Audit process automation addresses many of the issues associated with a traditional audit approach. In particular, a traditional audit approach does not adequately address the organizational complexity that the audit department faces. The traditional approach to an audit is spreadsheet-based and requires manual processes as data must be transferred from one best-of-breed solution to the next. Ultimately, this approach to the audit is not centralized and does not adequately address those issues that large organizations with a multi-state, multi-jurisdictional audit requirements. Even where organizations rely on best of-breed audit applications, the resulting fragmentation of process and data creates additional process delays and data integrity risks.
“When we talk about efficiencies that DoubleCheck has added, we have cut preparation from two weeks to a day. In the past, for us to audit a quarter of data, we would take four to five weeks to gather all transactions that take place. Now we’re able to audit a full month’s worth of data in just ten days. Over the course of an entire quarter, we go from having to take three months to audit a quarter to just thirty days.”
Compliance and Audit Director
Audit process automation, by contrast, places these separate, siloed solutions into a single, integrated solution. This saves time, effort, and ultimately frees the audit team to engage in more value-adding tasks beyond simply developing reports to comply with regulatory requirements, such as assisting with training or correcting other issues as they arise during the normal course of business. Addressing the complex audit environment with the proper solution is not just about assurance, risk avoidance, internal overhead, and speed of business operations, but it is about creating a stronger and more efficient organization.
The profiled organizations reported a range of benefits as they engaged in audit process automation. Both organizations needed a system that would provide them with better control of the audit process and needed better tools to manage the process. Prior to adopting a single, consolidated solution, neither organization had the ability to efficiently and accurately control the audit process and were either dependent on others to provide assistance throughout the process or otherwise struggling to control unwieldly datasets with tools poorly suited to the tasks.
Blue Hill Research found that audit process automation leads to a higher level of accuracy and efficiency in the way audits are conducted, which has multiple spillover effects. Primarily, a more accurate and efficiently-conducted audit is going to assist an organization with maintaining regulatory compliance. Additionally, the time saved (as the audit department does not need to spend as much time confirming datasets or otherwise searching for information) provides the audit department with the capacity to engage in providing additional value to the larger organization, either through conducting additional audits or through the completion of additional tasks. For example, the auto retailer has been able to assume more quality control tasks, such as providing more real-time information to dealerships to correct issues or problems early in the process; likewise, the audit department of the insurance company has been able to engage in additional audits.
Blue Hill Research observed three main value propositions associated with the automated audit process and one value proposition that resulted from the automation even if arguably outside the scope of automation. The value propositions of audit process automation are the improved efficiency and the associated increased speed to complete the audit; accuracy and the associated reduction in errors occurring during the audit assessment; and finally the organization’s ability to respond to regulatory changes.
The other observed benefit by Blue Hill Research is the ability of the audit to drive business improvement. With the time saved through the automation process, the audit departments of the observed organizations were able to engage in additional tasks, such as by providing additional guidance to the organization to correct problematic areas or assist with the creation of training modules.
Key Observations and Takeaways
Blue Hill Research found process automation allows organizations to successfully navigate complex workflow environments. Audit process automation, which is one such example, provides the organization with the tools to manage data spread through large datasets and to manage diverse stakeholders with competing interests. A complex audit environment is defined differently by every organization and is dependent on the interconnection of factors faced by organizations, multi-faceted regulatory environments, and facing a diversity of subject matters. Within a complex workflow environment, an organization is going to need a solution that will have both the robustness to handle the amount of data required by the organization and the flexibility to handle changes within the regulatory environment.
DoubleCheck Software solution for audit process automation addresses the complexity of the audit environment by providing a solution that can by modified to meet the requirements of the organization. The solution allows the organization to efficiently track the matters and stakeholders involved in large, complex audits, develop questionnaires within the solution, and verify the accuracy of answers early in the audit process. By automating as much of the process as possible and freeing up resources that would otherwise be tied up in labor-intensive manual data entry, organizations have the ability to assure the accuracy and quality of the audit.
Further, Blue Hill Research observed the organizations within the study utilized the DoubleCheck application to assist in the further development of the best practices. The solution provides the organizations with the ability to modify and set workflows to match their requirements. Both organizations reported that after setting the workflows to match prior workflows, they were able to identify inefficiencies in their practices and modify the workflows to create a more efficient process. With the increased efficiencies, the audit departments had the further ability to confirm the accuracy of the audit and engage in additional value-adding tasks.
As a reflection of the growing maturity within the field of GRC and Audit, organizations are not satisfied with simply looking to GRC solutions as assurance of compliance. There is a growing pressure in the market that these solutions have the flexibility to also assist organizations with assessing the risks they face and take measures to address those risks. Both the insurance provider and the automotive retailer reflect the growing maturity of the market both through their current use of the DoubleCheck GRC solution platform and for their future plans. For example, the automotive retailer has begun the process of developing a compliance-monitoring program within the DoubleCheck GRC solution platform. A successful GRC solution will need to be highly configurable to meet the constantly-shifting regulatory and compliance needs of an organization and must have a full audit process automation component integral to the platform.