With rapid changes in
technology the role of the traditional audit also has undergone a change.
Business are now more global in nature, new technologies have emerged and have
also brought along with it a whole new avenue of risks and compliance service requirements
that need to be addressed. The role of an internal auditor is no longer
restricted to verifying if controls are being implemented and processes are
being adhered to. With process re-engineering being a buzzword, organizations
are looking towards the auditor to play a more dynamic role and be in sync with
the changes to the processes and controls as well.
The traditional auditor responsibilities was restricted to
- Auditing of processes against set benchmarks
- Audit the processes with respect to any compliance requirements
- Reporting on non conformance to the top management
As the organizations grew,
auditors also played an important role in assisting the business in
implementing remediation steps in order to fix gaps that were highlighted
during the audit.
As the nature of business
gets more complex and the risk increases, modern internal auditors also have a
varied nature of responsibilities. Apart from the traditional duties of risk
identification and reporting, they also need to play an active role in
measuring process efficiency. Internal auditors need to access the
effectiveness of the controls implemented. They need to ensure that the
controls meet the objective. Internal auditors also suggest improvement
measures that than ensure that risks are minimized in a more effective way.
Apart from internal
strategic requirements, the diverse and complex nature of business has also
give rise to a whole new set of rules and regulations that the organizations
need to comply with. The modern internal auditor needs to evolve continuously
in order to keep pace with the changing requirements. Auditors need to be aware
of the latest compliance requirements that the organization needs to comply
with in its nature of business. They also need to be aware of the latest tools
and reporting structure that needs to be adhered to.
In addition to this,
internal auditors also participate in process effectiveness measurement and are
expected to highlight areas where process control effectiveness can be
improved.
The internal auditor’s role
has been ever evolving as organization, process complexities have grown
exponentially. Beginning from the traditional role of testing controls for IT
compliance management services, the new responsibilities now include keeping
pace with current technologies and identifying the best practices in adhering
to organization wide and compliance management requirements, suggesting
improvements to existing process to make adherence to compliance more
efficient.
About Author:
Harish Mani is senior consultant and part of Systems Plus Pvt. Ltd. think
tank. He actively contributes to technology and
information security. He can be contacted at: harish.m@spluspl.com