For many years, Deloitte has successfully supported a large international pharmaceutical company with internal audit support as part of a co-sourcing arrangement. Deloitte works closely with our Client’s Internal Audit department, whereby we organize regular sharing sessions to align around methodologies, good practices, trends, audit planning and improvement areas. Our partnership is based on trust and continuous dialogue.
Our Internal Audit support covers the full EMEA region, whereby the Copenhagen office acts as the first point of contact to support different types of internal audits such as compliance audits, financial audits, operational audits and IT / security audits. We provide flexibility in our operating model whereby Deloitte - on the one hand - could lead audits from start to finish or – on the other hand – could provide hands-on support of professionals who work under the Client’s guidance and supervision. Key activities include:
- Allocation of the right resources (skills-wise and language-wise) across the full region
- Involvement of Subject Matter Experts in different risk areas (e.g. automation, regulations, compliance, cybersecurity, sustainability, etc.)
- Project-based Data Analytics support using different types of technologies (e.g. audit analytics, risk analysis & sensing, process mining).
- Methodology and Quality Assurance support, if needed.
We have established a core team of professionals who are dedicated to support our Client and who relate to the Client’s Methodology and ‘Ways of Working’. This core team could either support the Client with audits or train our ‘local’ internal audit teams across EMEA. In addition, where beneficial, our Client could have access to Deloitte tools, such as Data Analytics solutions and Deloitte’s Internal Audit software, in order to make the Internal Audit process even more effective and efficient from planning to reporting.
This agile and flexible setup allows our Client to a) scale up and down, b) have the right capabilities (SMEs, for example, in the area of specific regulations, operations or technologies such as control automation, blockchain, cybersecurity or sustainability, etc.), c) have access to well-skilled local resources who know the local language and d) have insight into country-specific practices to gain insights into trends and developments.