Our solutions for the internal audit function
Strategic internal audit adding value
We support CAE’s to formulate their future vision and strategy and ways to added value. We use maturity modelling, horizon planning and plateau-thinking to support our clients all the way from initial workshops with board and committees, full project management and support, certification, towards building capabilities to be able to continuous improve themselves.
Please have a look at what best in class would look like addressing the top 20 trends and how we can support.
Audit management technology
Our best practice audit management software (AMS) helps you to automate your audit process from risk assessment, audit execution, reporting and issue tracking with state-of-the art analytics, communication & collaboration, and GRC integration (API). The risk and controls functionalities help you to assess and document controls effectiveness. Our services include selection, implementation, optimisation, integration, and all managed services.
Read more for our technology solutions.
Internal audit specialist consulting
Our internal audits specialists help to assess internal audit functions, improve towards best practice, and embed the new way-of-working. Besides this, we provide:
- Hands-on advisory building charter, audit plan, methodology, risk assessment, handbook.
- Content and frameworks.
- Training and awareness.
- Audit function pre-assessments and certification.
- Reporting and dashboarding.
- Quality assurance over your projects.
Internal audit managed services
For organisations without the right capabilities, or who want (fast) to outsource their (and improve) their internal audit function.
- Out of Suriname. Both internal audit repetitive compliance (high quality and pre-accumulated audit files) and high skilled auditors.
- Out of South Africa. Technology driven audits on (SAP) authorisations, security, IAM auditing out of South Africa.
Read more about our different models and your benefits.
Flexible pool of internal auditors
We provide (flexible) high skilled experienced audit staff:
- Ad-interim Chief Audit Executive.
- To support you in performing your audits. Capability areas include IT-security, IT-controls, integrity controls, culture, specific regulations, such as SOx, ESG, HSE, and fraud.
- Audit specialists to perform quality assurance over your programs and projects.
- Multiple options, including collaboration between clients.
- We focus on your repetitive work,
- Provide staff availability and flexibility (up- and downgrading).
- Resulting in increased job satisfaction for your staff.
- High staff retention.
- Focused knowledge transfer.
- Technology forces effective and efficient process execution.
- Experience experts for strategic and operational (hands-on) advise.
- Effectiveness, efficiency and quality improvement is included in our managed services.
Reliability & trust
- We meet your objectives and requirements.
- Our repository of automated controls and application security provides reliability.
- Reliability and continuous insight for all stakeholders creates transparency and trust.
Cost efficient savings
- Efficient process execution with technology and well-educated staff.
- One-time-right quality consulting (less hours, higher value) at competitive prices.
- Managed services reduce 30% costs (compared to European standards).
- With our technology resulting in high quality process execution.
- Best in class consulting including content (frameworks).
- Embedding new way-of-working (make it stick).
- High quality managed services seamlessly integrated in your process.
- We make you best-in-class for you to add value.
- Full project support.
- Building your capabilities to continuously improvement.
- Quality assurance over the transition is included in our managed services.
reach new heights with our world class audit management software
real-time and agile auditing providing combined assurance add immediate value to management
‘in-app’ communication and collaboration with all your stakeholders inside and outside your organisation (your supervisory board, auditees, and society in general).
full dashboard connectivity providing clear and concise insights
facilitate full transparency helping you to build trust towards regulatory bodies (voluntarily oversight), partners and society
Client experiences internal audit
Strategic internal audit added value
Realising your vision towards world class
We support CAE’s to formulate a future vision on internal audit and how to realise more added value. Together with management and committees, we work this out in a practical approach using technology, specialist consulting and our managed service capabilities. We can help organisation executing the plans until all objectives have been reached. We use proven methodologies, maturity modelling and plateau-thinking. Please find below our thoughts related to the following key elements for internal audit to focus on:
1. Increased use of technology and digital transformation in audits to enhance efficiency and effectiveness, automate processes, and reduce errors.
