The Institute of Internal Auditors presents all things internal audit. In this episode, Mike Levy talks with Mike Jacka about the growing role of advisory services. In internal auditing, they discuss how today's internal auditors are offering strategic insights that go beyond assurance work. They also cover how to balance objectivity with advisory work, how to fit advisory into audit planning, and how to show the value of these services. Welcome, Mike. Hi, glad to be here again.
Always interesting and fun. We, we didn't scare them away after our discussion on soft skills, so I, I think we'll have to continue. So, thinking about advisory services, it's one of those things we always talk about. You know, years ago it was trusted advisor. We're talking about advisory. We used to be consulting. When we think about internal audit functions, I think historically many of us go to the assurance based model. We have to spotlight issues with management.
We report those issues to the audit committee and executive management. How do you see advisory services really fitting into internal audit? So it's a topic we talk about a lot. Yeah. And, and I will warn you to some, well, lemme, lemme go with the theory I have about this whole thing. For some reason, internal auditors seem to think that, uh, advisory is a subset of internal audit. I would argue it's the other way.
Advisory is all things, and then the control aspects of the assurance aspect is almost a subset of that. So I think internal auditors should already have the, the tools, have the mindset in working with people to expand into that broader issue of advisory services. It's, it's well said.
I mean, I think when I think about internal audit and I think about what we're really meant to do, I've heard, you know, we could get into it probably a whole conversation just on the concepts of independence and objectivity. And obviously those are critically important for auditors. However, one of my fears with those words is sometimes we get stuck behind them and we don't focus on what matters within our organizations and how we need to deliver value.
We can't cross over those lines of objectivity and what we do within organizations. However, so many times there are opportunities and we're seeing more and more of them as we talk about all of the emerging risk topics. A, you know, think ai, think some of the cyber risks that are happening, businesses are very often learning as they go, and they're trying to figure a lot of these things out.
And if we wait till they are mature topics within an organization where we can do audits, we're almost, we're almost too late. And that, that balance becomes really critical and important. And for me, some of that has come naturally because I started my career in big four consulting and was always focused on how we build that value proposition as a, as a consultant coming in. But when you're internal to the organization, that's not always as apparent.
So Mike, just from your experiences in the past, how do you go about developing some of those things from, from the ground up? When it comes to developing the advisory aspects of it? It, it, unfortunately, it comes to almost everything we were talking about in our last one. It's the soft skills. It's about learning about the people, about being a piece of the people, about being a part of the team.
You, one of the important things you talked about there a second ago was being there on the front end. And I know so many internal auditors wanna sit back and wait, then come in, I'll use the word judge, they're gonna come in and judge. And if you are a part of the team, if you're meeting with people, if you're talking to people, you're hearing the new things as they develop. And that's where that comes.
We had probably one of our most successful consulting projects was when social media was first kicking off. And, um, it was a fascinating one because nobody was really looking at it, talking about it, had new marketing who wanted to find out what we were doing in, in the organization. At the same time, we had another member of the C-suite go, how can you do this? We don't do audits of pencils, we can't do audits of social media.
So it was a combination of helping them understand what social media was about and then working with this other person. So what, we spent a lot of time talking to the various departments and we had those, that rapport built already, that we could talk to them and they would talk with us. What we found was that all the individual departments had very good social media situations set up, but there was no over, there was no umbrella over it all.
And that's what the chief marketing officer came and did. So I use that as a success story of how it works, but I also use that, look, this is where you internal audit work over all those years should help set that up. They were all people we had talked to, worked with who trusted us. We were trusted assurance providers, not just trusted advisors. And they, they trusted us. They were willing to speak with us because they knew the work we had done in the past.
So it's that relationship building that's gone on and on and on that allows someone to go forward, become an advisory, uh, take on that advisory capacity. This is an area where I've actually seen small internal audit functions excel at, in some, in some ways better than larger audit functions. I've, I've been lucky in my career that I've gotten to work with a lot of different departments.
And sometimes when you're a small internal audit function, you're tasked with all of these risks that you have to assess and evaluate and think through for the organization. And you don't always know how to, how to do it. And I think the agility that you have to have as a small function, this is really where one of the places where advisory services can really shine a, um, really important light in delivering value for your stakeholders.
