Because of intelligent automation, a lot of key opportunities for internal audit arise. For example, internal audit can help with the integration of governance, risk, and controls throughout the automation life cycle and with the identification of opportunities to embed automation-enabled control activities. But together with new opportunities for lower costs and greater efficiencies, new risks emerge.
As the first article in the series on Intelligent Automation and Internal Audit “Considerations for assessing and leveraging internal audit” described, intelligent automation can do more than automate simple or repetitive procedures. By using big data, predictive analysis, artificial intelligence etc., advanced automation can perform knowledge work too.
But just as this astounding power can change how an organization does business, it also creates new challenges for the control environment. Organizations that will deploy intelligent automation have to consider the questions concerning governance and risk. As a result, an oversight such as unified KPIs and KRIs, risk mitigation and risk acceptance models helps form the framework for developing and managing automated computer programs. But the more complex the tasks the bots have to carry out, the more critical it is that controls are considered and consistently applied throughout the automation program life cycle.
Internal audit can take a two-pronged approach by providing both consulting and assurance services to companies related to projects about intelligent automation. Depending on how far along your company is with the intelligent automation program, internal audit can focus on consulting for companies in a start-up phase or it can expand its focus to include assurance activities to audit the overall program and effectiveness of the related controls and processes for companies that are further along their automation journey. Proactively supporting the organization’s governance, risk management, and control activities helps inform and enable that journey with internal audit’s unique insights.
In conclusion, intelligent automation requires new considerations for governance and controls to manage risk. Internal audit should work with the organization to: