The agile methodology is an approach to project management initially developed in the software industry to adapt quickly to market and technology change. Agile sought to address this challenge, reduce risks, costs, and incorporate feedback for an iterative approach to software development. Subsequently, agile has been adopted and implemented by numerous industries and business functions, including Internal Auditing.
Basic premise ... 'Agile Manifesto'
Internal audit cannot anticipate or predict today's changing landscape of geopolitical, market, competition, regulatory, supply chain, natural disaster, pandemic, and cybersecurity threats. There is a demand to respond to emerging business needs. Traditional internal auditing does not provide the necessary flexibility to adapt to a changing risk profile. To provide valuable and timely insights to the organization and be a trusted and strategic business advisor, Internal Audit has to adopt a more agile and iterative approach.
Internal audit must address:
Traditional internal auditing with the planning, fieldwork, review, and reporting stages can take eight weeks or more. However, agile auditing is more flexible and centers around a fluid, iterative planning, and ongoing process and is less rigid than traditional internal auditing. With agile auditing, each phase (sprint) is completed in a shorter time frame and focuses on collaboration and communication between the audit team and stakeholder.
Agile auditing has numerous benefits when appropriately tailored to meet the Organization and Internal Audit’s specific needs and objectives.
An Internal Audit organization must start with an open mind to change and communication. Remember, one size does not fit all. Steps in developing an agile framework may consist of:
Jeffrey Butler
Regional Practice Director, Risk & Compliance
+1 972 892 9093
jeffrey.butler@jeffersonwells.com
About the Author
Jeff has over 25 years executive management and professional services consulting experience in a variety of industries. His global business experience includes risk management, internal audit, Sarbanes-Oxley compliance, information technology audit and governance, Business Continuity Management (BCM), Enterprise Risk Management (ERM), and business and IT strategy development.
We welcome the opportunity to discuss your needs in this area and share our thought leadership to help your team. www.jeffersonwells.com
These Stories on Jefferson Wells
The content and opinions represented here should not be relied upon or construed as legal, financial and/or medical advice.
The law is changing literally every single day and can vary from state to state and even city to city. Please consult with your own Legal, HR and Finance resources and consider state and local law variations before making any policy or procedure changes.
No Comments Yet
Let us know what you think