Clients

Career

Contact

Intero Consulting
Arabellastraße 30
81925 Munich
Germany

info@intero-consulting.de
+49 89 273 7014 0

Get in contact Apply now
25.01.2023

GRC - Audit Management

Get in touch

Especially in strictly regulated industries such as banking or insurance, audits by an internal audit or external supervisory authority are an integral part of IT business and sometimes present organisations with major challenges. With resources often stretched, specialist staff must be made available for the audit, who still have to fulfil their regular duties and are therefore often unable to focus fully on the audit. This can lead to considerably more difficult findings and thus result in additional workloads that could be prevented by supportive audit management. In order to minimise this risk, it is often worthwhile enlisting external support for the management of such an audit.

The audit management process should help companies to fulfil relevant regulatory requirements and standards as well as internal rules in the best possible way.

The audit management process comprises four steps:

  • First step

    Good preparation is essential for a successful audit. The first compliance gaps can be identified and, if necessary, closed or addressed before the audit. Checking which areas of the company should be included in the audit is the first priority, as is organisational coordination with the audit organisation and analysis of its audit rules. Finally, all relevant documents and information should be verified and organised, and not just limited to the requested documents.

  • Second step

    Close management of all participants, topics and information is essential during the audit. Only through a constant and targeted exchange can the risk of findings due to communication errors or inconsistencies be minimised. It is also important to record the auditors' comments so that findings can be contextualised retrospectively and, if necessary, mitigation measures can be started immediately after the audit.

  • Third step

    Once the audit has been completed, a thorough analysis of the audit report is necessary in order to identify weaknesses and potential for optimisation. Based on the analysis, an action plan with a schedule and a reporting process must now be drawn up and, if necessary, agreed with the auditors.

  • Fourth step

    The changes required by the audit report should be prioritised based on their severity and urgency and initiated promptly after the audit. All changes made must be documented and prepared for submission to the audit organisation.

Intero Consulting has extensive experience in managing both internal and external audits and is happy to provide you with organisational and conceptual support. We closely accompany the preparation and implementation of the audit and the associated discussions and advise you on the development of a consistent and optimised storyline. On the basis of the audit report, we support you after completion in drawing up an action plan and estimating the costs. If required, Intero Consulting will of course also assist you with follow-up projects to rectify the findings.

Contact

[Translate to English:]

Jochen Friedrich

Partner
Dies ist ein Porträtfoto von Patrick Wargin.

Patrick Wargin

Manager
Dies ist ein Porträtfoto von Michael Lohmann.

Michael Lohmann

Associate Manager