June 16, 2018
June 16, 2018
Contributor: Sharon George
Internal audit teams must move toward real-time assurance to keep up with the growing number and magnitude of risks.
What do cybersecurity, data privacy, cloud computing, digital business models and M&A have in common? They all present critical risks to the success of an organization — risks that audit must verify and assess so the organization can manage and mitigate the potential effects. These risks are growing in number and magnitude, and some of the most threatening risks evolve constantly, and so are the hardest to track.
“This environment has changed the way internal audit teams must provide assurance and has created a ‘change gap,’” says Malcolm Murray, research leader at Gartner. “This is the gap between audit’s current ability to adapt and provide assurance and its required change capability in light of new risks and those that suddenly get more important.”
This gap is currently over 10%. In other words, more than 10% of necessary assurance activity over critical risks isn’t taking place, according to a Gartner survey of about 90 heads of audit. If audit stays at its current level of adaptability, our model forecasts that this gap will become untenable in 2020, reaching more than 90%.
To reduce the potential for unchecked risk exposure, internal audit must adapt to a real-time environment. This requires audit teams to:
Read more: Top Risks for Audit Leaders
To guard against unchecked risks, audit teams must move to a new era of real-time assurance, which relies heavily on data gathering and collaboration with other business units — and empowers auditors to work closely with management. To implement this shift, they should:
What matters most is that all three steps work in concert and reinforce each other. Pioneers are closing the residual assurance gap, and guarding against a widening of the gap in the future.
Read more: Deliver Data-Driven Insights
Join your peers for the unveiling of the latest insights at Gartner conferences.
Recommended resources for Gartner clients*:
Aligned Assurance Implementation Guide
*Note that some documents may not be available to all Gartner clients.