For me, when I've been successful at this in the past, I've really thought about it in terms of less, in terms of what is the report and what observations do I need to have? And really more so how do I get involved early on? And, and a lot of, and a lot of times if you, if you're asking yourself, where do I get started? Think about what technology transformations your organization's having.
And for me, the, the low hanging fruit area where we work on advisory services is pre-implementation reviews instead of going in after an implementation is done and assessing whether it's successful or failure success or a failure, go in early on and help them think through controls and risks and the configuration. And you know, obviously you can't turn the knobs and actually implement the system.
However, sitting in the room and giving that coaching and counseling really does deliver a lot of value to groups at that stage in the process. And you've hit the thing that so many, and you talked about earlier too, so many people are afraid of, you know, well gosh, if I'm there at the beginning, have I become the control? Have I become part of it? And, and it's important to remember that all you're doing is you're not teaching them controls. You're not teaching them the aspects of it.
You're helping them understand how those work because they're still gonna be the ones that know better how to develop it. And you can say, okay, that, that makes sense to me, or have you thought about this aspect of it? But that's where consulting comes in too. It's not telling them what to do, just like an internal audit. It's not telling them what to do. It's about providing insights in the way these things work so they can come to the decisions that work best in their departments.
One of the things I often hear chief audit executives who are grappling with this, um, think through is, well, my audit committee and my KPI measurements are really all about how, how many findings I have and how many, what the resolution looks like. And, you know, how do I demonstrate the value of my function if I'm not delivering audit reports every, every quarter and instead I'm spending my time on advisory services.
So, you know, Mike, what would you, what would you say to that in terms of how, how do I talk to my audit committees about advisory services and effectively take credit for the work that I'm doing within business? Well, first off, I can rent for hours on KPIs because I have so many problems with so many of the KPIs people use. And I'd say that's where you go, what are your KPIs? And it, you can literally establish KPIs around advisory services. You know, who's talking to us, who's coming to us?
I know there's some people who do have that kpi. How many people have come to us with how many have come to us with potential situations? So if you have built into your KPIs, you bring that advisory piece into it. Now that does mean potentially educating audit committee. They do not understand the advisory aspect of an internal audit department. Then you've got a lot of education at the higher level that has to go on also. But ultimately, I think that's it.
Do they understand what it is internal audit, the value of internal audit beyond just assurance? And once they understand that, then finding the KPIs that measure that. One of the organizations I've worked with in the past when I was serving in a chief, so I do consulting now, but when I was serving in a chief audit executive role, we got to a point, and this was, you can't always do this with every organization.
'cause you really have to measure the culture of where your business, where the business is and what you can have support to do. But we're actually doing more advisory services than we were assurance based services. And that doesn't always work that way. And you can't always do it that way. However, in that business, it made a whole lot of sense because there are a lot of really immature processes and it delivered a ton of value for them.
The other concept I've thought a lot about is when you can sort of dual purpose the assurance and advisory services. And what I mean by that is when does an assurance project turn into an advisory project? Or when can you, when can you identify something from an assurance side of the house and then have, have another project that layers on afterwards, uh, turn into an advisory services one.
Have you ever seen that or have you ever contemplated, I have some examples, but curious to get your thought. Yeah, uh, I would say in general, I, I cannot think of it. I know what happened, but it does speak to the flexibility that needs to be allowed for people.
I'll throw this quick story in this is a long time ago in an audit department far, far away where on the annual schedule, we were not allowed to change the annual annual schedule in spite of the fact that risks had changed because they didn't know how to go to the audit committee and say, we're changing it, because the fear was that they would look like they didn't know what they were doing. So you have to get beyond that.
But I'd be interested in the stories you've got where it actually did make those changes. I had one time where it was actually an advisory, I mean, it was a financial controls audit. So we're doing it, it wasn't Sarbanes Oxley, but it was very, it was privately private company that had, um, adopted a lot of the elements of Sarbanes Oxley. And we had basically been going through the poor financial processes and we act, we identified a control that passed our financial testing.
And effectively it was a very basic accounts payable control, right? So we had something that was the equivalent of check signatures are signed properly, signed by the person with the right authority before, uh, before sign off passed the test.
It was, it was signed. We saw a lot of inefficiency in that process and what we looked at, and we actually kicked off an advisory project with them where we did a lot of the, you know, risk assessment and worked with the business to really understand where some of the pain points and breakdowns were in the process. And what that translated to was a very large transformation project that the business did and generated seven figures of savings for them in the business.
