Prior to joining Deckers as an Internal Audit Manager, Kara Goslin knew she was interested in a career in audit because it was the best place to work closely with teams throughout the business and enhance knowledge of processes. Today, Kara manages Deckers’s European and North American regions from London, while also taking on CAE-level responsibilities as the point of contact for the audit committee. From her unique vantage, Kara has excelled in helping to transform the perception of internal audit as “the regulator” into a partner the business can turn to for helpful insights. Her other successes include a best in class SOX program and effectively leveraging ERM to find opportunities to help Deckers achieve its business goals while using those insights to drive the audit plan. Read more about Kara’s role at Deckers below.
Kara: I was drawn to audit because it felt like the most hands-on and holistic way to learn how businesses operate from end to end. When I started in the assurance practice at PwC after college, I quickly realized I was more interested in learning about the business as a whole over focusing purely on financial statements. The idea of going to client sites and working with a variety of companies at that level was appealing to me. Eventually, as the time to move to the manager level in external audit approached, it felt natural to pursue the route of internal audit. This was when I became aware of the role at Deckers; five years later, and I’m very happy with the decision I made.
Kara: The most challenging but exciting piece is being in a position where I am able to look at internal audit from a strategic lens, where I get to consider how to improve the department and help initiate and drive those improvements. I am able to view internal audit from a high-level perspective, where I look at things like our enterprise risk management program, our audit plan, and our team—which were areas that I have always had a lot of ideas on as a manager. The opportunity and ability to put those ideas forth both with the internal audit team and executive leadership, as well as set them in motion, is very exciting to me.
Kara: Equally challenging and fulfilling are the CAE-level responsibilities that have come with being the new point of contact for the audit committee over the past few months. I have always been passionate about partnering with the business, but it’s even more important for me to help transform the perception of internal audit as “the regulator” into a partner where the business can go to gain valuable insights into risks and how to manage them effectively. Knowing that we are moving closer to that goal daily is fulfilling for me.
Kara: As a small team at a public company our initial priority, of course, is maintaining a robust and compliant SOX program. But beyond this, I have been working with our Chief Compliance Officer and CFO to develop and evolve our ERM program. I’m very excited to be leveraging technology to help Deckers build out our ERM this year, which has been very helpful with reporting and improving our presentation to the Board. I’m also looking forward to leveraging the insights and successful finds we are gaining from ERM to drive our audit plan and operational audits.
Kara: Considering the pace at which internal audit as an industry is changing alongside the evolution of risks faced by global businesses, I think the biggest challenge is gaining a real understanding of the current risks and those around the corner. Everything from cyber and information security to utilizing AI, data analytics, and robotic process automation requires our attention. It’s important for the entire internal audit team to understand the IT environment, their implications, and how we can use new technologies to automate processes, gain efficiencies, and perform ongoing monitoring.
Kara: The immediate, relevant example is how my team is utilizing ERM to drill down and find opportunities to assist the business in its goals. Our operational audits have first and foremost looked at high-risk gaps, but we’ve simultaneously used them as a platform to launch improvements to business processes as we learn more about what the various departments are working on and implementing.
In addition, I’ve placed great emphasis on developing relationships with the business in order to create a culture of internal audit being seen as a partner to the business instead of “the regulator.” I tell everyone I work with throughout Deckers, “If you’re thinking about putting a new policy in place or changing a procedure, even if it’s not SOX-related, reach out to me.” I am more than happy to listen and give feedback to encourage this culture, because I believe this type of proactive participation by internal audit and the organization—with everyone building these relationships—will benefit the business in exponential ways.