Скачать книгу

not).

      8 The Importance of Role Clarity in Assurance and the Insights Lean Can Offer

      In which I highlight the vital importance of having clear roles and accountabilities in order to drive both effectiveness and efficiency; and some of the key tools that can be used to drive greater role clarity, both for key functions as well as internal audit.

      9 The Audit Plan: Taking a Value Approach

      In which I discuss the ways in which taking a lean, value-added approach to the audit plan can ensure that audit looks at the right areas, overcoming the common failing of having a disconnect between the audit plan and the key objectives and risks of the organizations they support.

      10 Factoring in Risk Assurance in the Audit Plan

      In which I discuss the crucial role of understanding the risk assurance picture before developing the internal audit plan. This approach challenges some common conventions in audit planning, including the way management is asked for their views on the areas that audit should look at.

      11 Considering the Allocation of Resources to Optimize Value Add

      In which I discuss how lean, progressive audit practices can encourage greater quality debates about the way audit resources are allocated across different risk areas in order to maximize the value derived from the plan. A number of the techniques outlined have been invaluable for a number of CAEs facing pressure on their budgets.

      12 Assignments – Types, Scheduling and Resourcing

      In which I highlight the need to move beyond standard assignment types and to resource and schedule assignments more flexibly, based on their value. Lean techniques help us to create a clearer flow of assignments during the year, reducing delays in starting to deliver the audit plan as well as the common problem of rushing to complete assignments towards the end of the year.

      13 Using Assignment Scoping and Planning to Drive Added Value

      In which I highlight the importance of properly scoping and planning assignments so that they can deliver the maximum value. This includes the important step of being clear about the key risks and controls that should be tested, and making the maximum use of intelligence so that the assignment does not simply repeat what is already known and has the maximum chance of delivering outcomes that matter.

      14 Assignment Delivery – Managing What Really Goes On

      Where I discuss the reality of what actually happens when audits start. I look at the many ways that time can be lost and offer a range of proven approaches to help drive audits forward in a purposeful way. In particular, I examine ways to think more carefully about what testing should be done and the challenge of knowing when to stop.

      15 Using Communication and Quality Standards to Maximize the Added Value from Assignments

      In which I discuss the ways in which assignments can get into difficulty in their latter stages. This can include difficulties and delays at audit closing meetings, finalizing audit reports (including agreeing actions) as well as meeting quality assurance standards. Lean, progressive ways of working help auditors drive assignments towards a value adding conclusion and overcome the many delays and distractions that are commonplace.

      16 Assignment Follow-Up and Follow On

      In which I show how lean principles encourage audit to take a fresh look at the process of tracking remediation of open actions and audit follow-ups. Lean ways of working can radically reduce the time and effort spent by audit doing follow up work, whilst driving greater reliance on management assurances.

      PART 3 LOOKING AT KEY UNDERPINNING CAPABILITIES, PROCESSES AND WAYS OF WORKING

      17 Measuring Performance and Driving Improvements in Audit Ways of Working

      In which I examine the way lean encourages us to take a fresh look at the metrics and key performance indicators collected and reported by audit. I also look at ways to enhance assignment methodologies, to strengthen quality control in a streamlined way and to drive value from External Quality Assessments (EQAs).

      18 Using Lean Audit Principles to Underpin Cultural Change in the Wider Organization

      In which I highlight in more detail the ways in which lean ways of working can help to improve the GRC and assurance culture of an organization. Areas that can be improved include streamlining the policy and compliance landscape, strengthening the role of risk and compliance functions, and improved assurance coordination.

      19 Leading the Audit Function

      In which I discuss the leadership characteristics and capabilities of Chief Audit Executives (CAEs) who lead lean, progressive, value-adding audit functions. In particular I share key messages from my own experience and from other CAEs about how they retain a sense of perspective in managing the many dilemmas that CAEs have to navigate.

      20 The Audit Function: Selection, Training & Development and Ways of Working

      In which I examine the way that lean, progressive, audit functions approach recruitment, staff development and leverage other skills, through guest auditors, guest advisors and/or co-source providers. This chapter raises some important questions concerning the optimal balance of skills within an audit function.

      PART 4 FINAL REFLECTIONS

      21 Further Thoughts about Where and How to Start the Journey towards Lean Progressive Auditing

      In which I examine choices around where and how to start or make further progress in relation to lean audit ways of working. A key message, based on my experience as a CAE and with clients, is that implementing lean auditing does not have to be time-consuming or expensive.

      22 A Brief Look into the Future

      In which I examine potential developments in audit and my hopes for the future. I also reflect further on the key dilemmas that internal auditors and CAEs face on a day-to-day basis and consider whether we can do more as a profession to support one another in this regard.

      PART 1

      Lean and Lean Auditing in Overview

      1

      Lean Auditing at AstraZeneca

      After 15 years working in a range of finance roles, I was appointed the CAE of AstraZeneca PLC in 2002. My appointment came a few months after the enactment of the US Sarbanes–Oxley Act, following the collapses of Enron and Worldcom.

      If I needed a reminder that good financial control was important, this was it. I therefore spent the first two years in my role supporting and quality assuring the embedding of Sarbanes–Oxley disciplines, whilst also working on a range of other areas in GRC and assurance as well as developing the internal audit function.

      By 2005 we had made progress on a number of fronts. However, it was clear that pressure on costs would increase, and as a result my audit management team and I decided that we should engage with the cost agenda in a proactive manner: “Better to work on our efficiency and effectiveness ourselves than have someone else do it for us.”

      At the suggestion of one of the Audit Directors, David Powell, we decided to work with colleagues in AstraZeneca’s manufacturing function, who specialized in lean manufacturing techniques. We contacted John Earley (now Partner, Smart Chain International), who was working in manufacturing at the time, and after obtaining some key inputs from him, we developed a number of new ways of working within the audit function.

      What impressed me at first was just how quickly and cheaply the lean techniques could be implemented and the scale of the efficiency gains achieved. In later years I also admired the way lean principles informed much of what we were doing to deliver added value: from audit planning to stakeholder engagement, from our approach to assignment delivery to the way we carried out testing, and from the way we reported our work to the performance metrics we used.

      The lean auditing approach also offered a positive way of thinking about

Скачать книгу