Reinventing the internal audit profession

Fit for digital

Technology advancement is fueling innovation in every industry and Tanzania is no exception.  Although it may be a long time before we see self-driving cars here, other innovative solutions are increasingly relevant – for example, drones and Artificial Intelligence.  Increasingly, Tanzanian businesses are leveraging the cloud, big data and analytics so as to make their operations more efficient, more agile, and more insight driven.

But with emerging technologies come evolving risk profiles, and CEOs are all too aware of that. PwC’s 21st Global CEO Survey finds that the speed of technological change is a top concern among CEOs. And risk professionals must help their organizations make sure that processes and controls are effective while not slowing innovation’s pace.

Boards, shareholders and regulators now have higher expectations of Internal Audit  to not only manage these risks associated with the digital revolution, but also in advising and preparing organizations to take advantage of the opportunities presented. In an arena where organizations are rapidly rolling out digital initiatives defined by more data, more automation, sophisticated cyberattacks, and constantly evolving customer expectations, stakeholders are looking for the function to step up by moving beyond traditional technology audit and jumping onto the three- dimensional chessboard of today’s emerging technologies, systems, threats, and opportunities.

In that environment, Internal Audit finds itself in the spotlight as to whether practitioners remain bound by some fundamental, confining paradigms whose relevance to today’s stakeholders has begun to diminish.   The PwC 2019 Global Risk, Internal Audit and Compliance Survey shows that as organizations move through digital transformation, Internal Audit functions that are more “digitally fit” can more effectively help stakeholders become smarter risk takers in the face of changing risk profiles. “Digital fitness” implies an ability to embrace new technology to gain insights that can help digital transformation. A first perquisite is to have in place the skills and competencies to provide strategic advice to stakeholders and to provide assurance with regard to risks from the organization’s digital transformation.  Secondly, it requires a change to the function’s own processes and services so as to become more data driven and digitally enabled in alignment with the pace and scale of the organization’s digital transformation.

But many internal audit, risk, and compliance functions are falling short, according to PwC's latest Risk in Review study. In Tanzania, many Internal Audit functions are following an outdated script by conducting the same technology audits year after year whereas today’s fast-changing technology landscape requires something more “outside the box”. But there are some Internal Audit functions that are making significant headway and whose organizations are seeing greater benefits from their digital initiatives as a consequence – for example, more effective management of transformation risk and better payoff in terms of improved customer experience and increased revenue growth.

By broadening its focus to encompass operational, compliance, and non-financial reporting information and by taking advantage of data analytics, continuous auditing, real-time auditing, and other advanced approaches to enhance its existing processes, Internal Audit will become able to meet stakeholders’ expectations of data-enabled services and innovative strategic advice. But to do so, it must first develop a clear understanding of key stakeholders’ expectations, how these have evolved and are likely to continue to evolve in today’s rapidly changing environment. This requires clarity on an organization’s digital plan and transformation strategies.  To achieve clarity on those expectations, CAEs and IT audit heads must engage with the Board, the AC, and the CEO, and in the process garner senior management support to maintain alignment and advance the function’s digital fitness.

With the accelerating pace of technology-driven innovation, it is difficult to predict how Internal Audit’s capabilities will need to change in as little as five years. However, it is clear that although audit skills will remain foundational, these traditional skills will need to be blended with digital and business acumen.

To respond effectively to the expansive array of risks and opportunities driven by innovation, Internal Audit must fight fire with fire by developing truly disruptive, innovative, transformational solutions. Speed and a technology-and talent-enabled strategy are required if teams are to keep the pace in this race. The future is now, we either evolve or become irrelevant!

Article by Uchenna Onuoha, Manager – Assurance Services

The views expressed do not necessarily represent those of PwC. For PwC updates on tax and other matters do follow @pwc_tz or visit our website www.pwc.com/tz