purple blue light swirl

Perspectives

Becoming Agile: Elevating internal audit performance and value

Innovating in internal audit to enhance collaboration and deliver timely insights

With increasing demands and diminishing resources, how can internal audit teams keep up? Deloitte’s Agile Internal Audit methodology could be the answer. The articles below offer a closer look at the basics of an Agile approach, how internal audit functions can adopt this methodology and strategies for Internal Audit to advise on the risks of business agility.

Explore content

Applying Agile methodologies to internal audit processes

Since their origin in software development, Agile processes have been successfully employed in countless initiatives and within a wide variety of business settings.

Building on the original Agile approach, Deloitte’s Agile Internal Audit (Agile IA) methodology challenges both the mindset of internal auditors and their established business processes. It allows the internal audit function to focus on stakeholder needs, accelerate audit cycles, drive timely insights, reduce wasted effort, and generate less documentation.

Of course, Agile methods have only recently been implemented by internal audit departments, prompting questions about whether it is possible to adopt Agile in Internal Audit while remaining true to the IIA Standards. Additional questions about which methodologies to adopt, as well as how to customize and implement them and how Agile projects themselves should be addressed, also invariably arise.

Our Agile IA library gives you the opportunity to explore the basics of Agile IA; their compatibility with IIA Standards; and how to best adopt them to drive efficiency, efficacy, and innovation in your organization and beyond.
 

Originally a software development methodology, Agile aims to reduce costs and time to delivery while improving quality. Key characteristics of Agile include delivering tested products in short iterations and involving internal customers during each iteration to refine requirements.

Read our insights on agile

Close
Agile SOX
Planning and adapting for tomorrow
Uncertain changes are not random; they are merely ignored or poorly planned. Learn how to adapt and be open to frequent reassessment quickly.

Enhancing value through a unique point of view
Since 2002, Sarbanes-Oxley (SOX) testing has been the bane of auditors’ existence. Even though it’s an annual assessment and the timeline and scope rarely change, it seems to catch us off guard like a runaway train, challenging us time and time again.

A shift to the Agile mindset can help SOX departments operate in a way that adds stakeholder value. Collaboration driven by Agile creates an environment where teams remain aligned and coordinated, whether working together in person or remotely around the globe.

Download the PDF
MAKE THE AGILE SOX SHIFT
Close
Auditing DevSecOps projects
Putting DevSecOps to the test
A successful DevSecOps strategy requires more than tools. Learn more about the rise of DevSecOps projects and what it means for Internal Audit.

Integrate security into DevOps
The primary objective of continuous delivery with DevSecOps is to make software deployments painless, low-risk events that can be performed incrementally, at any time, and on demand. It dissolves the barriers between development and operations to generate value quickly with quality and stability.

Automation can offer many benefits, such as continuous monitoring and workflow management. Teams often rely on these tools to enable developers to identify and address security vulnerabilities that previously wouldn’t have been detected until after the product had been moved into production.

Bringing development and operations together into a cohesive approach opens the door for software development teams to attain a new level of efficiency and effectiveness. If Internal Audit can bring this point of view and mindset to DevSecOps-related audits and consultations with technical teams, compliance and DevSecOps efficiencies can amplify value creation.

Download the PDF
TACKLE YOUR DEVSECOPS
Close
Agile Internal Audit and COVID-19
How business agility enabled adaptable Internal Audit
COVID-19 has created a unique phase in Deloitte’s Agile IA journey. In this POV, we examine the challenges, opportunities, and ways they’re being met.

Ready to respond
The disruption of 2020 caused organizations to completely rethink how to conduct business and be effective. COVID-19 gave us the use case to test how we would deal with unique environments and still be effective.

While each organization has had its own stories of perseverance, the Agile IA transformation journey of one medium-sized power utility, going on since 2018, enabled its internal audit organization to respond, recover, and thrive.

Through a journey of more than two years—sensing, responding, and adapting to what works—this organization had started to reach a higher level of Agile organizational maturity. These advanced Agile IA transformation initiatives helped set up this organization for success in dealing with massive disruption during COVID-19.

