Page 30 - BCICAI-Connect-Dec-2023
P. 30

an assessment of management’s approach to both  8. Third-party relationships and supply chain
            structured and unstructured data discovery.
                                                              The role of Internal Audit - Internal Audit should take
            5. Digital disruption and new technologies        a holistic view towards third party risk management,

            The role of Internal Audit - Internal Audit can   going beyond contract management to assess
            add value by assessing the change management      whether their organization has a clear strategy
            process and recommending enhancements to          and a robust framework to support third party risk
            ensure that governance, risk and control matters   management. Internal Audit can assess whether
            are appropriately considered across the change life   management has considered the need to remodel
            cycle. In addition, Internal Audit can play a significant   supply chains and outsourcing strategies to improve
            role, whilst maintaining independence, advising on   their organization’s operational resilience.
            governance and control matters relating to the digital  9. Operational resilience (including business
            transformation strategy.                          continuity and crisis response)
            6. Talent management and retention                The role of Internal Audit - Internal Audit should

            The role of Internal Audit - Internal Audit should   assess the quality of the overall operational resilience
            assess their organization’s approach to workforce   and  crisis  management  system,  by  ensuring  that
            planning and future skill demand, talent acquisition,   key threats have been identified and appropriate
            and talent retention strategies. Additionally, Internal   response plans are in place and tested. Internal
            Audit should evaluate how management is monitoring   Audit should review whether the DR and BCP are fit
            and seeking to improve employee wellbeing.        for purpose and whether emerging risks and evolving
                                                              key  threats  are  considered.  Internal  Audit  should
            7.  Hybrid  working  -  organizational  culture  and   also seek evidence of the crisis decision-making
            behaviour.                                        governance and the integrity of information reported
            The role of Internal Audit - Internal Audit should  to crisis committees.
            continue to conduct soft control audits to provide   10. Regulatory driven risk
            assurance over the current culture in the organization
            and its impact on the effectiveness of the controls   The role of Internal Audit - Internal Audit needs to
            set in place. This can be completed through either   have a strong understanding of the existing regulatory
            standalone  culture  audits  or  by  including  culture   landscape in which the organization operates to assess
            elements across all audits, to show how the everyday   compliance with relevant regulatory laws and regulation.
            life of the organization and the behaviour of its staff
            reflect the adopted values.



            30    |
   25   26   27   28   29   30   31   32   33   34   35