Internal Audit and Project Management. They seem as two unrelated topics... Or maybe not?
As any auditor will tell you, part of the auditor's job is to record mitigation actions for the risks that have been decided to be addressed.
Sometimes these actions are quite simple, integrated into the daily life of the company. It is only necessary for one person to take on the task of clarifying an issue or correcting a procedure and so on.
On other occasions, things are more complicated. Several people need to work together at the same time, to gather information and form a more complete understanding in order to solve the issue.
Finally, it may turn out that dealing with an issue is not a simple matter. Many people need to be involved, a lot of time needs to be spent, there may be significant costs to the organisation and things may affect several departments.
In the last case, it may be necessary to form a project and monitor it in all its different dimensions (time, people, costs, investments). In such a case, the organisation will have to find a way to monitor this project. It may of course use simple tools (EXCEL, to-do lists, etc.) or even a project management system (if available).
Even in there is a project management system, there will still be the problem of it not being seamlessly connected with the internal audit system i.e. need of double data entry, possibly non-shared coding, etc. (And this is assuming that there exists an internal audit system!)
At E-ON we realized early that there is a need to link the internal audit and project management and we developed the concept of integrated internal audit and project management & accounting systems.
The result is an Internal Audit, Risk Management and Project Management platform that can track associated risk mitigation actions with projects of any complexity (but also simpler workflows for the majority of cases).
The exchange of information between the "modules" (we borrow the term, but we don't fully embrace it, as our platform is one and integrated) is automatic or - better - obvious. There is no longer any need to transfer data, keep different files and deal with two different systems.
The risk owner [may] now also be a project manager (to the extent that this is reasonable and required by the internal organisation), while the completion of the project concludes the pending project and therefore the affected risks are "mitigated".
More information on our integrated platform for Risk Management and Internal Audit you may find here, while for the Project Management and Accounting features you may find here.
Comments