Download the PDF
PIVOT NOW
Close
Adopting Agile
In harmony with IIA Standards
Can your internal audit department embrace Agile and still comply with IIA Standards? Learn how the Standards complement and support Agile adoption.

Aligning the IA to organizational strategy
Successfully adopting Agile within IA isn’t easy. It takes skill and concentrated effort, and the Standards aren’t an obstacle. They complement and support the adoption of Agile IA practices. In fact, Agile works quite well within the Standards, and, in certain areas, it embodies and optimizes the principles-focused intent of the Standards.

Each IA function must determine the appropriate way to follow the IIA Standards. But we have yet to note any instances where Agile has created conflict with the Standards. On the contrary, we have observed many cases where traditional norms and processes become more efficient by applying Agile techniques. We believe Agile can help equip an IA function to strengthen its compliance with the Standards.

Download the PDF
COMPLY WITH STANDARDS
Close
Auditing Agile projects
Say no to conventional audit
While Agile projects present the same risks as any other, auditing them requires a different approach. Explore ways to help your teams add value.

The comfort of Agile
For many companies, Agile methodologies are beginning to gain ascendancy over traditional Waterfall development. The development process differs between the two approaches, including the frequency of delivery and the team structure.

When auditing, the intent is to add value, not hinder the pace of a project. For Agile projects, there are numerous opportunities to achieve these goals, so it makes sense to bring the IA team on board at the beginning of the project.

Flexibility and adaptability need to imbue the approach. Specific sprints, areas of functionality, or aspects of the project may require more attention; this way, IA teams can adjust the audit plan as different priorities emerge.

Download the PDF
Amp on Agile
Close
Understanding Agile Internal Audit
A guide to elevating Internal Audit’s performance
Part 1 of our guide to elevating IA performance through Agile focuses on how groups apply Agile principles and the benefits of doing so.

The journey to agility
Internal audit groups are continually challenged to provide more value to stakeholders while enhancing organizational influence and impact. The need to change is clear, and the time for change is now, but how should you navigate the road ahead?

Stakeholders demand more efficient assurance, better advice on processes and controls, and greater anticipation of risks. In reports, they want deeper insights and stronger points of view.

Instead of sporadic initiatives and piecemeal solutions, IA departments need an updated change methodology—Agile Internal Audit—which, in Deloitte’s view, is most readily applicable to internal auditors’ current challenges.

Download the PDF
EMPLOY AGILE
Close
Putting Agile Internal Audit into action
A guide to elevating Internal Audit’s performance
In part 2 of our guide to elevating IA performance through Agile, we focus on adopting Agile IA and sharing insights from others on the same journey.

When adopting Agile, Internal Audit should shift
The concepts of Agile IA are simple, but they have shown to be more challenging to implement than one would think and require deliberate change management.

The mindset change is not easy, but the potential benefits are worth it, from reduced time from start to finish, more insightful observations and recommendations, collaboration with stakeholders, and an effectively engaged internal audit team.

Decentralization of decision-making is key to Agile IA and can be a difficult switch to make. The team must be self-organizing and empowered to make decisions about what to do.

Download the PDF
BECOME AGILE

 

Considering adopting an Agile mindset? We should talk.

Beginning with their origins in software development, Agile methods have been effective in countless initiatives in various business settings. Building on the original Agile approach, Agile Internal Audit uses methods that change both the mindset of internal auditors and their business processes.

As discussed above, Agile is a change methodology for the internal audit group and its stakeholders. This is crucial, because internal auditors’ work relates to every business and function that affects the organization’s performance and value—and unilateral efforts to change such a function generally fail.

Consider the risks. Consider the benefits. Consider connecting with us.

Back to top

question mark

Explore content

Did you find this useful?
Shaping the Internal Audit Function of the Future

From Vision to Value, We’re Transforming Trust with Technology.

The innovation imperative: Forging internal audit's path to greater impact and influence

2018 global chief audit executive survey report