Dear Friends,

 IIA Madras chapter held Annual Conference on 16 and 17 july, 4 pm to 8 pm. A galaxy of eminent speakers shared their knowledge, experience, and wisdom on various relevant and current topics like Zero trust, Future of audit, Velocity of Risk, CEOs' expectations from Audit and risk professionals, entrepreneurial mindset, education, and rural development, emerging technologies. On the first day Eminent speakers and panelists  addressing the elite gathering were Mr. Sundeep Sikka, Mr. Sridhar Ramamoorthy, James H Wanserski from the USA, K S Sreedharan, Sharad Mathur, Sridharan Rangarajan, Kalpita Nassikar, Ravi veera Raghavan, Sathyananda Prabhu, Krishna Chaitanya, Sri. Sridhar Vembu

 I have picked a few Gems from their presentations for your ready reference and application in life, which I am sharing here below.

 

  1. An audit is not about finding issues, it is about identifying what can be done better in the area audited.
  2. Cracks must be addressed to ensure buildings do not crash. This is about timely action on audit findings. Auditor also has the role of ensuring the actionable agreed upon are put in place by management.
  3. Japanese give a lot of importance to risk management, that is the reason of the 1500+ companies flourishing even after a half-century, 1200 are from Japan. Risk culture plays a major role in the long-term sustainability of businesses. How CxOs see the risk is vital for sustainability.
  4. Risk framework is more important than market practice for the long-term sustainability of the organizations. Never be carried away by what is the market practice.
  5. Changes, especially technology changes, are so fast, it is very difficult to visualize the future. All risks cannot be visualized, but then resilience plays a vital role when the unknown suddenly hits. Managing the Unknown unknown is very important.
  6. You need to be dynamic and keep reinventing to be the frontrunner. Continuously looking at new risks is the role of all three lines of defence.
  7. When the number of variables increase, the multiplying impact of risk multiplies exponentially. As one plus one is three when it comes to risk, every addition of variable increases the possible risks exponentially. Humans fail. Risk Models do not work because we identify one or two factor in each of the models and if we add multiple dimensions, it becomes very complex and unwieldy. Managing such complexity is a tough challenge.
  8. The great dilemma of 21 st century is the Velocity of risk. Managing risk at the speed of change is a challenge.
  9. DO not allow urgent to drive away important.
  10. In pandemics, we have seen both demand-side disruption and supply-side.
  11. In fraud detection and investigation, it is behavioral forensics more than accounting, Mindset of the Fraudster. process controls should move to technology controls. Organizations must be aware of fraud risks.
  12. Reducing the resources from control functions to cut fat, should not result in cutting the muscle. Audits have to be risk based.
  13. Auditors should have a clear understanding of the business for them to be successful as auditors. It is where an internal-internal auditor is better than an external-internal auditor.
  1. Technology needs to be leveraged by auditors for audit effectiveness and efficiency.
  2. Treat velocity of risk, consider risk appetite and risk tolerance.
  3. Agility and resilience are very vital for sustainability.
  4. We have to have a safety cushion. Should not be guided completely by market forces. It is a perfectly adapted species that is going to perish first when the environment changes. That is the recipe for disaster.
  5.  In the year 2010 Forrester coined “ Zero Trust”  . Trust but verify. Verify explicitly. No implied trust. No resource is inherently trusted. No implicit trust zones. Assume breach.

  1. It is about network and access controls. The goal of zero trust is to prevent unauthorized access. The granularity of access controls is very important. Least privilege access.
  2. For zero trust implementation, important components are Subject database and history, asset database, threat intelligence, access request, resource policy, Logs. Zero trust architecture has to consider the Seeking resource and resource that is sought.
  3. Strong authentication, policy-based adaptive access, Micro-segmentation, data classification and protection, anomaly detection, use of AI.
  4. Next-generation CEOs are going to be Risk managers.
  5. Technology is not a specialized skill anymore. Auditors cannot ignore technology, cannot leave it to specialists.
  6. Though compliance is important for an auditor to look at, more important is advising on future risks. Audit Scope development for 3-5 years and being agile then is important to manage risks.
  7. Willingness to contribute to the values of the organization is very important for an internal auditor.
  8. Software tools, data mining, RPA, AI, predictive analysis, cyber risk are important areas for risk professionals to learn and develop.
  9. For audit, qualification may not matter much. It is training the mind to be analytical, business understanding is important. External auditors may not be relevant in the long run.
  10. Claim that with a strong and committed first line, the other two lines are not important is not valid. One strong wall, however strong is bound to fail, different layers of walls are vital so that when one line misses the risk, the other one catches.
  11. In R&D projects managing the risk is very challenging. The difficulty is not in ensuring trains reach always on time, the difficult part is identifying and laying tracks in hostile terrain and ensuring completion on time. Many unknown unknowns will be there. Predicting in research projects is  like while making a movie, predicting the probability of it becoming a box office hit.
  12. People are to be inspired and they have to be passionate to be successful and deliver on their role in the organization. Swami Vivekananda mentioned this in his speeches.
  13. Entrepreneurial thinking is important for auditors also. Every industry now is data-driven and software-driven. Data is the new oil for the engine of the economy.
  14. It is not IIT education that makes one successful. It is that top talent enters IIT because of strict screening. Human has tremendous potential which needs to be trained, passion and inspiration are what is required. Ego is the biggest stumbling block to be successful. One needs to be humble.

 

Comments

Post a Comment

Popular posts from this blog

Dear friends, Following is the article published by me in international research journal. http://www.ijirmf.com/wp-content/uploads/2017/01/201701006.pdf Regards, Prabhu
Read more
                     Way of life  for Happy , healthy life / Retired Life I was attending Sneha Milana program of Canara bank retirees Association at Bangalore on Karnataka Rajyotsava day. Shri.Rohit Chakratirtha , noted writer, was the chief guest. Delivering his talk on "How to lead happy retired life" , he rightly mentioned that he being a young person,  it is like a unmarried person explaining how to give birth to a baby  to one who has already given birth to ten children. He with all humility mentioned that he will explain his thought process and what scriptures , life stories of others show us the way. The essence of  his discussion was around life stories of a few late achievers. He mentioned about a survey conducted on On those nearing their end , where 99% expressed dissatisfaction about the life they led and mentioned they did not find or achieve purpose in life. Then he went on explaining the achievers who achieved great success after 60. A person , at the age of 9
Read more
Dear Friends, I happen to come across this beautiful piece of advice and felt quite interesting , practical and life changing.Hence, sharing on this platform. You finish work at 6 pm, go to bed at 12 midnight. Within these six hours, how do you spend them? Watching TV? In fact, the activities you do between 6 am and 12 midnight, the importance of it is beyond your imagination. Too many people believe that, your career is determined by the 8 hours of hard work and effort you put at work, and your future and career progression depend on the boss and the company. But the reality is that for most people, this thing, you are on your own….. Read on…   “Cultivation”, it’s forever dependent by yourself. If you found yourself not progressing in life, you cannot blame and put the responsibility on your company for not grooming you. 1. What you do every night is important My major in college was marketing, but I expect to become a designer. So I practiced
Read more