Notes from The IIA + SAP Webinar — Redefining internal audit practices in the virtual world — 30042020

@dasarpb

Thiyagarajan Kumar — Head of Management Assurance Services, Times Group

Participated in business continuity planning discussions

Focus on cost, cash and receivables

Keep talking to CIOs of business verticals to ensure cyber security

Monitoring payments to ensure

Bhavani Jois: AVP and Head of IA — Infosys >> Get used to this new way of work, redefined new normalcy. Keep a watch out on the new risk landscape. Landscape is changing so fast, constant dialogue is a must. Communication is the key. Added skillsets like data analytics would be key under the new work environment.

Create virtual machines to enable remote logins

Procured desktops and deployed them to homes as they were easier than laptops

Declaration of work through mobile apps

Changes to customer contracts to deliver services under the changed working environment to ensure there’s no breach and billing is continued

Finance function were completely unaffected

IFC Controls testing specifically for : Electronic onboarding; People exit process

Enabled VPN access for co-sourced internal auditors

Audit Planning — reprioritise the audit plans. All audits would be done remotely.

Setting KPIs and objectives for the team members to achieve.

Internal audits are about tools, data and people. Ensure all 3 are available for internal audits to be performed without disruption.

Calls and meetings to ensure interpersonal connect and motivation

Nagesh Pinge: Independent Director, Tata JLR, Reliance Retail, ICICI >> How can I digitalise the IA team. Business oriented digitalised pragmatic reviews. Start looking out for new kinds of reviews such as customer contracts, insurance contracts.

Expectations from Internal Audit Committees

Good time to introspect

Business as usual can not be there, business models will undergo change

Differentiation between critical/non-critical businesses will happen

When a times are good, IA suggestions may not have as much value as their suggestions when the chips are down like the current times. Can IAs relook at the old reports and suggestions and compile them into a nice useful document/checklist

Recruitment: People may ask what kind of hygiene, work from home facilities your company offers

People may choose to work from home post COVID. BYOD may pick up again. With added cyber security measures.

Additional skill sets required for IA Community — Better tech skills + Data Analytics

The new 3 lines of defence — The 3 lines would be blurred for large as well as small organisations.

Audit Priorities — Keep your audit plans aside/flexible. Please address the needs of the business, Board, Audit Committee and other stakeholders. Please become part of the solution to not become a problem.