Internal audit has always been one of the cornerstones of corporate governance. The current economic environment, greater public scrutiny and increased globalisation, however, have all increased its profile – focusing the spotlight on quality and new risk-related considerations.
It is clear that Boards are now much more aware of the importance of understanding risk. Unlike external auditors, internal audit looks beyond financial statement risks, towards the wider issues that help businesses to mitigate the risks to which they are exposed. This means the strategic value of internal audit is greater that it has ever been.
Many organisations are struggling to keep pace with the changing regulatory environment and to identify, let alone manage, the complex risks they face. Tailored to your size, sector, risk appetite and the regulatory requirements that apply to your organisation, our consultants in Risk and Advisory Services can provide support through a fully-outsourced or co-sourced service or can supplement your existing skill set by providing specialist input. Our range of services also includes reviews of internal audit functions and internal audit start-up assistance.
Our specialist teams will help you to assess and increase your focus on:
IT Internal Audit
Organisations are increasingly embracing more complex and sophisticated technology solutions in an effort to provide a wider suite of services, reach more customers and drive greater efficiencies. Internal audit functions must draw on expertise to ensure the right technology risks are identified and related controls assessed, including:
· Changing data privacy agenda
· Growing technology resilience dependencies, and
· Challenges with implementation of digitalisation across the business.
The risks associated with such solutions are significant, and can result in severe impacts on operations if not addressed. Understanding these risks is critical in order to ensure that the right countermeasures are in place and operating effectively. Internal Audit has a fundamental role to play in reviewing and assuring the way in which a business evaluates its technology risks and controls.
Behind each risk sits 32 sub risks each of which can be separately evaluated and used to benchmark an organisation’s maturity in the operation of mitigating controls.
The IORP II Directive sets out standards in relation to an effective system of governance for Irish Occupational pensions schemes, as well as enhanced duties around member communications. For an overview of the requirements and how BDO can support your organisation, please download our IORP II brochure.