According to the KPMG 2022 CEO Outlook, businesses are increasingly investing in new advanced technology, with over half of CEOs placing more emphasis on it. As these businesses adopt new technologies, such as robotic automation, artificial intelligence and blockchain, they tend to become more efficient and competitive. However, this digital transformation requires new ways of providing assurance over the use of technology, including protecting businesses from the new risks it brings.
This is what’s meant by ‘technology assurance’. In the face of these new risks, such as cyber attacks, companies need to be prepared with additional or redesigned internal controls to monitor and protect themselves. Along those same lines, the SEC proposes cybersecurity rules which seek to enhance and standardize risk management, strategy, governance and incident disclosures. The proposed rules would increase the prominence of required disclosure of cybersecurity incidents in several corporate filings, including annual and quarterly filings and current reports. The proposal would also require disclosure of a registrant’s policies and procedures to identify and manage cybersecurity risks; management’s role in implementing cybersecurity policies, procedures and strategies; as well as the board of directors’ oversight and expertise.
To delve deeper into this important topic, I spoke with Rodrigo Gonzalez, Head of Audit Innovation, and Ligia Costa, Audit Director, both of KPMG in Brazil. Here’s a summary of what we discussed.
How can technology assurance change the audit and the way auditors work?
Technology is quickly changing financial reporting. Machine learning, natural language processing and AI can automate tasks that would previously require time-consuming manual oversight. As part of the financial statement audit, auditors are now increasingly providing assurance over automation and even artificial intelligence used within the financial accounting organization of businesses.
As part of KPMG’s own digital transformation, our firms not only equip auditors with new technologies, through KPMG Clara, but also with the skills and competencies to thrive in a more digital world. The goal is to audit advanced technology with advanced technology, making financial audits more efficient and providing organizations with a better audit experience overall.
To illustrate what this means in practice, take cyber security for example. Cyber security is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attacks, damage or unauthorized access. KPMG has developed sophisticated cyber security maturity assessments and assurance frameworks to help businesses operate technology in financial accounting with reliable quality and security. To do this, KPMG itself leverages certified bots and data and analytics capabilities.
How can technology assurance impact businesses and specific industries?
Digital acceleration brings exciting opportunities to transform any business, but the need to ensure financial data and controls remains front and center. Against the backdrop of digital transformation, today’s companies are facing an evolving regulatory environment with increased oversight. For this reason, digital transformation is having a significant impact on how KPMG firms provide assurance using technology.
Continuing the cyber security theme, developing a strong cyber strategy often starts with looking at an organization’s processes, controls and partners. Audit committees looking to gain reassurance around cyber security and privacy protection will want to be sure that management has examined their processes from beginning to end, identified areas of potential vulnerability, and put in place plans for controls.
What are the potential risks?
While automation helps drive efficiencies in financial accounting, it also introduces new risks. Audit committees need to ensure that management has a solid understanding of how automation (such as the use of bots) are being used in the company and can recognize signs of potential tampering.
What is KPMG doing to enhance technology assurance services?
KPMG firms have invested in developing tools to automate and drive value to our audits by using data analytics, robotic automation and artificial intelligence. Around this, we have established a global methodology focusing on delivering assurance over emerging technologies.
As such, we have incorporated our AI/ML experience, tools and methodologies, as well as our multidisciplinary capabilities around governance and risk management into a globally consistent approach. We provide independent assurance where permissible and approved on specific algorithms with our technical deep dive and review, showing whether it’s reliable, explainable and ethically responsible. Our own use of AI in audit supports our ability to bring trust and quality to the use of AI.
With change comes challenge
There’s no doubt that while digital transformation brings many opportunities, driving efficiencies and competitive advantage, it also exposes companies to new risks and threats. Technology assurance can build confidence in new and exciting technologies.
Throughout the All eyes on campaign, we’ll be sharing more from various global leaders on topics including AI, big data and continuous auditing. If you’d like to learn more about how KPMG can help your organization realize the benefits of these technologies, please email me or the below subject matter experts directly.
- Rodrigo Gonzalez, Head of Audit Innovation, KPMG in Brazil
- Ligia Costa, Audit Director, KPMG in Brazil
Stay up to date with what matters to you
Gain access to personalized content based on your interests by signing up today