63% of the internal auditors in Kuwait aim to rely on data analytics to analyze potential risks: Survey

62% of the respondents to leverage the power of technology to innovate their internal auditing function by 2024

The Protiviti Member Firm for the Middle East Region in partnership with Institute of Internal Auditors (IIA) Kuwait, conducted a survey to gain insights on the recent Internal Audit (IA) trends in the region. To mitigate the challenges posed by COVID-19, Internal Audit (IA) sector globally witnessed swift innovation and improvisation. In Kuwait, the stringent regulations issued by the Capital Markets Authority (CMA) made the IA fraternity more cognizant of its role in the fast-evolving corporate governance landscape. This survey aims to be a useful tool for IA professionals and relevant stakeholders to understand how IA functions in Kuwait are adapting to the ‘new normal’. Close to 63% of the respondents mentioned that NextGen tools such as data analytics are being used to identify changes in risk.

Sanjay Rajagopalan, Managing Director, and Leader of the Internal Audit practice for Protiviti Member Firm, stated that “The survey highlights the fact that technological transformation and its application in IA are no longer in the category of ‘good to have'. Instead, these are among the key factors distinguishing new age IA function from a traditional one. It was encouraging to see that 62% of the respondents showed interest in undertaking transformation or innovation activities in the next couple of years.”

The survey focused on five core areas namely internal audit function, audit innovation, and transformation, the impact of COVID-19, risks management, and Capital Markets Authority (CMA) regulatory updates. It also provides a comprehensive view of the practices adopted by Internal Auditors across organizations, including audit innovation and transformation, and risk management abilities, among others. This survey aims to not only help peers benchmark their operations against leading best practices but also make them aware of common pitfalls. 

“At IIA we have always focused on tracking audit trends and sharing these with IA professionals for their knowledge and skill enhancement. This survey is surly helpful to meet these objectives as well as highlighting the importance investing in Internal Audit for organizations to meet today's challenges and emerging risks”, said Mansour Shashtari, Chairman of the Board, IIA, Kuwait.

During the pandemic, 54% of respondents anticipated cyber security to be among the top 3 risks followed by operational risk (27%) and technology and digitalization risks (12%).

“Given the dynamic nature and velocity of emerging risks and disruptions, the IA function must be agile and should increase the frequency of risk assessments. The traditional approach to annual reviews is unlikely to assist internal audit function in the effective discharge of their duties.” said Daryoush Pour, Managing Director, Protiviti Member Firm. 

IT risks remain a cause for concern and 30% of the survey respondents said IA function in their organizations did not have an IT auditor or had no plan for a technology audit. The survey shows that the representation of IT audit has a gap despite technology playing a key role across industries. Of the total respondents, 19% indicated that the IA function in their organizations does not have IT auditors, while 40% said they had 3+ or more IT auditors. This indicates that either companies do not feel the need to have specialized IT auditors, or they mostly rely on outsourced service providers. 

As per the survey, 47% of the respondents stated that they were part of the crisis management teams during the pandemic, demonstrating an active consulting role under a wider mandate. Also, 37% of the respondents were not sure or had no plan to walk the innovation path. Risk management remains an evolving area with 30% of the respondents saying their organizations did not have a risk management function.