For a long time, Accenture carried out its internal audit responsibilities in the same way as most other organizations: We followed a traditional annual risk assessment process, identified top risks, developed an annual audit plan in alignment with these risks, and then assessed Accenture’s management of those risks throughout the year.
We now live in a more dynamic world and risks change more often than once a year. What is a risk in May might be irrelevant by October. This environment made the traditional approach out of sync with what Accenture needs.
While our internal audit function is always evolving and improving the way our team does our work, we knew we could take advantage of Accenture’s digital transformation to enhance our processes.
Transforming internal audit
And change we did. Over the past few years, our internal audit team saw the wave of digital transformation as an opportunity for us to reengineer the function. We developed new processes leveraging new technologies to help us achieve our goal of conducting a more dynamic risk assessment process. As conditions change within and outside Accenture, we wanted to be agile and able to focus on the right areas of risk in a more timely manner.
Together with interviews and discussions we conduct with Accenture leadership and industry experts, we’ve implemented various technologies to help us become more agile:
Dashboards with digitized risk models – These models are updated in near real time, allowing our team to identify potential areas of risk within Accenture and focus our audits on the appropriate areas. This information allows us to be more agile with our audit plan during the year. Before, we would deliver nearly 100 percent of the audit plan we prepared at the beginning of the year. Now, we may only do 60 percent of the plan we originally committed to because of the evolution of the risk environment that occurs throughout the year.
Analytics – We have developed assets that allow us to use leading tools to prepare, transform and analyze data in ways we couldn’t before. For example, several interactive business intelligence models allow us to perform analyses both on full populations of data as well as at the transaction level, driving more risk-based audit selections. We’re also exploring the development of predictive analytics to help predict areas of risk before they happen and integrating those analytics into the audit cycle.
Robotic process automation (RPA) – RPA is an area we’re excited about. It holds the potential to automate repetitive testing and operational activities. We developed a proof of concept to automate the testing of Sarbanes-Oxley information technology general controls (ITGCs). The bots reduced testing time by more than 80 percent. The accuracy of test results also improved and were provided in near real time. We’re now expanding our capabilities in this area to more efficiently execute many of our manually intensive internal processes, like compiling reports and following up on audit issues with automated emails.
Natural language processing (NLP) – Another interesting area of technology. We’re exploring how NLP and metadata tagging can be applied to discussion notes entered in our Dynamics CRM system (that we’ve repurposed to digitize our process for compiling the notes obtained through hundreds of interviews) to highlight risk statements or trends in real time. The idea draws on an NLP word embedding capability Accenture Legal is using to search for specific clauses potentially posing higher-than-desired risk to Accenture across a huge number of contracts.
<<< Start >>>
We work in a data-driven way, generating new insights through advanced technologies and identifying risk across Accenture with new approaches.
<<< End >>>
Transforming the way we work
The outcomes? Today, the technology innovations we’ve put in place and process changes we’ve made are transforming the way we work. We work in a data-driven way, generating new insights through advanced technologies and identifying risk across Accenture with new approaches.
Everything we have developed, and continue to develop, let our internal audit function work more effectively than in the past—without significantly increasing our team size. As we had envisioned, the way we manage the audit plan at Accenture is now a dynamic process.
To learn more about our transformation journey, read about innovating internal audit and creating insight-driven auditing.