Thousands of audit, risk, and compliance professionals came together for Audit & Beyond, AuditBoard’s second annual — and first virtual — user conference. Industry leaders shared their thoughts and ideas on how to help our organizations meet the challenges we face today and anticipate new and emerging risks to create a better tomorrow.
Here are some of the many highlights from Audit & Beyond.
1. Unifying Audit, Risk, and Compliance Has Never Been More Important
Many leaders at Audit & Beyond spoke about the importance of bringing together audit, risk, and compliance in an era of dynamic change — the subject of AuditBoard’s executive keynote.
“We’ve created a unified audit, risk, and compliance platform, which is helping organizations transform and improve the way they manage risk today,” said AuditBoard Co-founder Daniel Kim, who kicked off the keynote by sharing how “our technology vision is to make your critical business function more streamlined, more collaborative, and more informed than ever before.”
Scott Arnold, AuditBoard CEO & President, placed the important role of assurance providers in the context of present-day events: “In a year like 2020, with unparalleled volatility and upheaval around a global pandemic and remote work on top of serious environmental and social governance concerns, what you do every day as audit risk and compliance professionals is more essential than ever as you protect, assure, and guide your organizations on how to manage these unprecedented challenges.”
The role of technology in eliminating silos to drive the strategic contribution of audit, risk, and compliance was a common theme introduced in the keynote and developed across multiple sessions. “We built a connected platform driving a centralized system of record, collaboration, and reporting for audit and compliance activities across the enterprise. We recognized that ultimately risk is the thread that ties everything together — and seized the opportunity to push our industry forward, not just for risk management, but for internal audit, compliance, and information security programs,” asserted AuditBoard CTO, Kevin Jhangiani.
2. Get Comfortable with Ambiguity — But Take Control of Your Narrative
What will it take to help organizations manage uncertainty and associated risks — internal or external, financial, operational, strategic, regulatory, or related to technology or reputation? Bill Michalisin, EVP & COO of The Institute of Internal Auditors, makes the case for audit, risk, and compliance professionals to rethink their approach to risk.
“What we already know as internal auditors is what’s going to help us through this crisis — our ability to be calm in the moment, decisive when it matters, and bold as we move forward. As we help our organizations navigate these months and years ahead, we’re going to have to get comfortable with the ambiguity, and get comfortable with being uncomfortable,” said Michalisin in his keynote, ‘Navigating the New Normal, Positioning Internal Audit for the Future.”
Michalisin and many other Audit & Beyond speakers called for leaders to be flexible in their approach, looking beyond yesterday’s playbooks and embracing opportunities to deploy adaptive strategies in anticipation of future needs.
3. Constantly Re-evaluate the External Risk Environment and Internal Preparedness
Paul Sobel, Chairman of The Committee of Sponsoring Organizations of the Treadway Commission (COSO), covered a wide range of topics in his keynote, “How Recent COSO Guidance Impacts Audit, Risk, and Compliance Professionals in a Rapidly Changing World”. He broke down how recent and upcoming COSO guidance can help auditors and their organizations meet some of the most pressing challenges in today’s complex and fast changing world — from cyber risk and blockchain to compliance risks and controls and many other risk topics.
Sobel’s remarks about cyber risk held true about multiple risk areas confronting an organization: “Risks do change. Your cyber risks are going to change, there will be new ways to attack, new ways to exploit companies — so you need to be constantly scanning the external environment for changes in the cyber risks, while also reviewing internally how effective your cyber protection and risk responses are working.”
Sobel made a point that COSO guidance can help internal auditors perform their jobs better, and better inform management and the board about some of the important topics that will help them be more effective in their roles.
4. Apply Lessons Learned from the Challenges of 2020
A common refrain across panels was that COVID-19 and its associated impacts provided opportunities to rethink assumptions and common ways of doing things. The panelists in
“Forecasting the Future of Internal Audit” shared how recent events have accelerated changes to their processes and approaches.
“This has been a great year to pilot some things that would keep us from having to travel so much,” contributed Laura Gannan, Senior Director, Global Audit Solutions at Walmart. “Over the last couple years we’ve been implementing more mobile auditing capabilities. We’re putting the technology in the auditor’s hands when they’re out in stores and using those tools to create real-time dashboards for the business where they can immediately see what the results are and start acting on them”
“Leveraging technology and challenging ourselves whether the scoping that we’ve done in the prior years is really the right scope — can we test smarter? There were a lot of positives like these that occurred this year, given all the pressures with COVID,” added Angelita Negron-Nieves, Director of Internal Audit, Risk & Controls at Party City Holdings Inc.
“Where we coach our team members is to focus on today’s delivery of quality services and to give good audit insights through the work that we do. If you do this, you’ll naturally be in a position to offer insights into the next initiative or deliver the next audit,” noted Doug Sasso, Head of Global Audit, EPAM Systems.
5. Our Day to Day Decisions Prepare Us to Face Unexpected Challenges with Courage
Our last takeaway comes from Cynthia Cooper, who spoke about her personal experiences facing an ethical dilemma as the former CAE and whistleblower at WorldCom, where her team exposed the largest accounting fraud in US history.
“We are all faced with ethical dilemmas and they start at a very young age. It’s important that we prepare ourselves before we come to the crossroads of an important decision, because I don’t think that our character is forged at the crossroads — I think that our character is very much built decision by decision. So those decisions that we make every day in our personal lives and in the workplace matter — they’re important.”
Audit & Beyond provided us with a lot of great lessons around how audit, risk, and compliance professionals must step up to take on a leadership role in helping their companies navigate through the multiple crises the world is facing, and bring about a brighter future.
Bill Michalisin said it best in his keynote: “Our relevance has a direct correlation to our ability to show our stakeholders that we can help them achieve their objectives and be successful. We need to take control of our narrative and do a better job of defining our role, setting expectations of our capabilities, and communicating the value we bring to the business.”
AuditBoard is proud to have been able to provide a platform for so many leaders to come together to have open and honest conversations about the current state and future potential of audit, risk, and compliance. We hope that our attendees were able to walk away with new ideas on how to be better assurance providers, leaders, and citizens. Thank you to all of our speakers and attendees — and we hope that you continue the learning and conversation this Fall in our Audit & Beyond Webinar Series.