Читать книгу Agile Auditing - Raven Catlin - Страница 11

Serving as a chief audit executive and then CEO of The Institute of Internal Auditors (IIA), I have strived to learn new concepts, develop new ideas, and advocate for new ways to approach challenges and opportunities. Continuous learning is what brings me to this book, Agile Auditing: Fundamentals and Applications, by Raven Catlin and Ceciliana Watkins, two remarkable individuals who epitomize the internal auditors of today and the future. In this book, Raven and Ceciliana offer a fresh approach to what our profession must do to become and remain relevant to our stakeholders by adopting an Agile mindset.

I have discussed the importance of being nimble and turning problems into opportunities over more than a decade, through my books, in presentations around the world, and in my weekly blog Chambers on the Profession. To implement Agile auditing, internal auditors must demonstrate intellectual curiosity and open‐mindedness, two attributes discussed in my book Trusted Advisors: Key Attributes of Outstanding Internal Auditors. Additionally, Agile auditors must have the relational and professional attributes addressed in the book.

After reading Agile Auditing: Fundamentals and Applications, I gained new perspectives and reinvigorated my firm belief that, to be relevant, we must continuously evolve who we are as internal auditors and how we add value.

We are at a critical juncture in our profession. Being Agile also means being resilient amid every advancing risk. We must embrace fresh ideas and perspectives to execute bold, decisive, and Agile strategies to address the new frontier. Amid the COVID‐19 pandemic, the need for social distancing around the globe challenged the management of audit activities, from risk assessments to testing, reporting, and the administration of the audit activity, including recruiting, retention, and training.

In a virtual environment, internal auditors face myriad challenges in how they address and complete their work, from different methods of communications to limitations on travel and physical access. The pandemic has certainly tested the concept of Agile auditing, but the good news is that, amid a changing risk landscape, we've learned that it actually can be most effective.

I met Raven Catlin in 2002 at The IIA's Volunteer Instructor Development Program. Raven stood out. She successfully completed the program and impressed me as a knowledgeable, articulate, experienced, and innovative auditor. As an instructor, Raven presents an effective method to deliver concepts and influence others to adopt new practices. This book showcases those attributes. It offers a framework for audit functions to add value and remain relevant. I find Raven and Ceciliana's Agile audit framework to be distinct in that it is not a method that simply provides ideas. It is truly a framework that's adaptable and allows audit teams to incorporate practices and tools into an Agile audit methodology they create and customize.

Moreover, the framework provides a structure and guidance for greater collaboration with audit customers/clients, a critical tenet of internal auditing. It integrates clients as members of the team from day one, and it acknowledges that, without this fully involved engagement, the audit cannot proceed as an Agile audit. Further, the framework focuses on creating value from the audit client's perspective. It centers the Agile audit on the value proposition, which makes achieving organizational objectives a foundation point.

It also helps organizations increase overall resiliency, which is critical in this new normal. The audit must deliver results more quickly and provide insights that will help reduce detrimental risks and achieve objectives. The flexibility provided by implementing this Agile approach helps management and auditors collaborate in risk identification, resulting in better‐managed businesses and organizations. A vital aspect of this framework is that it uses a risk universe, rather than an audit universe, to determine priorities and an Agile audit plan.

As I have discussed in many of my blogs, tweets, and books, adapting and keeping an eye out for the most critical risk is crucial for our profession and our organizations. Continuous risk thinking is a lesson I learned early in my career and is vital to Agile auditing success. Conventional planning for internal auditing doesn't hold up in today's environment because it cannot deal with unexpected risks.

In 1990, I was in the middle of an old‐school, annual plan as chief audit executive for the U.S. Army when Iraq invaded Kuwait. Risks that very few saw coming had suddenly appeared. I had to toss my annual audit plan and assess risks continuously, so that I could identify and reset our internal audit priorities. Traditional methods and routines of conducting audits based on plans that are six months to a year old are in the past. We need to assess risk continuously, and we must have new information to keep our audit plan up to date.

I wish that I had had this book back in 1990 as a guide not only for myself but also for my audit department and colleagues. The framework and information provided in this book provide the tools and ideas to spark your creative juices to make your audit activities successful today and in the future. In turn, it will allow you to continuously set your antenna high and be better prepared to address new risks as they emerge within our industry and in the overall economy.

Finally, one of the most valuable lessons you will learn in this book is to deliver focused results faster. As presented in the framework, auditors complete each Agile audit in short, two‐week cycles – planning, performing, and communicating risk‐focused results. Applying Agile auditing consistently and maintaining a tight delivery cycle require innovative thinking on audit processes and deliverables. It creates a baseline, so each auditor and each team can measure their performance and become better and stronger with every audit.

I highly recommended Agile Auditing: Fundamentals and Applications by Raven Catlin and Ceciliana Watkins whether you are a seasoned auditor, new to the profession, or even in a different domain unrelated to audit. You will find that the framework, lessons, and principles better equip you to meet new challenges. This book is one of few written by audit professionals to improve our audit services and value to our organizations by being more responsive and a better team player. Reading this book will prepare you with the knowledge and skills necessary to become an Agile auditor, implement Agile auditing in your audit activity, and deliver more value to the organizations you serve.

—Richard Chambers

President and CEO of The Institute of Internal Auditors (IIA) January 2009 to March 2021

Author, Lessons Learned on the Audit Trail (2014), Trusted Advisors:Key Attributes of Outstanding Internal Auditors (2017), and The Speed of Risk: Lessons Learned on the Audit Trail, 2nd edition (2019)