2. Adoption of data analytics and risk assessment tools to gain insights into complex data sets and identify potential risks more efficiently.
3. Growing focus on performance auditing over compliance auditing to improve organisational performance and identifying opportunities for growth. Please have a look at our process mining capabilities.
4. Increased emphasis on soft skills, to effectively communicate audit findings to stakeholders and work collaboratively with colleagues.
5. Greater use of integrated audits that consider both financial and non-financial risks, such as reputational risk, environmental risk, and social responsibility.
6. Increased focus on risk management and internal control frameworks.
7. Adoption of agile methodologies, such a iterative and incremental audit approaches, used to increase efficiency and adaptability in internal audits.
8. Greater collaboration with other assurance providers, such as external auditors and regulators to ensure that audits are comprehensive and effective.
9. Adoption of remote auditing capabilities and practices, such as virtual audits and remote data collection, are being used to reduce travel costs and improve audit efficiency.
10. Increased use of automation and artificial intelligence in audits to improve audit quality and efficiency, and to reduce errors.
11. Adoption of ESG (environmental, social, and governance) auditing.
12. Increased emphasis on ethics and corporate culture in audits, as well as the impact of these factors on organizational performance.
13. Greater involvement of internal auditors in strategic decision-making processes of senior management and the board of directors.
14. Enhanced reporting and communication of audit findings to stakeholders. Improving the quality and transparency to ensure that stakeholders have access to accurate and timely information.
15. Greater focus on cybersecurity and data privacy risks.
16. Use of continuous auditing techniques to provide real-time assurance on business processes and risks.
17. Increased emphasis on audit quality and professional standards to improve the credibility of audit findings.
18. Adoption of predictive analytics to identify emerging risks and issues before they become major problems.
19. Adoption of blockchain technology to enhance audit trail transparency and efficiency, particularly for financial transactions.
Our maturity models support internal audit functions to realise best practices (internally focused) in combination with positioning internal auditing effectively within the right governance structure with a focus to add value to board and committees together with a more external function, providing trust towards all stakeholders and society. Our maturity model includes the following stages (if you have questions, please don’t hesitate to contact us):
- Best practice governance, from risk management, control treatment (helping to become in controle).
- Best practice certified Internal Audit.
- Compliance driven (providing assurance on control via third party audits and voluntarily oversight).
- Internal audit providing trust towards all stakeholders, including partners and society (integrated governance).
Improvement in phases
We use horizon planning and plateau-thinking to define and realise the desired ambition in a structured way through phases and plateaus of maturity, where we take into consideration 5 elements of improvement; “vision & strategy, structure & governance, policies & procedures, people & culture, and technology. In each plateau all elements need to work together, embedding new ways-of-working, before you can go to the next plateau. We support you all they way during your improvement building your capabilities to be able to continuously improve yourself. Our focus lies on enabling you towards (if you have questions, please don’t hesitate to contact us):
- Real-time auditing (when issues occur).
- Corporate governance (effective lines of defenses).
- Value add dashboarding to all stakeholders.
- Integrated governance (alignment with partners and accountibility towards society).
- Build the right capabilities (including IT, security and data-analysis).
- Resource upskilling, availability and flexibility (remote and on-premise).
- Addressing soft controls, effective communication/elaboration and integrity.
- Build a culture of continuous improvement.
Internal audit (management) technology
21 reasons why
1. Improved Efficiency. Automate repetitive tasks, enabling auditors to focus on more strategic topics.
2. Standardised processes and procedures can help ensure that audits are conducted consistently across the organization.
3. Better Compliance: AMS provides a framework for documenting and tracking compliance activities, helping organizations meet regulatory requirements and industry standards.
4. Enhanced Collaboration: A centralized platform for sharing information and communicating issues can facilitate collaboration between auditors, stakeholders, and management.
