Читать книгу Lean Auditing - Paterson James C. - Страница 5

Introduction

Оглавление

If you are reading these words, I imagine you have some interest in lean or in audit, or both, and may be wondering how these disciplines might be combined.

This is what I wondered in 2005 when I was Chief Audit Executive (CAE) for AstraZeneca PLC. Lean was suggested to me as something that could help the audit function step up its “added value” contribution, as well as improve its productivity.

I was uncertain at first about the applicability and usefulness of lean tools and techniques to internal auditing. But, as we learned about lean, and started to apply it, we were able to create a number of best practice ways of working and also achieved significant productivity gains (of around 20 %).

This book outlines what lean can offer to internal auditing. It is based on over four years' experience applying these techniques as a CAE. Thereafter, I have been running my own company and lean auditing has been one of the core areas of my training and consulting work. I have been fortunate to travel to the US, across the UK and Europe, the Middle East, the Far East and Australia to share lean auditing principles and techniques. I have been heartened by the interest in what I have had to say, and in the results that have been achieved by applying these ways of working.

As I prepared to write this book, I was keen to ensure that the efforts of other CAEs and auditors who are working to improve the impact of internal audit should also be captured. I therefore interviewed a number of CAEs from a range of organizations in the UK, US and elsewhere and their views and insights are captured throughout the book. I have also been fortunate to receive insights from other leading figures in the internal audit world, including Richard Chambers, President & CEO of the Institute of Internal Auditors (IIA), Norman Marks (a well known thought leader in Governance, Risk and Compliance (GRC)), Sarah Blackburn and Nicola Rimmer (both former Presidents of the UK Chartered Institute of Internal Auditors (IIA UK)) and Chris Baker, Technical Manager of the IIA UK. Herein are also selected board members' observations about internal audit.

Consequently, this book represents not just the best of what I managed to achieve at AstraZeneca, and with my clients. It also captures a wider range of progressive practices in internal audit as well as related good practices in the GRC arena. You only need to reflect on the devastating impact of the financial crisis of 2007 and 2008, and countless other risk and governance surprises, to recognize there is considerable room for improvement in this field!

This book addresses many efficiency opportunities through lean ways of working. However, of equal or perhaps greater importance, this book offers a range of insights into what it means to add value, and through this, to reposition the role of internal audit as a key ingredient of organizational success.

As we will see, many of the CAEs I have interviewed for this book already have a “seat at the top table”. Consequently, whilst a number of the principles, tools and techniques outlined in this book will be aspirational for some internal audit functions, they are successfully in operation for many others.

Whilst I will argue that the internal audit profession should play a more prominent, value-adding role, I do not believe that internal audit should take the lead in driving organizational performance and behavioural change. That is a role for the board and senior management. My belief is that internal audit should more clearly act in a catalyst role for organizational growth, continuous improvement and sustainability.

I hope to demonstrate that the use of lean principles and techniques can both inspire and support internal audit to take up such a role.

However, I also want to acknowledge that there can be significant barriers to achieving what I am proposing. Some of these barriers may be practical, but most come from the mindsets and preferences of board members, senior managers, and a range of others who prefer a traditional “compliance and control” role for internal audit.

In my opinion, the traditional “compliance and control” focus of audit acts like a heavy hand on the audit profession, limiting its ability to play a fuller role. The dominance of traditional ways of working partly stems from a legitimate need to gain assurance over the basics, but also from a significant inertia that has built up within the internal audit profession itself.

As this book proceeds I will try to outline how the lean audit mindset (and ways of working that flow from it) differs from the traditional internal audit mindset, and traditional ways of working. I hope to demonstrate that, if internal audit is prepared to relinquish some of its familiar work in compliance and control auditing, which may appear to offer a degree of security, it will in fact make the internal audit profession more secure in the long run. Indeed I would go so far as to say that by continuing to carry out a large portion of traditional controls and compliance work internal audit may perpetuate a range of organizational and cultural problems with Governance, Risk, Compliance and Assurance.

As a result, some of the principles and practices outlined in this book may be challenging for some of the more traditionally minded auditors, senior managers and board members. As far as possible, I will try to explain how progressive and traditional ways of working can work together side by side, but I think that truly operating with a lean frame of mind does challenge a number of long-held conventions about internal audit. To my mind being prepared to “rock the boat” is a necessity if we want to put internal audit on the right path to being properly acknowledged as a key ingredient for sustainable organizational success.

Lean Auditing

Подняться наверх