Join Richard Chambers for a new episode of his Agents of Change video series, featuring conversations with internal audit leaders from some of the world’s most prominent organizations about innovation in the profession.
In this episode, Richard sits down with Sayuri Ohno, Vice President and Chief Audit Executive at Electronic Arts, to discuss how a tech-savvy internal audit department can provide deeper insights and recommendations for the business by:
- Gaining end-to-end risk visibility with enterprise risk management.
- Enriching internal audit and the organization via a healthy exchange of talent in a rotational program.
- Bringing internal audit’s bird’s-eye view to help the business understand risks, opportunities, and big-picture connections.
Watch the full conversation, and read the can’t-miss highlights below.
Gaining End-to-End Risk Visibility with Enterprise Risk Management
Richard Chambers: Sayuri, in Agents of Change: Internal Auditors in an Era of Disruption, I define agents of change as those internal auditors who are catalysts for transformational change that not only protects value — which has been a traditional role for internal audit — but more importantly helps to create value in the organizations they serve. Tell me, is that a role you think internal audit should play?
Sayuri Ohno: Internal audit can play a very active role in being a catalyst for transformation, change, and hopefully progress. We have the privilege of being involved and seeing a lot of things around the company, understanding processes and procedures, running the enterprise risk assessment throughout the company — and now with the help of AuditBoard, at EA we are also implementing enterprise risk management. I think it’s a natural, organic transformation for internal audit — having enterprise risk management to say not only these are the identified risks and what’s happening today with the company, but these are the things that we are doing to mitigate it, and these are the things that are residual that we are not going to get into due to our priorities. ERM means we have that story end-to-end. As internal audit has visibility into all of this in addition to having the historical best practices — I think that we need to bring all of this out and expand our role as well.
Internal Audit Must Be Tech Savvy to Recommend Similar Solutions to the Business
Richard Chambers: One of the challenges internal audit departments have is the capacity to address all the risks in an organization. A very complex organization like yours, I’m sure you never feel like you have enough auditors. Do you rely heavily on technology as a capacity multiplier in the internal audit department, and are there any specific examples that you’d like to share?
Sayuri Ohno: Technology helps you to set a baseline, whether it is on SOX, operational audits, linking the enterprise risk assessment with your audit plan. Technology also increases not only the visibility, but the accountability for the owners of risks, controls, and processes — the ability for them to talk about their own challenges, trying to solve them, really collaborating and cooperating more. I believe that in a technology company that develops software, technology for internal audit is really key. I cannot go talk to my business partners about solutions if I’m not tech savvy or if I cannot point to ways that we are using technology to enhance our own process as well.
Enriching Audit and the Business with a Rotation Program
Richard Chambers: How do you as a chief audit executive, how do you recruit and retain the talent that it takes to drive change in the organization?
Sayuri Ohno: There are different ways to tackle talent. There is the junior person that you hire as a new grad — you bring them in and you develop them. There is the team that then stays and becomes very seasoned in internal audit and company processes. We also have a very healthy exchange of talent within the organization and internal audit. A lot of our team members go out to the business, and we also bring people from the business that perhaps don’t have internal audit experience, but have very strong skillsets — and we develop them within the audit procedures.
I think you have to look at talent from a very broad point of view. Also, “auditor-to-be” today means people that are technology-savvy, that have strong backgrounds in IT security — it’s a very broad skill set that we are looking into. Exposing people to first-hand experience in different parts of the organization enriches them because they have the opportunity to work with the best and learn from the best. They become not only an auditor, but a professional as a whole who can articulate issues and see things from different angles. Talent is something that I’m very passionate about.
Internal Audit’s Bird’s-eye View
Richard Chambers: Sayuri, if I ask you to pull out your crystal ball and look at the next 10 years, are there things you would urge internal auditors to consider when preparing themselves to be successful?
Sayuri Ohno: Leverage technology! If you have a unified integrated baseline where you can have all your information in one place, you can run a lot more advanced data analytics. You can be more meaningful about how you distribute data knowledge, and give the opportunity to the business to think through how they are not only doing their work today, but how they are going to integrate new technology and what questions they should ask. They can weave all of these learnings as they’re building the process today, so when they get 10 years out they’ll feel they’re in a much better place. This requires you to think about how you’re going to measure progress. How do you know when something goes wrong? How do you course correct, and how do you step back and recalibrate?
The environment is very dynamic. You have an external environment that moves and you have organic growth within your own company — and I think it’s really important to match both of them so you understand where you are. What I believe we as auditors can bring to the business is that bird’s-eye view, without getting too involved into the politics and everything else, having an objective, neutral position into the business and how things are connected.
