For example, a one-person GRC team functions very differently from a multinational organization with many lawyers and compliance officers working across the globe. They also identify significant opportunities for improvement.
Some organizations look at auditing as a necessary evil; past audits in these organizations have done little to change that view. An important fact of reengineering, downsizing, rightsizing, or other major organizational change is that groups that are not perceived as providing value will be reduced or eliminated.
Basis and Need for Value Added Auditing When we are helping our clients improve their auditing programs through training or consulting services, the J-E-T-S consultants always try to talk to line management. What is appropriate is simply going beyond an initial discrepant indication to the problem that allowed the discrepancy to happen.
The auditors can then confidently suggest internal controls to manage these risks. The response we often get to these rather subjective questions is surprisingly consistent, but also rather subjective; the response is "Not enough value added.
Why a new or additional term? The focus should be to identify opportunities to enhance GRC practices. We then challenged the managers with the question, "What information could the audit have provided that would have been of value? In order to survive, all groups must demonstrate added value to their customers.
Communicating the results and walking the management through the implications of the audit are some of the particularly important stages in GRC audit reporting because of the diversity of GRC programs.
The board oversees the implementation of these programs to ensure effectiveness, and auditors provide the assurance to the management and the board that the program is achieving its goals. Once roles and responsibilities have been clearly defined, task assignments need to be delegated.
Create a powerful and strong program team.
Complete a high-level audit survey of the GRC program as the preliminary step to completing a formal internal audit. In Value Added Auditing, auditors work in a disciplined and well planned manner to complete the audit and provide the report in a timely manner.
Tell line management something new. Tell us something new. Testing audit efficacy Testing audits is a challenging task in a GRC audit where one is auditing governance practices and not transactions.
In Value Added Auditing, the auditor constantly strives to improve the value of the audit to line management. Each of the steps listed above will contribute to process improvement. Therefore, auditors must understand where the organization is going, what major objectives it is trying to achieve, how the GRC program is helping the organization in this, and what risks the organization faces.
So the management needs to take ownership for the corrective actions and recommendations of the audit. Each organization is different, and an approach for adding value to the audit process requires adaptation based on the needs of the organization.
Conclusion Value Added Auditing is an approach to auditing that places the needs of the audit customer first. These are questions that auditors should ask themselves during the audit, then provide the answers to line management, thereby increasing the value of the audit results.
Auditors need to be flexible in their approach, and ready to learn from stakeholders and other staff.The Auditor’s Role in Adding Organizational Value - Aligning various aspects of GRC auditing to fulfill the new responsibilities.
Overview. Ensuring the relevance of the GRC audit to the organization’s specific needs. Today's auditors, however, must be much more attuned to opportunities for enhancement, as adding value is widely considered an integral part of the audit process.
Indeed, the very definition of internal auditing states. 4 Ways Auditors Can Add Value to Your Organisation 30 June making sure the organization’s leaders know about these risks, and proactively recommending improvements to help reduce the risks”.
It is a common fallacy that the Internal Audit function exists to pick holes in management’s operations. For more information on. In J-E-T-S’ Value Added Auditing training, we emphasize the need to "sell" the audit process.
In any organization, change is resisted until it is recognized as beneficial. In any organization, change is resisted until it is recognized as beneficial.
activity that adds value to and improves an organization’s opera-tions. It helps an organization accomplish its objectives by bring- • Review the internal audit department’s budget and staffing.
Adding Value Across the Board - Cover. Value-Added Internal Audit: Myth or Reality? Prague Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations.
It helps an organization accomplish Value of Internal Audit In addition, internal audit.Download