5. Robust Reporting: AMS provides comprehensive reporting capabilities, enabling organisations to analyze audit data, identify trends, and generate reports for management and stakeholders.
6. Stronger Risk Management: By identifying and assessing risks, AMS helps organizations proactively manage potential risks.
7. Improved Communication: Automated reminders and notifications help ensure that auditors and stakeholders are kept informed of audit progress and findings.
8. Better Resource Management, optimizing the use of time, personnel, and budget.
9. Improved Audit Quality: By facilitating the adoption of best practices and improving documentation and reporting, AMS helps improve the overall quality of audits.
10. Enhanced Decision-making: By providing access to real-time data and reports, AMS helps to make better-informed decisions based on accurate and up-to-date information.
11. Increased transparency for stakeholders into the audit process and findings, helping to build trust and credibility.
12. Better Record Keeping to maintain accurate and up-to-date audit records, facilitating compliance and mitigating risk.
13. Simplified Audit Planning. AMS automates the audit planning process, making it easier to create and manage audit plans.
14. Streamlined Audit Fieldwork, enabling auditors to collect and analyse data more efficiently.
15. Improved Root Cause Analysis to identify the underlying causes of issues and implement effective corrective actions.
16. Enhanced Audit Analytics, enabling auditors to identify patterns and trends in audit data.
17. Better Data Security, helping to protect sensitive audit data from unauthorized access.
18. Customizable Dashboards, enabling auditors to view and analyse audit data in a way that is tailored to their specific needs.
19. Scalability to meet the needs of organizations of all sizes, from small businesses to large enterprises.
20. ROI: AMS provides a significant return on investment by improving efficiency, enhancing quality, reducing risk, and increasing stakeholder confidence.
21. Attract & retain audit staff. Talented people understand the importance of technology for their current and future added value and will choose for more sophisticated audit functions.
‘High value’ internal audit specialist consulting
Assess and position
- Strategic internal audit. Board room consulting and assessments, including management of the function, audit capabilities, the level of added value, vision, strategy, level of continuous improvement.
- Tactical capabilities, including governance (positioning, alignment with other lines-of-defense, and reporting lines) and abilities to change and improve.
- Internal audit maturity (scans).
- We provide assessments and in-depth capabilities related to all specialist areas, such as IT-security, IT-controls & SAP-authorisations, Sarbanes-Oxley controls, ESG, and fraud.
- Audit staff quality and requirement assessments. Control and audit training (including awareness).
- Audit technology assessments (audit management system).
- IT-skills assessment (understanding of the impact of IT and the usage of IT in internal audit (such as data-analytics, process mining, RPA, tooling to assess (SAP) authorisations, etc).
- Your operational internal audit function. Assessments, including the audit charter, audit methodology, audit plans, audit handbook reviews, general way-of-working.
- Pre-assessments and certification of the internal audit functions.
- Current quality assurance over your programs and projects.
- Risk assessment methodology (universe definition).
- (Banking) compliance (part of the 2.5 line of defense).
- Ad-interim CAE services.
- Quality assurance reviews to work with your auditors and review the audit scoping and effectiveness of the audits and reporting.
- Training programs to improve your auditors capabilities related to security, IT controls, SOx, ESG, fraude and all other specialist areas.
- Awareness programs to improve controls and audit capabilities in te first and second lines to increase the (perceived) independent assurance of internal audit.
- Strategic improvement programs using our vision towards the internal auditor of the future to add value with real-time auditing and providing trust to boards, stakeholders, and society.
- Operational improvement, hands-on consulting to improve al operational elements of internal auditing (see at assess).
- Content provisioning, such as templates, frameworks, audit procedures test plans, etc.
- Dashboard (real-time reporting) and reports development and improvement.
- Perform internal audits, including risk management.
- Implementation of audit management software; agile, in-time, and at a fixed price.
- IT-upskilling (knowledge of the impact of IT and how better to use IT in audits (eq data-analytics, process mining, RPA, SAP-tools).