Because effectively what they had was a legacy, a legacy process where they had an authority matrix with physical signatures on the authority matrix. And they were, they had a team of people that was physically reviewing signatures against a hand stamp that was on invoices. And we looked at them, we said, well passes the control. And it works highly inefficient and doesn't really generate the value that you can within the business.
So for us, we used even something that was the equivalent of a sarbanes oxley process to identify an opportunity for the business, and then we worked with them through a separate advisory project. Those types of things I think are always interesting.
And you know, I've, I've talked to audit functions about this and one of the key questions I always get is about the teams that they have in place and how do I, how do I develop talent so that we can have resources on our team that aren't just just quote unquote checking the box, but instead really looking for things from a holistic lens of how you, how do you improve the business? What do you think about that side of things in terms of the skill sets that might be required here?
And do we have them in internal audit functions now or do you think we still need to do a lot of work around training? Well, desperately hope we have most of them in internal audit departments. I know there's a lot that don't, but right off the bat, that flexibility I was talking about back in the old and old and olden days, we had IQs internal control questionnaires. If any of you out there remember what they were, you know, why we hate them, you know, it was yes no, and you were done.
Well, we've learned to be ask questions that lead to things. And we, the really good audit work is that work that not only that is not only following the kind of questions that need to be answered, but listening to the answers to see which direction to go. And that's where you start building that. Wait a minute, this may not be a control, but this is something important to look at.
So it's, it's the developing the listening skills, it's developing the interviewing skills, it's developing you, coming back to relationship management so people will talk to you. Um, that's such a big thing. Even the one you're talking about, it sounds to me like this was, Hey, we talked to people and we found out this was happening, this was happening. And having a mindset beyond, I'm just doing assurance.
Yes, I may be doing an insurance audit, but that doesn't mean I can't be looking for broader and more impactful things to do. I mean, you could be in the middle of an audit and I'd love to come up with an example right now, and I can't off the top of my head, you could be in the middle of an audit and somebody realize, what am I doing this audit for? I mean, I'm wasting time at this point because I've got bigger issues in this audit.
I've got bigger issues in this department than this little snapshot of internal audit assurance that I'm doing. And so one, having the flexibility to listen and make those changes, and two, having the flexibility in the, in the higher ups to say, good idea. Let's do that. Let's cut it, let's move it. And that comes all the way back then to your comment about how you're showing the board value because value is the key to it.
Assurance is a value we provide, but if we can provide a broader value, something impactful to them that isn't always assurance, then that gives audit executives the opportunity to make the changes they need to, which give the auditors the changes they need. Well said, well said. And I, and I think when I take a step back and I think about all of these things, one of the things I was most excited about in the new standards, right?
So as, as I probably mention every time I speak, we have a new set of global internal audit standards that were just went live this year with topical requirements that are now, uh, you know, officially in in place, right? The cyber, the cyber topical requirements just came out in this month, in February a couple days ago. And one of the things that I think the new standards are really supportive on, and I was really excited to see this, was that there's the concept of advisory services.
And I think when we think about internal audit and we thought about our standards and we think about where we see the practice of internal auditing going over the next 10 years when we do our visiting, I think advisory is really the place where we're gonna start delivering value. We always talk about that we're a group that wants to have a seat at the table and we want management to come to us and bring us problems so that we can help them think through them.
And this is the place where I see us being able to deliver on that promise within businesses. And I think ultimately when I look at the new standards and I look at how we're starting to assess internal audit functions and the concepts of, uh, advisory services, it's very pronounced in the new standards and it's very pronounced in the topical requirements as part of those standards.
So even when we look at things like the new cybersecurity topical requirement, how do we apply them to advisory services? They're not necessarily required for advisory, but they are written in a way that we can take elements of them and think about the governance process of a, of a cybersecurity operation within business or I or any other information security apparatus.
And as we continue to develop more topical requirements and really continue to evolve our standards to meet the needs of our profession, I think you're gonna see more and more of that come down the pike. I wanna get into, again, back to the concept of the mindset. And I think you're right, the standards are allowing us to have a mindset that allows us for more of that change. How do auditors get that? And again, I come back to a mindset, and the reason I mentioned mindset is I was very lucky.
