Data analytics has been part of audit and compliance for decades, and while not always used to its fullest, it has certainly become a recognized and standard practice in the industry. Historically, the use of data analytics for audit and compliance has been focused on exception-based analytics (mine through this mass of data to identify exceptions that don’t comply with the purchasing authorization policy, for example). While this type of analysis is great, and can contribute to that “needle in the haystack” audit finding, it’s all focused on things that have happened in the past.

Over the last several years, I’ve started to see more and more audit and compliance functions also begin to apply data analytics to risk assessment processes. This is particularly becoming more common in large, decentralized organizations where there are a lot of auditable entities (e.g., brick-and-mortar store locations, service offices, branches). The concept being if audit/compliance is able to identify changes to key risk indicators closer to real-time, then resource allocation can be aligned with those changing risks (and not simply based on a periodic, static, risk assessment). While not many organizations are doing it yet, I’m hearing extremely positive feedback from those that do.

My questions to you:
Are you doing any form of automated data analytics to feed your risk assessment process today? Is it on your agenda for this year? Have you started moving to any of the predictive concepts discussed in the CFO article?

Steve Biskie, Managing Director, High Water Advisors
Steve Biskie is one of the most sought-after speakers, trainers and consultants in the governance, audit, and internal controls arena, particularly for organizations running complex software application systems. Throughout his career of more than 20 years, he has excelled at helping others in the audit and GRC space better understand the risks and opportunities embedded within complex application systems, and develop high-efficiency processes and technology to optimize management monitoring and risk identification processes. He is a Certified Information Systems Auditor (CISA), Certified Information Technology Professional (CITP), Chartered Global Management Accountant (CGMA), and a non-practicing Certified Public Accountant (CPA).

www.highwateradvisors.com/blog

Lisez gratuitement chaque jour (5j/7) le quotidien Finyear.
Recevez chaque matin par mail la newsletter Finyear, une sélection quotidienne des meilleures infos et expertises de la finance d’entreprise.
Lien direct pour vous abonner : www.finyear.com/newsletter

Lisez gratuitement chaque mois :
- le magazine digital Finyear sur www.finyear.com/magazine
- la lettre digitale "Le Directeur Financier" sur www.finyear.com/ledirecteurfinancier
- la lettre digitale "Le Trésorier" sur www.finyear.com/letresorier
- la lettre digitale "Le Credit Manager" sur www.finyear.com/lecreditmanager
- la lettre digitale "Le Capital Investisseur" sur www.finyear.com/lecapitalinvestisseur