The Protiviti View  | Insights From Our Experts on Trends, Risks and Opportunities

The Protiviti View

Insights From Our Experts on Trends, Risks and Opportunities
Search

POST

3 mins to read

Internal Auditing Around the World, Volume 15: Dawn of the Audit Bots

Views
Larger Font
3 minutes to read

As companies transform into next-generation competitors, internal audit (IA) functions are working on their next-gen game as well. Protiviti’s latest edition of Internal Auditing Around the World, Volume 15, looks at ways IA departments around the world are reinventing themselves, using aligned governance, more agile methodologies and new enabling technologies to become more efficient, more future-focused and value-adding.

In a series of blog posts here on The Protiviti View, we will examine some of the key characteristics of next-gen internal audit drawing directly from the experiences of 16 innovators profiled in Internal Auditing Around the World, starting with robotic process automation (RPA). RPA is deployed in leading IA departments to accelerate and increase the accuracy of routine audit tasks such as data gathering, controls testing, risk assessment and reporting. The experience of the early adopters suggests this technology will soon be as ubiquitous as spreadsheets.

Data Gathering

Efficiency is a recurring theme across companies and across industries. As audit committees and stakeholders look to IA for more actionable insights — in the form of predictive analytics and strategic advice, for example — internal audit functions are applying a variety of technologies to produce more useful reports, faster and with greater accuracy. As IA departments set their sights on advanced data analytics and data visualization, some organizations have delegated the tedious and time-consuming task of data-gathering to RPA bots. Auditors at NTT Communications, a subsidiary of Nippon Telegraph and Telephone Corp., are using bots to collect and cleanse expense data from spreadsheets and load it into a database for deeper analysis. The details of what types of data is being collected differ from company to company. The relevant point is that leading IA departments are using bots to perform the burdensome task of collecting data from throughout the organization, through existing user interfaces, and gathering it in a single database where it can be put to greater strategic use.

Controls Testing

One use that several companies have found is Sarbanes-Oxley (SOX) and general IT controls testing. Occidental Petroleum is exploring ways to deploy RPA to help reduce the 30,000 hours its internal auditors currently spend annually testing internal controls over financial reporting and IT general controls. “We probably spend about 35% of our time on internal controls over financial reporting and IT general controls,” says Occidental’s vice president of internal audit. “Developing bots that can help us and our co-sourcing partners be more efficient with SOX testing is the next generation of internal audit, too.”

Zain Group, a mobile telecommunications provider in the Middle East, recently completed a successful pilot project using RPA to close a communications gap between an externally managed internal audit management system and the company’s communications server, automating the process of emailing business partners to remind them of unanswered audit questions. Prior to the pilot, internal auditors had to manually upload reports and remember to send follow-up emails. Now information requests go out automatically six weeks in advance, and reminders are sent one week after. The pilot, which was originally limited to one country, was so successful that the company is rolling it out to the whole enterprise.

Risk Assessment

As IA departments become more comfortable with RPA technology, they are likely to find any number of bot deployment opportunities across the full spectrum of audit responsibilities. One example is using bots to digitize reporting out of a CRM tool and use that to schedule risk discussions with business leaders and to store the notes from those discussions.

These are just a few of the ways RPA is being deployed to help transform internal auditing. RPA is only one aspect of next-gen internal auditing, and the transformation process is still in its early stages. In other posts we will look at how internal auditors are using other methodologies, such as advanced analytics and agile reporting to add value and meet increasing stakeholder expectations, which continuing to deliver on core assurance responsibilities.

Internal Auditing Around the World, Volume XV is available as a free download from Protiviti’s website. Also find additional posts on The Protiviti View related to internal auditing.

Was this post helpful to you?

Thanks for your feedback!

Subscribe to The Protiviti View Blog

To face the future confidently, you need to be equipped with valuable insights that align with your interests and business goals.

In this Article

Find a similar post by topics

Authors

Angelo Poulikakos

By Angelo Poulikakos

Verified Expert at Protiviti

Angelo is a Managing Director and global leader of Protiviti’s Technology Audit & Advisory practice. His specific...

EXPERTISE

Tony Abel

By Tony Abel

Verified Expert at Protiviti

EXPERTISE

No noise.
Just insights.

Subscribe now

Related posts

Article

What is it about

What to watch: President-elect Donald Trump will take office in January 2025 with Republican control of both the Senate and...

Article

What is it about

As the stakes increase for ensuring the integrity of sustainability reports, CFOs across all industries should not only consider adding...

Article

What is it about

In brief: What is CSDDD? The Corporate Sustainability Due Diligence Directive (CSDDD) is a new sustainability directive of the European...