Internal audit has evolved significantly over the decades as a business process, transitioning from being just a compliance-driven function to a strategic partner focused on managing risks, enhancing governance and improving business efficiency.
In recent years, advancements in technology, particularly artificial intelligence (AI), have been crucial in transforming the internal audit (IA) landscape. AI has become a key enabler for modern audit practices, streamlining processes and adding depth to risk assessment and control evaluation.
AI offers significant opportunities to revolutionize IA by automating routine tasks, improving accuracy and enhancing the overall effectiveness of the audit process.
What is AI and how is it used in internal audit?: Disruptive technologies like AI, machine learning and cloud computing have been around for some time now. Companies across industries have been using algorithms and automation to process transactions, enhance customer service and support executive decision-making for years. What is new is the pace of change.
AI refers to the use of algorithms and machine learning models that simulate human intelligence to perform tasks such as data analysis, decision-making, pattern recognition and language processing. AI tools enable organizations to process vast amounts of data more efficiently, identify anomalies and uncover trends that might be missed using traditional methods.
In IA, AI can be applied to various tasks, from automating repetitive procedures to enhancing predictive risk assessments, detecting fraud and providing real-time monitoring of other business processes, thereby reducing the risk of human error.
By streamlining audit processes, AI reduces the time and resources needed for fieldwork, testing and reporting, which leads to significant cost savings.
Among the insights gleaned from Deloitte’s CFO Signals 3Q 2023 Survey and 2024 Global Chief Audit Executive Research Survey, a significant trend has emerged among financial leaders. A striking 42% of chief financial officers (CFOs) report that their organizations are actively experimenting with Generative AI (GenAI), while 15% are integrating it into their overarching strategies.
However, as excitement grows, so do concerns. Over half of the CFOs surveyed highlighted key issues related to GenAI, including its impact on risk and internal controls (57%), the need for enhanced data infrastructure and technology (52%) and investment requirements (51%).
On the audit side, the enthusiasm for a digital transformation is palpable. A remarkable 91% of chief audit executives (CAEs) are channelling investments into digital training and development, focusing specifically on AI, GenAI and analytics. Notably, 11% of internal audit functions have already started investing in GenAI proof of concepts—a figure expected to surge in the near future.
Internal audit generally follows a structured set of sub-processes. By embracing digital tools and disruptive technologies, IA functions can deliver more value to organizations, provide timely insights and contribute to better risk management and overall business performance. AI can be used in each stage of the audit process:
Planning and risk assessment: AI can be used to analyse large data-sets, both internal and external, to identify emerging risks and prioritize high-risk areas for organizations. AI-driven tools for predictive analytics can assess transactional patterns over time, providing deeper insights into trends that signal potential risks.
Fieldwork and testing: AI enables continuous auditing by automatically reviewing large volumes of transactions, identifying anomalies and flagging issues in real-time. Using machine learning technology like natural language processing, the review of contracts to check for compliance with regulatory requirements can be automated. Machine learning models can also detect outliers in financial data, reducing the time auditors spend on reviewing samples.
Analysis and reporting: AI-driven analytics tools can assist in compiling data, drawing meaningful patterns and even suggesting key findings. Tools can be used to create visualization dashboards that provide a comprehensive overview of audit results, helping identify risk areas and communicate the findings to the organization’s management. Natural language generation can be used for creating audit reports.
Issue follow-up: Post-audit, AI tools can monitor remediation efforts in real-time, ensuring that corrective actions are taken to resolve identified issues, with alerts sent and progress tracked. AI tools can automate follow-ups by tracking outstanding audit issues and escalating concerns if corrective actions are delayed.
Continuous auditing and monitoring: Thanks to technological advances, the traditional audit cycle is moving towards continuous auditing, with AI expected to play a critical role in helping businesses monitor processes and transactions, detect anomalies and address issues in real-time. AI-enabled tools can review transactional data for fraud patterns and notify auditors right-away whenever any suspicious activity is detected.
The future of IA is undoubtedly AI-driven. To adopt AI successfully, IA functions should start with manageably small projects, like automating data analysis or anomaly detection. Over time, as AI tools become more advanced and integrated into audit workflows, IA functions will be better equipped to provide deeper insights, manage emerging risks and enhance overall audit quality, helping organizations navigate an increasingly complex risk landscape.
In conclusion, by embracing AI and preparing for its integration, IA functions will not only stay relevant, but also deliver greater value to their organizations.
