Agile Audit

An agile Audit is simply auditing the things that matter at the current moment. It’s an iterative approach, going through the entire audit lifecycle and compressing it down to the essentials. “We’re saying, so here’s everything that I could audit, See more +

Agile Audit

An agile Audit is simply auditing the things that matter at the current moment. It’s an iterative approach, going through the entire audit lifecycle and compressing it down to the essentials. “We’re saying, so here’s everything that I could audit, but here’s what’s most important to the organization today,” Toby tells me. “It’s this continual cycle… giving you the answers to what’s the most burning question you have related to risk and control in your organization today.”

Focus on The Highest Risk

If an audit plan isn’t focused on relevant issues, or the highest risk, no one is going to care how well the auditing plan was executed. Focusing on low-risk issues wastes everyone’s time. “We should be focusing on the things that are the highest risk and only those things,” Toby says. If internal auditors aren’t focused on management support, strategic objectives, and challenges, then they aren’t doing their jobs.

Communicating Vs Reporting

I ask Toby to differentiate between communicating and reporting results as an internal auditor. Giving reports is not communication, he responds; it’s just regurgitating facts. “A much more effective way of getting the information across is to make it more digestible,” Toby remarks, because it’s much more impactful, and people can more easily grasp what you’re trying to say.

Looking Ahead

Companies in the future will have no choice but to use the concepts of risk assessment, continuous improvement, and continuous risk assessment. Auditing must be part of the company’s objectives. “Anything that we’re doing that’s not focused on what matters to management and the highest risk to them achieving their goals right now, then we’re completely missing the picture,” Toby stresses. See less -