The Importance of Internal Audit / Corporate Governance in the digitization world.
The Importance of Internal Audit / Corporate Governance in digitization world.
During the last few years, the discussion about Corporate Governance has increased globally. This can be seen as a result of several scandals like Satyam Computers and prominent bankruptcies of corporate giant i.e. Lehman Brothers, CITI Bank & recently Punjab National Bank arising from non-compliances with rules and internal controls over the world, but mainly is in the US and in Europe.
The most common law to mitigate such non-compliance has been introduced namely the Sarbanes Oxley Act 2002 (SOX), which defines numerous requirement for those companies which are listed on the American Stock Exchange. With this background, the Management Board of the European Confederation of the Institute of Internal Auditing (ECIIA) has conducted a survey on the status of Corporate Governance in Europe with a specific view on Internal audit and drawn up the paper to give importance of Internal Audit for the following
- To give an overview of the most important regulation with respect to Corporate Governance,
- To summarize the common understanding of an up-to-date Internal Audit function and
- Finally to formulate proposals for an enhanced role of Internal Audit in the whole Corporate Governance in Europe
With the increased pace of digitization, the risk focus in Internal audit has changed a lot. In 2018 ECIIA have been interviewing Chief Audit Executives from major organization in European Countries to home in key themes requiring the attention of internal audit to mitigate risk and protect and add value to an organization. These themes are:
- General Data and Protection Regulation (GDPR): Data governance and management of data is not only related to security and privacy – it’s also related to the internal processes to really optimize, to own data, to be aware of which data are available and the way they are utilized and managed for commercial purposes.
- Cyber Security: The maturity level of the organization to mitigate and monitor the risk still requires attention from the board, the risk committees and senior management. Then there’s the maturity from a technical perspective, the teams and the skills is the focus of internal audit.
- Regulatory Complexity and Uncertainty: The ongoing pace, scale and complexity of regulatory change is something that our emerging risk team is having to air-traffic control and understand what the organization must focus on – whether it’s changing systems, processes or reporting required by regulators and our ability to land that change at the appropriate times
- And lastly, the pace of innovation: The digital world is increasingly replacing the physical world and the pace of innovation, digitalisation and e-commerce is rapid and constantly changing. Tat results in a lot of changes to systems, processes, controls and risks themselves. Many of this links to third parties that are used for new kinds of operations such as logistics, which for us is a very important risk.
281 total views, 1 today