The Data Analytics Value Proposition from Internal Audit
Internal Audit Data Analytics Capability Maturity Map & Usage Examples
Organizations often leverage a data governance framework and data analytics strategy in order to achieve higher levels of maturity.
In an age of constant disruption, to optimize internal audit’s value proposition, technology should be embraced to capture and utilize large amounts of data to identify threats and opportunities. Our value proposition as internal audit leaders is to leverage today’s technological innovation and identify opportunities to provide relevant and timely information to decision makers in order to make risk-based decisions. Those internal audit departments that are resistant to change will not keep pace with technological advancements to combat disruptive forces, while those that remain agile will be able to identify early warning risk indicators by harnessing the power of information.
MNP’s customized Data Analytics Value Proposition Maturity Map highlights the evolution in an internal audit’s maturity based on the level of data complexity and technological sophistication. There is no limit to how far information can take you to drive change and optimize performance in your organization.
As internal auditors we have the relevant skills to identify, prioritize, and report threats early or detect opportunities that can further an organization’s competitive advantage and / or mitigate organizational risk. The foundation for establishing effective data analytics is to ensure data captured and leveraged is largely accurate and complete. Most organizations will have or eventually implement a Data Quality and Governance Framework to ensure the ongoing integrity of data.
Today, many organizations are benefiting from improved reporting and monitoring via business intelligence and analytic systems to gain a competitive advantage through Descriptive Analytics. Visual analytic systems are especially popular for creating dashboards to track key performance indicators or early warning key risk indicators. For example, many organizations are using Global Information System (GIS) mapping to integrate data sets visually to monitor potential new revenue opportunities or rising costs by region.
As data governance practices mature, advanced analytics systems are more frequently used to conduct root cause analysis (i.e. why did it happen?) and predict the future (i.e. will it happen again?)
Predictive Analytics analyses tend to forecast results, which can drive business process optimization or profit enhancement.
Prescriptive Analytics is the natural next step as it simulates probable scenarios for revenue generation, cost management and fraud prevention.
Cognitive Analytics explores human behavior and utilizes systems that can sense, learn, infer and interact with humans.
Semantic Analytics studies the meaning of language. For example, algorithms can be created to scan social media for trends and patterns related to an organization and monitor for any emerging risks or opportunities.
Artificial Intelligence (AI) and Machine Learning technologies combine multiple forms of analytics to model the human brain’s ability to think in a real time multi-dimensional way. The human brain has limitations in terms of the quantity of what can be assessed on a real time basis. AI systems have virtually unlimited capacity to continuously monitor transactions and learn from patterns, leading to real time auditing.
DRIVING VALUE THROUGH INFORMATION
As technology continues to advance and is the leading driver of innovation, data will be the catalyst for change and internal auditors must become adept at data analytics to remain relevant as value added advisors. While the opportunities are endless in terms of how data can be harnessed through technology to provide relevant and timely insights, internal audit can capitalize on and quickly demonstrate value to the organization by leveraging data analytics in three distinct areas: data security, assurance and coverage.
DATA SECURITY
Through a well thought out data governance program or on an ad hoc basis, most of today’s organizations (regardless of size, scale, complexity) are leveraging internal audit in partnership with information technology to produce analytics over data security. Given the sensitive nature of corporate information, data privacy and security should be top of mind for internal audit to ensure the protection of the organization’s crown jewels.
Regulated industries already have strict privacy laws and security requirements that internal auditors need to be aware of to provide assurance that the organization remains compliant; this requires a well-established data governance and controls framework that can be independently evaluated. To avoid sanctions through significant fines and protection against reputational damage in the event of a breach, critical data must be safeguarded and only made accessible by trusted sources through secure channels. To ensure adequate monitoring over access and use of information, a data analytics program will provide insightful information and detect breaches in information security. This will allow for a timely and effective response by the organization’s leadership team and provide comfort to oversight bodies (i.e. boards of directors, shareholders, regulators, etc.) that privacy is maintained.
ABSOLUTE ASSURANCE
ABSOLUTE ASSURANCE Without the use of modern-day technology, the level of controls testing assurance that can be provided by internal audit is limited. Even before the emergence of big data, the systems available to internal auditors were inefficient and only capable of handling discrete packets of information that required human intervention to manipulate data into a workable format, thereby introducing potential inaccuracies due to human error. Internal auditors are now able to provide absolute assurance over internal audit test results by assessing an entire population of data in a timely manner with the use of advanced data analytics tools.
COMPLETE COVERAGE
Often, advanced risk analytics requires data from several sources to be integrated though common identifiers and then summarized into value added insight for decision making. Most internal audit departments will want access to an extract, transform and load (ETL) system that can consolidate and filter multiple data sets into smaller packets for loading into a visual analytics system. Insights over customers and employees can be gained by understanding internal and external behaviors which will allow organizations to mitigate risk (e.g. employee fraud and wrongdoing) and maximize profit (e.g. product and service demand).
ABOUT MNP
MNP is a leading national accounting, tax and business consulting firm in Canada. We proudly serve and respond to the needs of our clients in the public, private and not-for-profit sectors. Through partner-led engagements, we provide a collaborative, cost-effective approach to doing business and personalized strategies to help organizations succeed across the country and around the world.
To learn more about the MNP’s Data Analytics Value Proposition Maturity Map and how it can apply in your organization to mitigate risk, maximize opportunity and optimize performance, please contact our National Leaders.
Richard Arthurs
CPA, CMA, CIA, CFE, CRMA, QIAL, MBA
National Leader, Data and Information Dynamics
T: 1.877.500.0792
Mariesa Carbone
CA, ABCP, CRMA
National Leader, Enterprise Risk Services
T: 1.800.661.7778
Geoff Rodrigues
CPA, CA, ORMP, CIA, CRMA
National Leader, Internal Audit Services
TF: 1.877.251.2922