Thiyagarajan Kumar — Head of Management Assurance Services, Times Group
Participated in business continuity planning discussions
Focus on cost, cash and receivables
Keep talking to CIOs of business verticals to ensure cyber security
Monitoring payments to ensure
Bhavani Jois: AVP and Head of IA — Infosys >> Get used to this new way of work, redefined new normalcy. Keep a watch out on the new risk landscape. Landscape is changing so fast, constant dialogue is a must. Communication is the key. Added skillsets like data analytics would be key under the new work environment.
Create virtual machines to enable remote logins
Procured desktops and deployed them to homes as they were easier than laptops
Declaration of work through mobile apps
Changes to customer contracts to deliver services under the changed working environment to ensure there’s no breach and billing is continued
Finance function were completely unaffected
IFC Controls testing specifically for : Electronic onboarding; People exit process
Enabled VPN access for co-sourced internal auditors
Audit Planning — reprioritise the audit plans. All audits would be done remotely.
Setting KPIs and objectives for the team members to achieve.
Internal audits are about tools, data and people. Ensure all 3 are available for internal audits to be performed without disruption.
Calls and meetings to ensure interpersonal connect and motivation
Nagesh Pinge: Independent Director, Tata JLR, Reliance Retail, ICICI >> How can I digitalise the IA team. Business oriented digitalised pragmatic reviews. Start looking out for new kinds of reviews such as customer contracts, insurance contracts.
Expectations from Internal Audit Committees
Good time to introspect
Business as usual can not be there, business models will undergo change
Differentiation between critical/non-critical businesses will happen
When a times are good, IA suggestions may not have as much value as their suggestions when the chips are down like the current times. Can IAs relook at the old reports and suggestions and compile them into a nice useful document/checklist
Recruitment: People may ask what kind of hygiene, work from home facilities your company offers
People may choose to work from home post COVID. BYOD may pick up again. With added cyber security measures.
Additional skill sets required for IA Community — Better tech skills + Data Analytics
The new 3 lines of defence — The 3 lines would be blurred for large as well as small organisations.
Audit Priorities — Keep your audit plans aside/flexible. Please address the needs of the business, Board, Audit Committee and other stakeholders. Please become part of the solution to not become a problem.