31 December 2019 Open with your browser  

Internal Audit in the New Era of Digital Transformation

Written by: Ms. Joyce Li – Risk Consultant

Digital transformation is the procedure of applying digital technologies to create or modify the existing business processes in order to adapt new market development. It is now posting a threat to internal audit function if the digital transformation-related risks are not proactively identified and prevented. This shifted internal audit from compliance-oriented assurance to an advisory role based on continuous controls monitoring, as well as focusing on the future. As a consequence, internal auditors should possess competence and knowledge to thrive in the era of digital transformation.

Technologies forming digital transformation
With the advent of digital transformation, the introduction of five new technology trends will disrupt the prevailing internal control system, leading to an imperative need of internal audit practitioners to understand and utilize these trends to create a continuous audit framework in the emerging digital economy.

(1) Robotics
Robotics refers to machine learning, cognitive technology, and artificial intelligence. This system can be applied to many repetitive tasks performed by the internal auditors. Besides, using robotics can also alert internal auditors to changes in the control environment.

(2) Audit Analytics
By taking advantage of audit analytics, it can provide internal auditors new insights on control performance trends in a real-time and more accurate way, and thus improving the quality of internal audit. Examples of audit analytics comprise analysis and replacement of rules-based engines with intelligent systems, audit process automation, continuous monitoring, and a focus on deep-data analytics and data visualization for better decision-making.

(3) Information Security
Information security can be referred to as “cybersecurity”. It is not solely a compliance exercise to ensure policies and procedures are properly followed by the organizations, but also a mechanism protecting the organizations from the exposure to any cyber risks. With the great advances in information technology and the rapid progress in the development of digital economy, cyber attacks incurred from human negligence and cybersecurity vulnerabilities continue to evolve. In fact, it appears that managing the risk of cybersecurity is becoming more complex. To embrace the changes brought by the digital transformation, internal audit executives should raise awareness of the control environment in a broader way, by analyzing new types of cyber attacks caused by any human factors and reducing the potential cybersecurity vulnerabilities, so as to cope with the various changes arising from the information security.

(4) Cloud Computing
A new trend reveals that cloud computing has been widely utilized by many organizations to deal with issues of business competition, such as data security and cost reductions. With cloud computing, the business service can be separated from the infrastructure needed to run it, where the company's data is decentralized among service providers independent of internal controls within the organization. Thus, organizations are exposed to a new risk termed "robust yet fragile" while using cloud computing. Although cloud computing could help the organizations develop more steady and robust growth by increasing its business scale, it also makes the internal control system more fragile to any single points of failure. In view of this, the internal audit executives should understand the content and nature of cloud computing clearly, especially any new points of fragility within the system, in order to provide leadership and quality assurance in the age of digital transformation.

(5) Performance Optimization
Performance optimization is defined as a process to consider whether the organizations’ user behavior, technology interface, and situational awareness can be better aligned to internal audit’s objectives through continuous measurement of the organizations’ track record and impact. As such, internal audit executives should collaborate with business owners to formulate use-cases for performance optimization to improve the efficiencies and effectiveness of business processes. Some tips for internal auditors to help optimize the organizations’ performance are set out as follows:

• Define the best achievable outcomes;
• Measure progress in incremental steps;
• Use controlled experiments to reduce risk; and
• Anticipate and learn from failure

Agile auditing — the new audit methodology addressing the digital transformation
In the new era of digital transformation, traditional audit approach, which contains three phases of audit (i.e. planning; execution; and reporting), is gradually abandoned and starts to shift towards a new audit methodology called "agile auditing". This new audit approach is to divide an entire audit project into discrete, results-oriented tasks, and carry out the related tasks and procedures at the earliest opportunity. As a result, by adopting this new methodology, internal auditors could successfully build a prompt and frequent communication with stakeholders, thereby fostering a faster pace to market and promoting continuous improvement of the business.

In summary, the acceleration of digitalization is destructive and inevitable, but in the meantime, it brings new opportunities for internal audit to create new assurance models. Consequently, familiarizing and harnessing the new technologies and audit methodology can definitely help internal auditors to keep pace with all the latest developments of digital transformation and stay competitive in a changing world.


James Bone (October 2018). FIVE TRENDS SHAPING DIGITAL TRANSFORMATION: By understanding new developments, internal audit can help shape the organization's approach to the digital economy. Internal Auditor, Vol. 75, Issue 5.

Kalpesh Master & Saurabh Bansal (April 2019). IMPACT OF DIGITAL ON THE FUTURE OF INTERNAL AUDIT. EXL White Paper.

If there are any aspects which we may assist, please do not hesitate to contact:

Partner - Ms. Gloria So
gloria.so@shinewing.hk (Tel. 3583 8517)


Contact Us

ShineWing Hong Kong
43/F, Lee Garden One,
33 Hysan Avenue
Causeway Bay,
Hong Kong

T. (852) 3583 8000
F. (852) 3583 8001
W. www.shinewing.hk
E. info@shinewing.hk



SHINEWING is a premier provider of professional services, specialising in audit, tax and advisory services. Present in China, SHINEWING has domestic offices which are spread across the major cities, including Beijing, Shenzhen, Chengdu, Shanghai, Xi’an, Tianjin, Qingdao, Changsha, Changchun, Yinchuan, Jinan, Dalian, Kunming, Guangzhou, Fuzhou, Nanjing, Urumqi, Wuhan, Hangzhou, Taiyuan, Chongqing, Nanning, Hefei and Zhengzhou. Other member firms include Hong Kong, Singapore, Australia, Japan, Pakistan, Egypt, Malaysia, United Kingdom, Indonesia, India, Thailand, Taiwan and Germany. Today, SHINEWING employs over 8,000 staff. With our extensive network, we are able to leverage fellow members’ expertise and geographical presence and enhance our ability to serve the dynamic needs of transnational clients.


© 2019 SHINEWING Hong Kong. All rights reserved.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation.


Home | Open in browser | Unsubscribe