The audit department I came into, we were doing nothing but assurance, but it still had an advisory aspect to it. And as we went on more and more I was learning and I was then teaching my, I almost had to reverse engineer how how I got there. It was not about a control, it was about how things ran better. Now if a control helps things run better, then that's what you're looking for.
We did a lot of, I was with Farmer's Insurance, we did a lot of audits of our agents, I can't even remember, thousands of agents every year. And I learned quickly and I trained others quickly. You do not tell people you do this because it's a control, especially these were independent contractors. They didn't care what we had to say. Instead you had to show them how it made them run their business better. That's the mindset even in an assurance audit that you need to have.
How are you making them do their job better? How are they allowing them to get their job done better so that they can get more work done more efficiently rather than look, gotta control, gotta control, gotta control. Yes, control's a great story, but that cannot be the end all and be all of it.
And in a lot of ways, when you think about some of the pain points our stakeholders have with audit to the traditional audit reports that happen with advisory services, you know, we could, we could also get into debates about the, uh, traffic light colors or the A BC findings or satisfactory versus unsatisfactory and all the different terminologies and definitions that audit departments use.
One of the nice things about advisory services is it also takes you away from some of the things that the, the pieces of this that don't deliver as much value. So for me, I've always been, maybe this is, this is my own views is not the I a's views, but I've always been, been a bigger proponent of the issue is what matters to me more than the actual rating itself. And as long as I use that issue to drive change, positive change within my organization, that's really all that matters.
And when I think about, and I work with Chief Audit Executives about how do we actuate advisory services within their departments, one of the things going back to audit committee reporting and management reporting is the way we quote unquote go back to the concept of taking credit for what we're doing with them within the business and reporting. We get into more dashboard like views and, and presentation views.
And it's less about here's the number of findings we found in more just here's the number of conversations we've had with the business. And you know, if you want to count a KPI think about how many times management gets asked you a question throughout the year. And if you start tabulating and counting that, it's a pretty impactful statistic.
If you can go to your audit committee and say, you know, I responded to a hundred inquiries from management this quarter and things like that and how we report on it. I've seen departments do things like, um, field memorandums when they start doing an advisory project where they're just writing a memo about what they did to, to the file. And that gets reported to the audit committee. Um, and there's a, there's varying natures and extent of this, uh, of this.
And I think, you know, we're, we're all sort of figuring out the best ways to report on it and how to deliver some of those results. But one thing I do like is that we're finding ways to do that in and it's ways that provide visibility and transparency into the work we're doing. But really it's, it goes back to the value we're delivering and that people are seeing it and they're asking the questions.
That brings up another point, and this was probably getting a little too high and esoteric, but that's too bad. Uh, you know, they, if we sell ourselves, that's wonderful, that's beautiful. That's what we should be doing. It's our customers selling us that really makes a difference. So that if we're in a committee meeting, audit committee meeting, I was in one of these one time where actually the bigger advocate was not audit.
One of the people sitting on the board saying, they've done this, they've done this, they've done this. And that's the kind of thing we need to strive for. And we only get that by continually partnering. Partnering is probably the best word in the world for this whole thing. We talk about relationship management and all of it. You know, when we do any audit work, are we doing the work or are we working with the client when we do it?
And that, you know, call it assurance or advisory or whichever one you wind up with, you're setting the groundwork for partners working together to make things better. And the minute you come that partner, then that builds throughout the organization and and that grows and that grows. And I'm sorry, I'm tearing up just a little, just thinking about somewhat, Luckily for you, this is an audio only podcast. That's right. No, no One but me gets to See your peers choking up a little.
One of my favorite things to do, um, as a consultanting practitioner is eqa, right? So ex external reviews of internal audit functions, and part of why I get like to do them is you get to understand the inner workings of what's working really well within internal audit functions of what's not working so well.
And to your point on advisory services and developing those relationships with management, having them seek you out, you know, it's a, when you go in, you start doing some interview as part of an EQA process, we very commonly will interview key stakeholders within management. That goes one of two ways.
What I found, you know, one, one way is if they're unhappy with the relationships they've developed with internal audit, they use that as an opportunity to tell you all about the problems and the pain points that they have.
My favorite part of doing EQA is actually when you go sit down with key members of management and you see a really well-functioning internal audit department that's, that's really spent the time and has a well-respected chief audit executive and a team that is delivering on their promises to the business. You hear it in the voice and the tone that stakeholders talk about the internal audit function.
