Protiviti And Regional Internal Auditors Associations Evaluate Pandemic's Impact On The Overall Risk Landscape
Urge Internal Auditors to work closely with Board and Audit Committees as a strategic partner in addressing cybersecurity, privacy, and other priorities
As Audit Committees continue to face crowded agendas and increasing complexity in 2021, Protiviti Member Firm for the Middle East Region and prominent regional chapters of Internal Auditors Associations - from UAE, Bahrain, Kuwait and Oman ‑ partnered to deliberate on the Audit Committee agenda for 2021, especially during the pandemic and beyond. The mandate was set at a virtual forum joined by over 250 participants, including Board Audit Committee Chairmen, Board members, Chief Audit Executives, CXOs and other management personnel from across a range of industries in the MENA region.
Key speakers at the forum included Abdulqader Obaid Ali, CEO Smartworld, UAE and Chairman of the Board Internal Auditors Association, UAE; Dr. Khalid Al-Faddagh, Independent Board Member, Kingdom of Saudi Arabia; Noorur Rahman Abid, Independent Board Member, Kingdom of Bahrain; and Brian Christensen, EVPandGlobal Leader Internal Audit, Protiviti Inc.
Brian Christensen, a member of Protiviti's global executive leadership team, moderating the discussion, said: “The pandemic has presented an opportunity for internal auditors to support Audit Committees and key stakeholders in their organization. Shifting customer behaviours and preferences, the evolving workplace, revisiting of supply chains, and building resilience are some of the major trends which have altered the underlying fundamentals of almost every organization. It is important for Audit Committees to assess operational resilience and how internal auditors can become a strategic partner in addressing cybersecurity, privacy, and other priorities facing organizations in this crucial period.”
A survey conducted amongst the participants indicated that 23% believed that the Audit Committee should discuss emerging and disruptive risks with management and make changes in the risk profile every quarter. 54% of the participants agreed that their internal audit department needs improvement to effectively achieve appropriate risk coverage, agile responses to new and emerging risks, and efficient delivery of value-added insights regarding risk culture, risk management capabilities, and internal control environment. While 38% of the participants believed that organizations are well funded to mitigate cyber threats, provide awareness through various programs, and ensure the importance is understood across the organization, 38% of the participants pointed out that funding is a constraint, but the importance of cyber risk is fully understood.
Sanjay Rajagopalan, Managing Director, Protiviti and leader of Internal Audit & Financial Advisory for the MENA region, said “Environment, Social and Governance (ESG) is gaining traction in the region and many regulators are focusing their attention on ESG reporting. For example, 39% of the participants at the forum believed that their organizations would be considering Environment, Social and Governance (ESG) in their strategy in the next 1 to 2 years, as the MENA region follows the ESG trend. The audit committee has a role in reviewing these new and expanded disclosures, with developments occurring at the company”.
After considering inputs from client audit committees and insights from meetings with board members, the mandate for Audit Committee Agenda 2021 was set as:
- Audit Committees in every organization should consider shifts in the risk landscape to establish an appropriate business context
- Internal Auditors must work with the CFO to review the finance function’s resiliency
- Encourage the CFO to function as a strategic partner in addressing cybersecurity, privacy, and other priorities
- Work with the CAE to formulate appropriate imperatives for internal audit to ensure the function’s continued relevance
- Address accounting and reporting implications of operational adjustments during the pandemic and recession
- Assess COVID-19-related impacts on financial reporting assertions
- Evaluate the pandemic’s near-term and longer-term impacts on the internal control environment