World class internal audit
Value propositions internal audit
CAE, CFO/CEO, Supervisory Board & Audit committee
Your questions & needs
- How to lower the high costs of internal audit?
- How do you improve value to your management and supervisory board?
- Where do you get audit staff or you need an ad-interim CAE?
- How do you get true experts on specific area, such as IT, ESG, analytics?
- How do you improve the job-satisfaction of your staff and increase retention?
- You are expecting increasing pressure on internal audit and need flexibility in skilled and experience people.
- (External) stakeholders require an independent internal audit function.
- How do you work together with risk management, internal control and compliance?
- The control environment is complex and you need a vision and an action plan to align all governance bodies (business control, risk management, compliance and internal audit).
- You require a (pre-)assessment on the quality or certification.
- How do you transform to data-analytics, IT-audit or ESG-audits?
- How are facing fraud issues?
- How do you automate your audit processes and reporting.
- You need to drive and manage control improvement, including awareness improvement, training, and project management.
Technology, specialist consulting & managed services
Our propositions
Our consulting services focus on strategy, governance, structure, processes, people, and technology to help you optimize your internal audit function.
Vision, strategy & governance. We offer strategic consulting through workshops or coaching to define your vision, added value, planning, and maturity plateaus, resulting in a concrete improvement program. We also provide consulting to define effective integrated governance, including lines of defense, stakeholders, and communication.
Processes. You can co-source or fully outsource your internal audit processes and function, and we can pre-assess and certify it. We provide hands-on consulting to set up your audit charter, methodology, and audit handbooks, build your (multi-year) audit plan, define your risk universe, track issues, use data analytics, and create audit test plans.
For integrated audit and risk departments, we offer risk assessments, controls documentation, controls treatment and testing, policies and procedures based on your vision, charter, strategy, and plan. We also provide repetitive internal audit support work as a managed service, with flexible Dutch and English-speaking audit staff at your location, our service centers, or in a hybrid model.
People & change. We offer high-quality audit specialists with expertise in areas such as ESG, data analysis, integrity, specific finance areas, fraud, integrity and culture, (J)SOx, and more. We also provide training and awareness programs for soft controls and integrity controls, as well as ad-interim audit directors and audit specialists. We support you throughout your whole change program.
Our technology services include help selecting technology to improve audit quality and lower costs, audit IT environments, SOx IT-controls, security, (SAP) authorizations, data privacy, and implementation of audit management software in an agile, timely, and fixed-price manner.
Our solutions for the internal audit function
Strategic internal audit adding value
We support CAE’s to formulate their future vision and strategy and ways to added value. We use maturity modelling, horizon planning and plateau-thinking to support our clients all the way from initial workshops with board and committees, full project management and support, certification, towards building capabilities to be able to continuous improve themselves.
Please have a look at what best in class would look like addressing the top 20 trends and how we can support.
Audit management technology
Our best practice audit management software (AMS) helps you to automate your audit process from risk assessment, audit execution, reporting and issue tracking with state-of-the art analytics, communication & collaboration, and GRC integration (API). The risk and controls functionalities help you to assess and document controls effectiveness. Our services include selection, implementation, optimisation, integration, and all managed services.
Read more for our technology solutions.
Internal audit specialist consulting
Our internal audits specialists help to assess internal audit functions, improve towards best practice, and embed the new way-of-working. Besides this, we provide:
- Hands-on advisory building charter, audit plan, methodology, risk assessment, handbook.
- Content and frameworks.
- Training and awareness.
- Audit function pre-assessments and certification.
- Reporting and dashboarding.
- Quality assurance over your projects.
Internal audit managed services
For organisations without the right capabilities, or who want (fast) to outsource their (and improve) their internal audit function.
- Out of Suriname. Both internal audit repetitive compliance (high quality and pre-accumulated audit files) and high skilled auditors.
- Out of South Africa. Technology driven audits on (SAP) authorisations, security, IAM auditing out of South Africa.
Read more about our different models and your benefits.
Flexible pool of internal auditors
We provide (flexible) high skilled experienced audit staff:
- Ad-interim Chief Audit Executive.
- To support you in performing your audits. Capability areas include IT-security, IT-controls, integrity controls, culture, specific regulations, such as SOx, ESG, HSE, and fraud.
- Audit specialists to perform quality assurance over your programs and projects.
- Multiple options, including collaboration between clients.
Your value
Happy staff
- We focus on your repetitive work,
- Provide staff availability and flexibility (up- and downgrading).
- Resulting in increased job satisfaction for your staff.