So I was, I was very recently, you know, without sharing any specific names, obviously very recently out in Minnesota and we were doing, we were doing one of these and the level of positivity and the way that they talked about internal audit was a central part of the process. And the team had really spent a lot of time developing key relationships and they, they saw them as key stakeholders.
And time and time again, every single time I spoke to a stakeholder in management, the first thing they would talk about was the value proposition, value proposition of internal audit and how they see us as someone that they want to bring to the table because we are delivering value and there's a level of trust.
And it was talked about in such a, such a way of reverence that I wi I wish I could have heard that at every function that I, that I visit because they weren't executing on advisory services quite well. You'd hear the business say, I was gonna go put in a new process, but I really don't wanna do that until I ran it by internal audit. And I talked to them about the different oppor, you know, opportunities and risks and controls that needed to be in place.
And you know, we had the auditors with us every step of the way from the ideas ideation stage all the way through implementation. You know, just hearing some of the words people are using. To me that's an example of a really, you know, highly functioning department. And you know, I think if you kind of work backwards at root into some of the root, we always do root cause analysis when something negative happens.
But when something positive like that, and you think about the root cause analysis, it goes back to the leadership and the style and the, the way that they are doing their planning at the end of the day.
And sorry, there's a question here, I'm just meandering a little bit, but when you think about the planning of an internal audit function and what makes a highly effective CAE, um, and their leadership of the team, what do you think are, you know, are the CAEs that are here or audit leadership that are listening into this can do to really effectuate some of this change within the group? Um, when, when thinking about it this way from a relational perspective?
Yeah, and I'll, and I'll go to buzzwords right off the bat, what's your vision? I know that's a buzzword and I know we all have our objectives and our visions and all that kind stuff because what you've gotta have is something that can be articulated. Most audit departments have something that looks like it's one half of the i i standards, you know, just goes on forever can.
So the point is, have you got something concise and easily understood so that you can, you can explain this and live that vision for the rest of the department so that then also when the executives happen to be talking to your auditors, what do you do for a living? Bam. They've got it. It just so happened that farmer's insurance, we had a knife came up with something that just worked for us, creative solutions to customer needs.
And every auditor could tell you what the customer was, what their needs were, what the solutions were, and how we were creative. And from that, you know, we're talking basically about having an elevator speech to give to the executives or anyone you talk to so that they understand the value that's being provided. And that had to be quick because our executives were on the third floor. That's quick, that's elevator.
But in, in other words, does the leader know what the heck the team is trying to do to accomplish? And do they have this vision of advisory beyond a, can they articulate that? Do they live it? And then does it get driven down to the point where the people at all levels can do that same speech to everybody throughout the department, through throughout the company?
You've hit on a lot of really important parts, but one thing you said that kind of goes back to something I had said earlier too, which is so under, you know, it's really understanding our stakeholder needs, right?
So you wanna, that elevator's pitch and the vision of the department and aligning it to the organizational values and the culture, you have to know and develop your taxonomy and the way you talk about things to fit the organization that you are not, you know, we could write a book about this and effectively if you said, say these 10 things, it's not gonna work within every organization. 'cause different personalities, different cultures exist.
And part of how and why we embed, whether you're embedding as a consultant, as an external consultant coming in, or you're an internal in-house internal auditor, it's all about understanding the people and the culture and developing your vocabulary in a way that you can say things that influence change within the organization.
And to me that's, that's ultimately whether we're doing an assurance based project or an advisory project, if I were to summarize as simplistically as I could, what is the purpose of internal audit? It's to really influence positive change within the organization. Now we have to do that in very careful and we deliberate ways and that's why we have standards. However, the best practitioners that I have seen, they are masters of influence.
At the end of the day, we, we go into an area that we don't know a ton about always, and we have to identify issues and we try to facilitate change happening in those issues without us actually having any direct oversight or control ourselves. And it's all about influence.
So the nature and extent of what we're doing on the assurance side goes back to the same thing we're trying to talk about on the advisory side, which is how do you influence a stakeholder to deliver on the commitment to the organization? And you brought up a key one, which is alignment with our client needs. And a fascinating thing. I cannot overemphasize the need to pass information throughout the department. I know an auditor out there who, how come I didn't know this?
Where was this information? I needed to know this, wait a minute. And then there's something, and it happened to me too, you know, next thing I know I'm, I'm a manager and I'm thinking, oh, they don't need to know all this.
