Knowledge Update





          By: Vishal Thakkar
          Internal Audit 3.0: The future of Internal Audit is now























         As organizations race to progressively more        going forward, amounts to a failure of imagination.
         technology-driven, innovation-oriented, risky, and   Internal Audit functions need new skills and
         disruptive future, the moot question is, where is   capabilities to position Internal Audit to improve
         Internal Audit? More often then not, despite ongoing   their interface with stakeholders and change
         efforts to meet stakeholders’ growing list of needs,   traditional thinking, approaches and mind-sets.
         the answer is: playing catch-up.
                                                            Enablers
         Upgrading to Internal Audit 3.0
         Digital assets                                     Enablers such as automated core assurance, agile
         Robotics, artificial intelligence, and visualization   Internal Audit and innovative ways to deliver
         tools have already begun to transform Internal Audit   impactful reporting are helping Internal Audit
         work, and are about to transform it.               functions to deliver value and improving the impact
                                                            and influence of Internal Audit.
         Skills and capabilities
         Thinking that the same people operating in the     https://www2.deloitte.com/content/dam/Deloitte/global/
         same way with the same resources can deliver       Documents/Audit/gx-internal-audit-3.0-the-future-of-internal-audit-
         the value expected by the stakeholders, let alone   is-now.pdf

          Understanding the New ISO and COSO Updates

          Earlier in 2018, the International Organization   reflect the evolution of risk management over the
          for Standardization (ISO) published a longed-     past decade, recognizing risk management’s move
          for revision to ISO 31000, its risk management    from a separate and at times departmentalized
          guidelines and in June 2017, the Committee        activity to an integrated management competency.
          of Sponsoring Organizations of the Treadway       Also, risk management is not viewed as a periodic
          Commission’s (COSO) revised the Enterprise Risk   risk assessment and modification activity, these
          Management (ERM) framework. This means that two   revisions specify that managing risk is an integral
          of the most widely used risk management guidance
          have been updated within a short span of time.    part of decision-making across the organization and
          Users need to understand the scope of the changes   very critical for meeting objectives and improving
          and determine the potential impact on how their   performance. These revisions also recognize that
          organizations manage risk.                        risk and uncertainty are important factors when
                                                            management form strategy, run operations and
          Common Factors                                    deliver project initiatives.
          Even though these guidance documents issued by
          independent entities, these revisions share common   http://www.rmmagazine.com/2018/06/01/understanding-the-new-
          characteristics. Both of the revised documents    iso-and-coso-updates/

          06     INTERNAL AUDITOR - MIDDLE EAST                                                                                                                                JUNE 2018