- High staff retention.
- Focused knowledge transfer.
Increase effectiveness
- Technology forces effective and efficient process execution.
- Experience experts for strategic and operational (hands-on) advise.
- Effectiveness, efficiency and quality improvement is included in our managed services.
Reliability & trust
- We meet your objectives and requirements.
- Our repository of automated controls and application security provides reliability.
- Reliability and continuous insight for all stakeholders creates transparency and trust.
Cost efficient savings
- Efficient process execution with technology and well-educated staff.
- One-time-right quality consulting (less hours, higher value) at competitive prices.
- Managed services reduce 30% costs (compared to European standards).
High Quality
- With our technology resulting in high quality process execution.
- Best in class consulting including content (frameworks).
- Embedding new way-of-working (make it stick).
- High quality managed services seamlessly integrated in your process.
Added value
- We make you best-in-class for you to add value.
- Full project support.
- Building your capabilities to continuously improvement.
- Quality assurance over the transition is included in our managed services.
reach new heights with our world class audit management software
real-time and agile auditing providing combined assurance add immediate value to management
‘in-app’ communication and collaboration with all your stakeholders inside and outside your organisation (your supervisory board, auditees, and society in general).
full dashboard connectivity providing clear and concise insights
facilitate full transparency helping you to build trust towards regulatory bodies (voluntarily oversight), partners and society
Client experiences internal audit
Strategic internal audit added value
Realising your vision towards world class
We support CAE’s to formulate a future vision on internal audit and how to realise more added value. Together with management and committees, we work this out in a practical approach using technology, specialist consulting and our managed service capabilities. We can help organisation executing the plans until all objectives have been reached. We use proven methodologies, maturity modelling and plateau-thinking. Please find below our thoughts related to the following key elements for internal audit to focus on:
1. Increased use of technology and digital transformation in audits to enhance efficiency and effectiveness, automate processes, and reduce errors.
2. Adoption of data analytics and risk assessment tools to gain insights into complex data sets and identify potential risks more efficiently.
3. Growing focus on performance auditing over compliance auditing to improve organisational performance and identifying opportunities for growth. Please have a look at our process mining capabilities.
4. Increased emphasis on soft skills, to effectively communicate audit findings to stakeholders and work collaboratively with colleagues.
5. Greater use of integrated audits that consider both financial and non-financial risks, such as reputational risk, environmental risk, and social responsibility.
6. Increased focus on risk management and internal control frameworks.
7. Adoption of agile methodologies, such a iterative and incremental audit approaches, used to increase efficiency and adaptability in internal audits.
8. Greater collaboration with other assurance providers, such as external auditors and regulators to ensure that audits are comprehensive and effective.
9. Adoption of remote auditing capabilities and practices, such as virtual audits and remote data collection, are being used to reduce travel costs and improve audit efficiency.
10. Increased use of automation and artificial intelligence in audits to improve audit quality and efficiency, and to reduce errors.
11. Adoption of ESG (environmental, social, and governance) auditing.
12. Increased emphasis on ethics and corporate culture in audits, as well as the impact of these factors on organizational performance.
13. Greater involvement of internal auditors in strategic decision-making processes of senior management and the board of directors.
14. Enhanced reporting and communication of audit findings to stakeholders. Improving the quality and transparency to ensure that stakeholders have access to accurate and timely information.
15. Greater focus on cybersecurity and data privacy risks.
16. Use of continuous auditing techniques to provide real-time assurance on business processes and risks.
17. Increased emphasis on audit quality and professional standards to improve the credibility of audit findings.
18. Adoption of predictive analytics to identify emerging risks and issues before they become major problems.
19. Adoption of blockchain technology to enhance audit trail transparency and efficiency, particularly for financial transactions.
Maturity Modelling
Our maturity models support internal audit functions to realise best practices (internally focused) in combination with positioning internal auditing effectively within the right governance structure with a focus to add value to board and committees together with a more external function, providing trust towards all stakeholders and society. Our maturity model includes the following stages (if you have questions, please don’t hesitate to contact us):
- Best practice governance, from risk management, control treatment (helping to become in controle).
- Best practice certified Internal Audit.
- Compliance driven (providing assurance on control via third party audits and voluntarily oversight).
- Internal audit providing trust towards all stakeholders, including partners and society (integrated governance).