Oh no, they did, you know, over inundate people with your auditors with information about the organization, about the departments and what's going on with them, if it's something they don't need in and out, but it may be something they want, getting information about the organization is the only way auditors can be effective.
And it helps them too, as you mentioned, we go into departments, we dunno what's going on in a lot of them or what's happening, and if we walk in just a little too naive and, uh, tabular, we'll get eaten alive, whereas we got at least a background information to understand what they're doing and we can prove we're gonna add value to that, then it's that much better.
This was a, you know, maybe it's not a a diplomatic way to say it, but early in my career when I first started, I was, without saying their name, I was at one of the big four public accounting firms in an internal audit, co-sourcing practice where we would go into, uh, large internal audit functions. And I was a 20, you know, 22-year-old right outta school. And I didn't know anything beyond what I had learned in class.
And I had to go into CFOs and CIOs offices and try to tell them that they were doing or not doing something correctly. And, you know, there was, there's no way as a, even even someone now that has more than a couple years of experience, uh, I won't say how long, but, um, it's, it's, no, it's really the technical expertise that we have. There's obviously a requisite amount of that that you need to have to be successful in your career.
But so much of what we're doing in this day and age, very similar to what you and I talked about when we had the, our last webinar around soft skills. So much of our success or failure isn't about our technical skill sets or abilities. It's about how we can develop relationships and how we say things in a way that influences, influences the decision. And, and to me that that's really the critical part here. When you get into advisory services, it becomes more and more important.
And if you're chief audit executive or a leader or early in your career practitioner that's trying to figure out how do I do this more and get more experiences? And one of the things I did early on was I just said yes to a lot of things to be, to be honest. And I got a lot of, a lot of experiences in a lot of different places, both within my day job. I was a volunteer for the I I a early on. I, I was, you know, looking for every opportunity to get in front of people.
And all of those interactions on top of developing a network really helped me to craft my story and the way I could talk to people to help advance, advance what we were trying to advance. And then talking to people may, we've kind of hit this in a couple of different ways, but I'll go back, maybe this is the way I even started it. We have to go in talking to people, working with people, not like we're auditing.
We have to go in like we're consulting and your mindset's instantly different when you think I'm consulting with these people. Now that doesn't mean you're not doing insurance work, but you're still, it's, your mind just works differently when you go, I'm consulting with them, I'm part of the team as, as opposed to, you know, we still have a lot of people out there that think they're internal auditors and you know, they, there's still a lot of cops out there. A hundred percent. It's well said.
And you know, the other thing I would just say is if you're a practitioner thing there, there's, if you're a practitioner earlier in your career or a ca looking for opportunities for your team, training is always a good opportunity. But there are mentor, yeah, I, a a for example, has a great mentorship program where you can connect, you know, connect someone earlier in their career with someone more senior and it gives them another input.
And it's really just all about getting more inputs into what you're doing so that you can develop some of those skill sets and, you know, look, look to some of the practice guides that are out there, but talk to your peers about what they're doing from a, from an advisory services perspective. Because I think you'll find that no two departments are doing it exactly the same way. A lot of us are figuring it out. There's a lot of best practices that are out there.
So as we go to different events and conferences and as we get, get in person with people, I mean, so much of those interactions is where, you know, where these ideas formulate and how we, how we get better at what we do. Well, and you and I, this last one and this one, we've thrown out about 60 12 different ideas, you know, and so when you're hearing this and you're going, well wait a minute, I want more on that, more on that, more on that. Obviously the IA is a perfect place to start.
A lot of other resources obviously out there too, read nonstop, look for what's out there. But yeah, find what, find what interests or find where, you know, I need some help and start digging and going into it. And if you see Mike and I at a conference, feel free to flag us down. We're happy to always talk about it as well As you can tell, They keep inviting us back, Mike, so we must be doing something right. Well, No comment. Well, thank you very much for your time today.
We really appreciate it and looking forward to seeing you soon. Okay. Thank you much. Thank you all. Are you concerned about security in the age of ai? Join the IIAS 2025 analytics, automation and AI virtual conference on April 24th. You can hear from industry experts how cutting edge technology is transforming internal audit by securing your spot and registering today@theiia.org. If you like this podcast, please subscribe and rate us. You can subscribe wherever you get your podcasts.
You can also catch other episodes on YouTube or@theia.org. That's THEI a.org.