Internal Audit departments are being asked to deliver deeper insights and value beyond insurance. This starts by providing business units with more insight and foresight than hindsight, and adopt a strategic- approach that focuses on key initiatives.

The added value also refers to delivering better visibility on risks and helping the company handle the changing nature of risks.

The need to leverage technology and increase the use of analytics, all along the internal audit phases is tied to the challenge of finding the right people with the right skills. 


Focus on most critical risks to enhance audit plans and work programs

MEGA’s HOPEX solutions support Internal Auditors in every step of the audit cycle, from planning, preparation, execution to reporting, using a risk-based internal auditing process.

All the information and data about risks, controls, business process and how they connect are stored in the same shared repository used by Internal Auditors to incorporate risks assessment into the end-to-end internal audit process.

This enables Auditors to focus on the most critical risks to prepare audit plans, link back updated risk assessments after audits, and follow up on risk treatment.

Prepare Risk-based Internal Audit Plans

Integrate risks assessments into the internal audit plan and work programs:

  • Build audit plans based on reports outlining the results of prior audits, action plans that have been implemented, and the risk analysis and incidents reports by business processes and business units
  • Allocate staff and assign auditing tasks according to internal auditors‘ skills and availability
  • Prioritize audits, with high-priority audits validated by workflows and low-priority audits not needing to go through a validation step

Integrated Internal Audit Execution and Risk Assessment

Assess risks during audit execution through flexible and contextual risk assessment process:

  • Get observations and supporting documents from the operations using questionnaires, and link audit recommendations to one or more of these results
  • Connect risks assessments to auditing activities and findings, and assess all risks together right at the audit level
  • Automatically track the progress on audits and review observations, and analyze, consolidate, and communicate on the audit results and risk updates using a validation workflow at each step

Follow-up on Internal Audit Recommendations

Use instant reports and dashboards to follow up on recommendations:

  • Link recommendations to the aggregated audit test results and draw up action plans based on deficiencies identified by the auditors
  • Follow up on recommendations with instant reports and dashboard, using a selection of criteria such as risk profiles and risk assessments updates
  • Set up automatic alerts to make sure action plans are implemented by a given deadline