Improvement in phases
We use horizon planning and plateau-thinking to define and realise the desired ambition in a structured way through phases and plateaus of maturity, where we take into consideration 5 elements of improvement; “vision & strategy, structure & governance, policies & procedures, people & culture, and technology. In each plateau all elements need to work together, embedding new ways-of-working, before you can go to the next plateau. We support you all they way during your improvement building your capabilities to be able to continuously improve yourself. Our focus lies on enabling you towards (if you have questions, please don’t hesitate to contact us):
- Real-time auditing (when issues occur).
- Corporate governance (effective lines of defenses).
- Value add dashboarding to all stakeholders.
- Integrated governance (alignment with partners and accountibility towards society).
- Build the right capabilities (including IT, security and data-analysis).
- Resource upskilling, availability and flexibility (remote and on-premise).
- Addressing soft controls, effective communication/elaboration and integrity.
- Build a culture of continuous improvement.
Internal audit (management) technology
21 reasons why
1. Improved Efficiency. Automate repetitive tasks, enabling auditors to focus on more strategic topics.
2. Standardised processes and procedures can help ensure that audits are conducted consistently across the organization.
3. Better Compliance: AMS provides a framework for documenting and tracking compliance activities, helping organizations meet regulatory requirements and industry standards.
4. Enhanced Collaboration: A centralized platform for sharing information and communicating issues can facilitate collaboration between auditors, stakeholders, and management.
5. Robust Reporting: AMS provides comprehensive reporting capabilities, enabling organisations to analyze audit data, identify trends, and generate reports for management and stakeholders.
6. Stronger Risk Management: By identifying and assessing risks, AMS helps organizations proactively manage potential risks.
7. Improved Communication: Automated reminders and notifications help ensure that auditors and stakeholders are kept informed of audit progress and findings.
8. Better Resource Management, optimizing the use of time, personnel, and budget.
9. Improved Audit Quality: By facilitating the adoption of best practices and improving documentation and reporting, AMS helps improve the overall quality of audits.
10. Enhanced Decision-making: By providing access to real-time data and reports, AMS helps to make better-informed decisions based on accurate and up-to-date information.
11. Increased transparency for stakeholders into the audit process and findings, helping to build trust and credibility.
12. Better Record Keeping to maintain accurate and up-to-date audit records, facilitating compliance and mitigating risk.
13. Simplified Audit Planning. AMS automates the audit planning process, making it easier to create and manage audit plans.
14. Streamlined Audit Fieldwork, enabling auditors to collect and analyse data more efficiently.
15. Improved Root Cause Analysis to identify the underlying causes of issues and implement effective corrective actions.
16. Enhanced Audit Analytics, enabling auditors to identify patterns and trends in audit data.
17. Better Data Security, helping to protect sensitive audit data from unauthorized access.
18. Customizable Dashboards, enabling auditors to view and analyse audit data in a way that is tailored to their specific needs.
19. Scalability to meet the needs of organizations of all sizes, from small businesses to large enterprises.
20. ROI: AMS provides a significant return on investment by improving efficiency, enhancing quality, reducing risk, and increasing stakeholder confidence.
21. Attract & retain audit staff. Talented people understand the importance of technology for their current and future added value and will choose for more sophisticated audit functions.
TeamMate
Why have we selected TeamMate?
We offer you the world’s newest and most advanced audit management solution WoltersKluwer’s TeamMate to professionalize your internal audit function to world class.
We have selected the TeamMate solution for 36 reasons which we have written out on our partner solutions page. TeamMate’s market share is almost as large as all competitors combined and for good reason. Especially large international organizations choose TeamMate, but also smaller companies that aspire to an independent internal audit function.
In addition to the solution, with WoltersKluwer our clients have a well-established and reliable supplier of software. WoltersKluwer TeamMate is the global leader in audit and assurance expert solutions with over 25 years dedicated to advancing corporate, commercial, and public sector audit. TeamMate aligns with audit standards and industry best practices. They have been refined over the course of the last three decades, working with audit professionals across industries and around the globe. TeamMate’s purpose-built audit solutions and services offer the depth of functionality that has helped over 120,000 auditors efficiently manage their audit workflow.
With TeamMate and the investments WoltersKluwer makes every year to enhance its functionalities, our clients can fulfill all their current and future needs to continuously add value to their stakeholders.
TeamMate functionalities
TeamMate supports all internal audit processes, has an intuitive user interface, state-of-the-art workflow and document management, available in the cloud and on-promise and offers our clients great functionality to integrate with all lines-of-defense through application APIs and an in-app collaboration platform. TeamMate provides data-analytical capabilities and good visualisation and reporting functionalities that make audits efficient and effective.
