PWC Jason Agnoletto FCPA, National Leader – Internal Audit Services writes in his article “Seize the momentum to transform Internal Audit permanently”
Knowledgebase article : Seize the momentum to transform Internal Audit permanently
“It’s important to focus on the value the Internal Audit function is seeking to add in the future, before selecting the tools to enable this. Time should be taken to consider how to embed continuous monitoring across the key areas of the organisation and implement more dynamic risk identification, assessment and monitoring. Having clarified that, Internal Audit leaders and their colleagues can identify the required tools, data sources and analytics technology.”
The TMR Takeaway
Continuous monitoring and dynamic risk identification are the foundation of the QC3 Risk engine. QC3 was designed and developed to aid the business in the embedment and continuous monitoring of controls which are actual controls used to mitigate risks.
The Internal Audit Value Add is that the business’s assurance, risk and control insight is structured in a way that is digitally consumable by Internal Audit functions. Through the application of the QC3 application and risk framework, businesses can connect their source systems do deliver data event based assurance (population testing) while automatically and continiously testing key controls applicable to the business unit.
While the desire to transform Internal Audit functions exists, true risk culture transformation will only be sustainable when the transformation is executed wholistically and when it is supported by the right risk and assurance tool, namely QC3.