Some of the participants who attended yesterday’s seminar on risk management. Among them was Edward Clarke (left), Chief Operating Officer and General Manager of Sagicor Barbados.
There has not been enough investment in terms of information technology (IT) in the area of internal auditing.
That’s according to Carolyn Bell-Wisdom, Partner, Risk Assurance Service at PricewaterhouseCoopers (PwC) Jamaica. She spoke to the lack of this investment as she delivered a presentation on the topic, ‘Internal Audit Sourcing: A Value Driver to Audit Committees and Chief Audit Executives’, at PwC’s ‘Better Risk Management, Better Business Performance Seminar’, which took place yesterday at the Radisson Aquatica.
The PwC partner made the point while noting that IT has made the world small, such that people do not need to be in a physical location to access services from another jurisdiction, and so, she said companies cannot afford to operate inefficiently and must embrace the technology in the internal audit function.
“Business is now driven by IT and of course you have lots of threats in the area of IT, so that is an area that certainly internal audit functions would certainly need to step up in order to help the business,” she said.
Her comments came as she noted that in addition to the independence, objectivity and assurance that internal auditing brings to an organisation, there is also a consulting and value-added role that it is supposed to play, of which she contended more persons need to be aware.
“Many, many years ago, especially if you were a member of the audit committee, the primary function that you had in those days was to ensure that the annual financial statements were OK; you had to sign off on that, you had responsibility for the relationship with the external audit providers. But what we have found in many of the jurisdictions, and I believe it would apply here as well, there is an expanded role, expanded responsibility for the audit committee members,” she said.
Bell-Wisdom explained that in addition to the annual financial statements, the audit committee members are also required to sign off on all other financial reports. Likewise, she said, the audit committee has an expanded role as it relates to risks, and she noted that in many jurisdictions those responsibilities are set out in law.
“So if you don’t do what you’re supposed to do and something goes wrong … you could end up in jail,” she stated.
With that in mind, she told those gathered that in respect of ensuring better risk management, it is important that the internal audit function acts as the final line of defence.
“Internal audit needs to be strong function as your last line of defence and if you have challenges with finding the right talent to get it to where you need it to be, co-sourcing or sourcing may be an option you can look at,” she added. (JRT)