Organizations face heightened scrutiny over governance practices in the wake of increasing regulatory oversight, economic uncertainty and high-profile data breaches. Utilities are not immune to this intense probe into operations. Over the last several years, events have shaped how directors and board members think about risks and opportunities such as strategic objectives, disaster recovery, breaches and compliance.
Internal audit serves as an independent, objective audit and consulting activity designed to improve an organization’s operations. Although the traditional understanding centers around financial management and accounting, internal audit can evaluate governance, risk and control across a utility’s functions such as human resources, operations, governance and enterprise risk management, technology risk (e.g., cybersecurity, privacy) and organizational strategy.
An effective internal audit function adds significant value to a utility by supporting the board’s execution of its governance responsibilities. Following an assessment of risk, the function should develop an annual plan, which generally consists of high-risk areas and common areas reviewed on a regular, rotational schedule.
A proactive, forward-looking approach to internal audit planning anticipates future needs and emerging risks while securing sustained relevance for the function.
For more information on this topic, or to learn how Baker Tilly power and utilities specialists can help, contact our team.