BR1GHT is TeamMate’s implementation partner
BR1GHT helps its clients to select and implement any internal audit management system.
As TeamMate’s implementation partner, we help our clients from the start of the implementation to go-live for a fixed price and guaranteed within time. Even after the implementation, we remain involved with your department through periodic evaluations and optimisations. Our implementation methodology is agile and we can go as deep as necessary to realize your desired functionalities. We can automate your current processes (as is) or work with you to leverage the in-depth TeamMate features to completely improve your auditing way of working (to be).
BR1GHT and WoltersKluwer
TeamMate was originally built by PwC and then sold to WoltersKluwer in 2007. Since BR1GHT is a PwC start-up, we have been implementing TeamMate as PwC for over 12 years. After BR1GHT was founded in 2019, we have completely focused on TeamMate and have done more than 50 implementations in 14 countries. Now all our internal audit specialists know TeamMate inside out.
In addition to implementing TeamMate, we can provide you with a managed service model, keeping your application up-to-date so that you can always take advantage of the functionalities that TeamMate offers to realize your best-in-class internal audit function.
We also implement other solutions of WolterKluwer in the internal controls space, such as Enablon, Tagetik and OneSumX FFR. We can seamlessly integrate TeamMate with your other applications within your internal control environment (watch the enclosed video).
‘High value’ internal audit specialist consulting
Assess and position
- Strategic internal audit. Board room consulting and assessments, including management of the function, audit capabilities, the level of added value, vision, strategy, level of continuous improvement.
- Tactical capabilities, including governance (positioning, alignment with other lines-of-defense, and reporting lines) and abilities to change and improve.
- Internal audit maturity (scans).
- We provide assessments and in-depth capabilities related to all specialist areas, such as IT-security, IT-controls & SAP-authorisations, Sarbanes-Oxley controls, ESG, and fraud.
- Audit staff quality and requirement assessments. Control and audit training (including awareness).
- Audit technology assessments (audit management system).
- IT-skills assessment (understanding of the impact of IT and the usage of IT in internal audit (such as data-analytics, process mining, RPA, tooling to assess (SAP) authorisations, etc).
- Your operational internal audit function. Assessments, including the audit charter, audit methodology, audit plans, audit handbook reviews, general way-of-working.
- Pre-assessments and certification of the internal audit functions.
- Current quality assurance over your programs and projects.
- Risk assessment methodology (universe definition).
- (Banking) compliance (part of the 2.5 line of defense).
Improve
- Ad-interim CAE services.
- Quality assurance reviews to work with your auditors and review the audit scoping and effectiveness of the audits and reporting.
- Training programs to improve your auditors capabilities related to security, IT controls, SOx, ESG, fraude and all other specialist areas.
- Awareness programs to improve controls and audit capabilities in te first and second lines to increase the (perceived) independent assurance of internal audit.
- Strategic improvement programs using our vision towards the internal auditor of the future to add value with real-time auditing and providing trust to boards, stakeholders, and society.
- Operational improvement, hands-on consulting to improve al operational elements of internal auditing (see at assess).
- Content provisioning, such as templates, frameworks, audit procedures test plans, etc.
- Dashboard (real-time reporting) and reports development and improvement.
- Perform internal audits, including risk management.
- Implementation of audit management software; agile, in-time, and at a fixed price.
- IT-upskilling (knowledge of the impact of IT and how better to use IT in audits (eq data-analytics, process mining, RPA, SAP-tools).
Embed
- We make all improvements to best practice stick, by guiding your staff through all changes and periodically monitor the execution of your new way-of-working, newly learned (IT-)skills or implemented new software solutions (such as your audit management system, process mining, (SAP) authorisation monitoring of data-analytics.
- We support in all aspects of your internal audit change program and throughout the whole improvement process with our maturity models, plateau-thinking and horizon planning.
- All our managed service come including structured improvement activities.
Internal audit managed services
For those clients who don’t have the right capabilities, not enough staff members, want to make fast quality improvement steps or just have the strategy to outsource, we provide managed internal audit services out of:
- Suriname. Both ‘high value’ consulting, audit experts, plus repetitive audit support activities (ISQM). Our services include internal audit improvement, maturity modelling, specialist area auditors (ESG, integrity, operational, and financial), pre-accumulating audit files, transaction & reporting oriented work, project management office activities, and so on.
- South Africa (and global). IT- and security auditing, including (SAP) authorisations, application security, automated controls testing and identify & access management. We also support with specific data-analytics or process mining programs. We furthermore, support in maintaining you Audit Management software. All our teams are skilled in the latest technology.
