This sentiment is further supported by the findings in Gartner’s 2020 Audit Plan Hot Spots report from interviews of Chief Audit Executives (CAEs) from around the world — citing 12 key risks, grouped by four key themes, that auditors will focus on this year.
With growth comes increased complexity and disruption — organizational resilience will be put to the test as the development or expansion of ecosystems takes place. Organizations will struggle to align talent, resources, and processes with their overall strategy — with increasing pressure to improve coordination and communication to improve agility.
There’s no doubt that data is essential to running a business effectively these days. Collecting, managing, and especially protecting data remains critical. Data storage, management, and protection are significant areas of concern as organizations try to leverage relevant data for strategic decision-making. Many businesses will still struggle to adopt data governance frameworks or develop governance strategies in general.
High competition, the rapid pace of technological advancement, and other environmental factors have placed a heavy burden on organizations to digitally transform their operations to stay competitive — potentially, even relevant. The trouble is, many digital transformation projects fail due to the lack of strategic focus or alignment, internal control gaps, or other governance issues. It’s easy for security gaps to surface or widen as processes and technologies change — cybersecurity vulnerabilities, human error, software integrations, and many other factors will create or increase risk points.
More organizations are also adopting Artificial Intelligence — offering tremendous benefits to improve productivity and streamline processes. In the process, “organizations risk unintended compliance and ethics violations and significant reputational damage,” according to Gartner’s findings. Project management is an area that’s front and center for organizations, with many projects focused on digital transformation. For projects to be successful, proven standardized project management practices need to be established and followed — without these, valuable financial and human resources will be misallocated and wasted.
As third party organizations become more intertwined with critical business functions, there will be a need for closer attention to changing regulations, reputational risks, and security issues that can have an impact upon them. If this wasn’t enough — around the world, natural disasters are becoming more frequent and devastating — while the global trade system also faces more volatility. These issues will force organizations to find new ways to secure their supply chains. Volatility will continue to play a role — trade tensions, environmental concerns, geopolitical alliances, and increased regulatory and public scrutiny will push organizations to find new ways to prepare for and adapt to unpredictable situations.
Many macroeconomic, strategic, and operational risks may not be within your organization’s control. By focusing on the risk areas mentioned, high performing internal audit teams provide tremendous value to organizations and help ensure strategic decision-making is built around a strong risk culture. This helps organizations prepare for challenges and also equip them to take advantage of opportunities.