- We make all improvements to best practice stick, by guiding your staff through all changes and periodically monitor the execution of your new way-of-working, newly learned (IT-)skills or implemented new software solutions (such as your audit management system, process mining, (SAP) authorisation monitoring of data-analytics.
- We support in all aspects of your internal audit change program and throughout the whole improvement process with our maturity models, plateau-thinking and horizon planning.
- All our managed service come including structured improvement activities.
Flexible pool of internal auditors
BR1GHT flexible pool
- Our flexible pool of (internal) auditors consists of a (global) group of experienced audit professionals who are available to work on a project basis, either as part of an internal audit department or as external consultants.
- Our auditors can be contracted for short or long-term engagements, depending on the organization’s needs.
- We provide experts to a) your internal audit pool, B) fully outsource specific audit areas, C) have a joined hybrid model working together on audits or d) facilitate collaborative pools. In a collaborate pool, we bring organisations together to create a shared pool of auditors who are available to work on projects for all participating organisations. This can be a solution for specific industries where organisations work together without competition (eg grid companies, water supplying companies, lower municipals, multiple-oversight bodies, and so on).
Advantages of a flexible pool of auditors
- Availability of audit staff.
- Scalability: Quickly scale up or down audit teams based on their workload and business needs. Avoid the costs of maintaining a large internal audit department when demand is low.
- Increased efficiency: Providing additional resources and expertise when needed.
- Reduced workload of internal staff, allowing them to focus on other critical tasks and priorities.
- Specialization: Provide access to highly specialized skills and expertise that might not be available in-house.
- Cost savings against hiring full-time staff. Avoid the costs of benefits, training, and other overhead expenses associated with maintaining a large internal audit department.
- Objective and independent perspective on an organization’s operations and controls, which can be valuable for improving performance and identifying areas for improvement.
- Fresh perspective to an organization’s operations and controls. This can help to identify blind spots or inefficiencies that may be overlooked by internal staff.
- Reduced risk of fraud, errors, and non-compliance by providing independent and objective assessments of an organization’s internal controls.
- Knowledge transfer: External auditors can share their knowledge and best practices with internal staff, helping to build their skills and expertise over time.
Internal audit news
BR1GHT's partner Wolters Kluwer, a global leader in professional information, software solutions, and services, has been named among the leading global providers of ESG Software in the inaugural and prestigious Green Quadrant: ESG Reporting and Data Management...
Our partner Wolters Kluwer have recently published a document as a guide for internal audit departments looking to adopt a more agile approach. This reminds me of an anecdote from a few years ago. I was at a dinner after an event in Stockholm, at a table with 7 CAE:s...
We are excited to announce that Gene Tjong Akiet, a valuable member of our team in Suriname, will be joining us in the Netherlands to continue his work with BR1GHT. Gene's contributions to our team have been instrumental in the growth and success of our business, and...
We have a great person and fulltime experienced (senior) IT-auditor and IT-controls (or broader controls) specialist available as of today. Experienced in SAP (multiple modules, controls, authorisation as specialist and trainer), financial & operational controls...
The digital transformation is reshaping organisations with an increasing pace. Digital solutions using RPA, IoT and mobile are being implemented in the business to save costs, improve business processes or to build client intimacy. But what are the risks of these new digital solutions, how do you control them and what does digital mean for your control environment? In a series of publications, we will dive deeper into these questions and take you with us in our Digital Control journey Towards Continuous Monitoring.
In this publication you will read all about:
- What are the risks of new digital solutions, such as RPA, ML, IA,
- The need to continuous monitoring,
- Wat is continuous monitoring,
- How 2’nd and 3’rd Lines of Defence can use continuous monitoring,
- How to use continuous monitoring to provide assurance,
- Upskilling risk and internal audit specialists.
If you would like to know more about continuous monitoring, please contact us. We can provide you with concrete examples of implementations.