- We provide both co-sourcing and full outsourcing. The biggest difference is that with co-sourcing our teams work fully under our client’s management supervision, in their IT-environment, and in their risk & quality management systems. With full-outsourcing, all risk & quality requirements are clear and written down in a service level agreement and we agreed that we can fully comply with them.
- Teams in Suriname and South Africa always work together with local BR1GHT people at your location. These local ‘linking pins’ make sure that we always understand your needs and if issues pop-up, we can immediately solve them. They are responsible for the seamless integration of our and our client’s staff.
- We have our proven methodology for onboarding to guarantee a controlled transition called ‘the 12-successfactors of change management’.
Flexible pool of internal auditors
BR1GHT flexible pool
- Our flexible pool of (internal) auditors consists of a (global) group of experienced audit professionals who are available to work on a project basis, either as part of an internal audit department or as external consultants.
- Our auditors can be contracted for short or long-term engagements, depending on the organization’s needs.
- We provide experts to a) your internal audit pool, B) fully outsource specific audit areas, C) have a joined hybrid model working together on audits or d) facilitate collaborative pools. In a collaborate pool, we bring organisations together to create a shared pool of auditors who are available to work on projects for all participating organisations. This can be a solution for specific industries where organisations work together without competition (eg grid companies, water supplying companies, lower municipals, multiple-oversight bodies, and so on).
Advantages of a flexible pool of auditors
- Availability of audit staff.
- Scalability: Quickly scale up or down audit teams based on their workload and business needs. Avoid the costs of maintaining a large internal audit department when demand is low.
- Increased efficiency: Providing additional resources and expertise when needed.
- Reduced workload of internal staff, allowing them to focus on other critical tasks and priorities.
- Specialization: Provide access to highly specialized skills and expertise that might not be available in-house.
- Cost savings against hiring full-time staff. Avoid the costs of benefits, training, and other overhead expenses associated with maintaining a large internal audit department.
- Objective and independent perspective on an organization’s operations and controls, which can be valuable for improving performance and identifying areas for improvement.
- Fresh perspective to an organization’s operations and controls. This can help to identify blind spots or inefficiencies that may be overlooked by internal staff.
- Reduced risk of fraud, errors, and non-compliance by providing independent and objective assessments of an organization’s internal controls.
- Knowledge transfer: External auditors can share their knowledge and best practices with internal staff, helping to build their skills and expertise over time.
Internal audit news
It is time for a new IA sourcing strategy
An important challenge for internal audit functions of limited size is to be effective. Due to their limited size, these internal audit functions often do not have the necessary knowledge and competencies for the planned assurance and advisory assignments. Another...
Effective Internal Audit (IA) Stakeholder Management
Last week, our partner Wolters Kluwer hosted a webinar on a crucial topic: effective stakeholder management for internal auditors. Jonathan Chapman, the speaker, shared his experience in managing complex stakeholder relationships and provided participants with...
UWV’s three disciplines succesfully and fully implemented in TeamMate+ by BR1GHT
BR1GHT partnered with UWV, a Dutch government agency, to implement TeamMate+ that integrated three disciplines: Internal, IT, and Financial audits. UWV aimed to enhance collaboration, standardize templates, and reduce redundant tasks. BR1GHT, leveraging Wolters...
BR1GHT – TeamMate User Experience Day 2024
Join us at the BR1GHT – TeamMate User Experience Day 2024 – an exclusive event bringing together auditors from innovative audit departments across industries.Connect with your peers, thought leaders, share best practices, and explore the latest trends in audit...
Downloads
Vision paper
The digital transformation is reshaping organisations with an increasing pace. Digital solutions using RPA, IoT and mobile are being implemented in the business to save costs, improve business processes or to build client intimacy. But what are the risks of these new digital solutions, how do you control them and what does digital mean for your control environment? In a series of publications, we will dive deeper into these questions and take you with us in our Digital Control journey Towards Continuous Monitoring.
In this publication you will read all about:
- What are the risks of new digital solutions, such as RPA, ML, IA,
- The need to continuous monitoring,
- Wat is continuous monitoring,
- How 2’nd and 3’rd Lines of Defence can use continuous monitoring,
- How to use continuous monitoring to provide assurance,
- Upskilling risk and internal audit specialists.
If you would like to know more about continuous monitoring, please contact us. We can provide you with concrete examples of implementations.
BR1GHT publication Vision on Digital Control Towards Continuous Monitoring
[contact-form-7 id=”237587″ title=”Contact form 1″]