Becoming agile: Elevating internal audit performance and value
A methodology for audit planning, fieldwork, and reporting
This article, part one in the 'Becoming agile' series provides an overview of agile principles and their application to internal auditing. Learn how agile internal audit can help you generate greater stakeholder engagement, faster audit cycle times, and more insightful reporting.
- An updated change methodology
- Shifting mindset and processes
- Driving better results, faster
- The journey to agility
- Get in touch
Becoming agile is a three-part series on Deloitte’s methodology for applying agile principles and practices to internal auditing as we help organizations lead, navigate, and disrupt to accelerate performance. Visit our site to view the reports as they are completed. Part two, “Putting Agile Internal Audit into action,” is coming soon.
An updated change methodology
Internal audit groups are continually challenged to provide more value to stakeholders while also facing resource constraints. Stakeholders are demanding more efficient assurance, better advice on processes and controls, and greater anticipation of risks.
Current efforts to address these challenges aren’t working—or aren’t working quickly enough. Internal auditors have tried to do more with less, but with the same basic approach to audit planning. They’ve applied data analytics, but usually to traditional fieldwork. They’ve tried to deliver more insightful reports, but without knowing enough about stakeholders’ needs and expectations. The list goes on.
Instead of sporadic initiatives and piecemeal solutions, internal audit departments need an updated change methodology. Such a methodology should take a global approach to driving value, accelerating cycle times, and enhancing deliverables.
The agile principles are one such change methodology. And in Deloitte’s view, the one most readily applicable to internal auditors’ current challenges.
Shifting mindset and processes
Struggles occur when any group tries to pursue new outcomes without shifting the mindset of the group and its stakeholders, as well as its processes for producing the outcomes.
Agile Internal Audit methods work to shift internal auditors’ mindsets and processes by pursuing:
- Clearer outcomes. Rather than, for example, open-ended reviews or audits in search of findings, an Agile Internal Audit approach aims to confirm or disprove a hypothesis or support a point of view (mindset shift). That way, the audit or project targets an outcome, which guides the fieldwork and reporting (process shift).
- Increased engagement. While maintaining objectivity, the internal audit function—in collaboration with stakeholders—prioritizes areas, issues, and risks (mindset shift). This helps internal auditors identify needed resources and focus their work on factors that determine business performance and value (process shift).
- Improved documentation. Instead of feeling the need to explain every step taken and justify it through exhaustive documentation (mindset shift), Agile Internal Audit frameworks can deliver briefer, timelier reports with fewer words and more visuals (process shift).
By aligning mindset and process, Agile internal audit directs time and effort toward the issues, challenges, and risks that most affect the organization’s ability to implement strategy and achieve goals. At the same time, it aims to conduct routine assurance activities without unnecessary resources, effort, or reports.
Driving better results, faster
Agile Internal Audit frameworks drive improved results through four transformative changes:
- Enhanced internal audit planning. Rather than rigid internal audit plans, Agile Internal Audit planning maintains a continually updated backlog of audits and projects to be undertaken when goals are clear and resources are in place.
- Empowered internal audit teams. Upon providing interim reports, the team and stakeholders can determine whether greater assurance or higher quality is needed. If it is needed, the work continues; if not, it ends. These decisions can be made at lower levels because senior people have established parameters and internal audit teams have clear guidelines.
- Accelerated delivery cycles. Internal auditors work within time-boxed sprints to complete a set of well-defined tasks. Sprints set a faster cadence for audits and projects by setting out to provide a level of assurance or to confirm a hypothesis rather than document activities.
- Valuable insights. By streamlining the work and documentation, Agile Internal Audit frameworks focus internal auditors’ attention on the trends, risks, challenges, and opportunities that can most impact the organization and drive insights.
An Agile Internal Audit methodology’s transformative power lies in its transformative approach. This isn’t change for its own sake. Nor is it an end in itself. It’s a means to an end, and it’s up to each internal audit group and organization to define that end.
The journey to agility
Internal auditors face a wide range of challenges. Yet the overarching theme for most internal audit groups is the need to change. An Agile Internal Audit approach provides methods that work to change both the mindset of internal auditors and their work processes.
Agile also operates at a higher level as a change methodology for the internal audit group and its stakeholders. This is crucial because internal auditors’ work relates to every business and function that affects the organization’s performance and value, and unilateral efforts to change such a function generally fail.
To learn more about adopting an Agile Internal Audit approach, download the full PDF. And look for the next installments in the Becoming agile series. Part two will address strategies for applying agile methodologies and the benefits to internal audit planning, fieldwork, and reporting. Part three will focus on using an agile internal audit approach as a change initiative.