Vaktechnische Publicaties

Part I: Understanding, Adopting, and Adapting to AI When ChatGPT was released in November 2022, it was considered a significant leap forward in artificial intelligence (AI). Many compared it to the internet in terms of its potential to change and disrupt current business practices, regulations, and social norms. Given the broad and rapid growth of AI use, it’s important that internal auditors quickly develop a deep understanding of how it works, its practical applications in business and government, and the risks and opportunities it presents to organizations. This brief will examine these areas in depth and provide best practices and insights for keeping pace. This is for members only. To access it and other valuable resources, become a member today.

The big picture: Consistency, persistence and a strong belief in the value that a highly relevant internal audit function can deliver for the organization are key characteristics we observed in the CAEs profiled and serve as a good lesson for others making the journey. Why it matters: A strong embrace of new and emerging technologies and related skill sets is vital to advancing the relevance journey for many internal audit functions. To deliver relevant, actionable recommendations to the business, internal audit functions need teams of people with diverse backgrounds, perspectives and expertise. One of the best indicators of whether an internal audit function is considered relevant is the business proactively reaching out to the organization for guidance. The bottom line: Relevance is a destination and an ongoing journey — with multiple viable paths — for internal audit. 

From the mailroom to the boardroom, the workplace is changing in profound ways. Likewise, so is internal audit’s role, which has already broadened to encompass emerging areas such as environmental, social, and governance (ESG) reporting and culture risk—of which diversity, equity, and inclusion (DEI) is an important element. To help internal auditors add value by bringing their insights and expertise to the evaluation of corporate culture, Deloitte, the Internal Audit Foundation, and the Institute of Internal Auditors developed a three-part series on internal audit’s opportunity and obligation to help foster a diverse, equitable, and inclusive culture by starting within its own function. The first paper, Diversity, Equity, and, Inclusion 101: Internal Audit’s Invaluable Role in Creating a Sense of Belonging at Work, focused on how internal audit can help shape corporate culture and accelerate the movement toward greater diversity, equity, and inclusivity throughout the organization, from top to bottom. By embedding DEI concepts into its roles and responsibilities, internal audit can support management in meeting their DEI objectives by providing assurance, serving as a trusted advisor, and acting as a change agent. The paper also presents some risks internal auditors should consider when performing DEI reviews, such as the risk of using an incomplete methodology, focusing too narrowly, relying solely on a top-down approach, and seeking a quick fix. The second piece in the series, Driving an Inclusive Culture: Internal Audit’s Role in Recruiting, Retaining, and Developing Diverse Talent, explained how internal audit can help foster inclusion in DEI recruitment, retention, and development by working across the four As—Assure, Advise, Anticipate, and Accelerate. It also presented leading practices for obtaining a mix of traits and acquired factors, such as skills, experiences, and backgrounds, and emphasized the importance of allyship in promoting inclusion. As the third and final piece in the series, this paper details how internal audit can practically apply audit techniques within its own function, at the enterprise level, and among stakeholders to support management in achieving its DEI objectives. This generally can be accomplished by providing insight into cultural risks, assessing DEI initiatives, and leading by example.

Fraud and Emerging Tech: Identity and Authentication with the Paycheck Protection Program During the pandemic, the US government provided economic relief to many organizations and their employees through the Paycheck Protection Program (PPP), which helped businesses continue to compensate their staff. The program dispensed more than $800 billion with few requirements to ensure recipients were entitled to those funds. This Fraud and Emerging Tech publication, written by The IIA's David Petrisky and produced in partnership with the Anti-Fraud Collaboration of which The IIA is a member, uncovers which controls and technology should have been implemented to mitigate the risk of fraud.

Covid, ‘me too’, ESG zijn ontwikkelingen die vragen om (nog) meer aandacht voor cultuur, van het bestuur én van de auditor. Cultuur is veelomvattend, dynamisch en complex en leent zich niet voor één blauwdruk van hoe de organisatiecultuur eruit zou moeten zien. Het ontbreken van een dergelijke norm én de ‘’zachtheid’’, oftewel de moeilijke meetbaarheid van het begrip, maken het voor de internal auditor een uitdaging om cultuur mee te nemen in de werkzaamheden. Tegelijkertijd kan de internal auditor, als relatieve buitenstaander, bestuurders onafhankelijk informeren, ook over de mate waarin houding en gedrag ondersteunend zijn aan de strategie.  Het rapport ‘Cultiveer een gezonde cultuur’, een samenwerking tussen IIA Nederland en KPMG biedt een groot aantal handvatten om te reflecteren op je eigen ambitie en aanpak als internal auditor, en waar nodig bij te dragen aan de doorontwikkeling van cultuuraudits. Centraal in het rapport staat de vraag hoe internal auditors op dit moment cultuur en gedrag meenemen in hun audits, gegeven de hiervoor geschetste ontwikkelingen.  Het rapport is tot stand gekomen middels een combinatie van kwalitatieve en kwantitatieve onderzoekstechnieken. Er is gebruik gemaakt van een enquête, groepsinterview en verdiepende gesprekken.