Introduction

With changing times and with the introduction of technologies like Artificial Intelligence (AI) and Machine Learning (ML), the ways in which audits are conducted (internal or external) have changed drastically. Robotic Process Automation (RPA) has also found its place again in the workflows within the organizations. Various tasks, or rather the entire processes & workflows are now being automated.

AI, ML & RPA have drastically changed and also affected the audit processes. It has given rise to unprecedented organizational structures & company models. How? Well, now the most important asset for an organization is its data. Data includes confidential company information, intellectual property viz. patents & trademarks, and customers’ private information and much more.

Auditors audit such data & other financial statements on a daily basis. These statements are the foundation on which an organization and the capital markets depend. By reviewing the finance and internal controls, auditors act as independent checks for organizations and a valuable resource for audit committees.

The health and stability of the capital markets depend on the audit of financial reports & other information as provided by auditors in their financial statements of an organization. So, a high-quality audit reflects fairness of auditors and increases their trustworthiness amongst the board of directors & external stakeholders. However, there is no third-party assurance for such reports provided by auditors of such companies. So, at times, relying on this information increases the risk in capital markets.

To avoid such mishaps, we have mentioned two significant ways in which Internal Audit can be leveraged for Corporate Governance in 2020:

1. ESG risk & reporting: ESG (Environmental, Social & Governance) risks and its mitigation has gained momentum in the past few years. Companies have started paying attention to ESG risks and their impacts by including them in their overall risk insights. They are now preparing ESG metrics and ESG reports as a part of Corporate Governance. Companies have started leveraging their auditors to study the emissions, carbon footprints and have started engaging these auditors to carry out attestation of the company’s ESG information & associated risks.
2. Cybersecurity: It is imperative for the board members to be aware of the American Institute of CPAs’ cybersecurity risk management reporting framework & SOC for Cybersecurity These frameworks aid organizations to evaluate the usefulness of their existing cybersecurity risk management programs. It also helps auditors better understand the types of existing cyber-risks, and how to mitigate them by having better systems, controls and processes in place.

Conclusion

Though the expansion of auditors’ role will happen in the long-term, the board members need to put in efforts and consult organizations providing cybersecurity as well as ESG risk mitigation strategies to improve their audit processes.

Governance in 2020 is quite different than it was a decade ago. However, with appropriate risk mitigation strategies in place and with regular audits, it is possible for board members to create transparent governance policies and processes throughout the organization.