Hodinkee Podcasts Summary (Part 4)

Episode 10 with Philippe Defour

Defour is a master watch-maker, who is a master in the industry. His ‘Simplicity’ is one of the most sought after 3 handers. He was on the jury of the GPHG. He is more familiar with only the high end segment.

We need to put the human back into watchmaking. The level of service has to step up, for instance, allow buyers to visit the watch factory and see the artisan making it. Brands try to drop the quality in order to cut costs etc, and that can be quite alarming. Young watchmakers are bored nowadays, and may not have the right mindset for the job. It is because the tasks given to them are too repetitive in nature. Hand-finishing is beautiful and is different from a CnC machine.

He still enjoys finishing a watch. Such a watch may give someone tremendous pleasure and that what keeps him going. Defour doesn’t see the industry shrinking although some brands have declined in their standards of watchmaking. Consumers are becoming more knowledgeable as well. Also, the modern generations are less likely to buy a Swiss watch because there are many other competitors.

Defour recommends a brand like Nomos, Lange and Sohne, Rolex etc. Rolex has a good quality for the price and are extremely reliable. Watches are not exactly affordable for the majority of people. Young people need to learn to wear better watches, as some are only keen on Smartwatches. The smartwatch provides a different experience to a mechanical watch.

Episode 11 with Tony Fadell

Tony is a tech guy who helped out in the creation of the iPhone, who is a die-hard watch collector. He used to wear a 5980 for an event. Throughout the years, he has collected 20 or 30 smartwatches and understand their differences and study the trends. He wants a stylish and functional watch instead of a computer. Most people don’t use the Apple watch as just for something that keeps time.

He also worked on the Ressence e-crown type 2 concept watch, which is a function to help tell the time better. The e-crown helps to set the time automatically. If you have a product where people both like and hate it, it’s fine, you can tweak the product accordingly. There is certainly a beauty of winding and setting the watch. The AP RD-2 was a hot release with awesome specs, and admired much by Tony. To me, he felt there was love and care in every aspect of the watch. Watch proportions are the key. You will need to embrace new technologies, in the past, people only carried pocket watches. He looks innovation at every level.

When smartwatches were first released, there were many executives who panicked as they saw it as a threat. Watches will have to evolve, embrace smartwatches or else you will die. JCB eventually created the best smartwatch with Tag Heuer. Tony got his first watch, a Tag, in the 90s. After that, his grandpa gave him his watch. Later, he went to buy a Panerai in Italy. After that, he was hooked on watches. There was a little community in Apple who were into mechanical watches as well. The Apple watch uses a strap-changing technology and allows people to swap straps easily. Since the talking watches, his watch collection has improved further.

He has collected some of the first Pateks in the market. One of his best watches is the Patek 2526. Is society ready to adopt new products? If no, sometimes it could be too early. Technology released to the market too soon, may not work, right thing but wrong time. The watch industry needs to get better in the watch design and production cycle.

Episode 12 with Spike Feresten

Spike is a legend in the comedy world, and is a comedy writer. Ted Gushue helped to connect Spike and Ben together. Spike loved the writing and photography from Hodinkee. He has also been on talking watches previously. Spike contacts Ben and Spike updates Ben when he needs advise on Porsches. His first watch was a Tag 2000 chronograph, which he had bought in a store. This was his first and only watch for a long time. Swatches were popular in the past, and they would climb in value, but eventually there would be a bubble. Later on, Spike used to get Heuers. He bought a 1960s Tonneau Heuer, and he simply loved it. His career involved getting some luck and breaks. Spike is wearing a 6263 PN Rolex Daytona for the show.

He managed to land some internships in the comedy space, including at Letterman. Most people don’t think that comedy writers can make a living. If you have things you are angry about, talk about that for stand-up comedy. Now, he hosts Car Matchmaker programme. Ben thinks about watches that could match the cars he drives. Ben is wearing a yellow gold 6263 PN Daytona. Spike also has a podcast with Ben, on cars and entertainment.

Spike believes in watches that are affordable, like Autodromo. For instance, another brand is Unimatic. James would like an early Explorer 2 as his grail.

Hodinkee Podcasts Summary (Part 3)

Episode 7 with Scott Dadich

Scott works in the media industry. He was firstly the creative director at Texas Monthly and contributed to the Hodinkee magazine previously. He used to work for Wired magazine and is now with Godfrey Dadich Partners, a creative agency in California. During the show, he is wearing an Apple Watch. Vintage Rolexes are his soft spot. He is really in the deep end, and notices the intricacies of vintage Rolex. His first watch was the 1969, 1675 GMT. It can be really fun going to hike with a vintage Rolex Explorer. His gold Sub was one of his memorable purchases. A gold sports watch belies its original intention, but it doesn’t lose its appeal.

There is really something appealing about an Apple Watch, and it is largely because of its design, which has an interesting industrial design. Sneaker collecting can be really addictive and expensive. Scott does collect a few design books and art pieces as well. His top career moments include working with President Obama.

Episode 8 with Adam Scott

He is a professional golfer who has won the Masters previously. He finished 3^rd in the 2018 PGA championship. Wingfoot is a historic golf club, with a rich history. Adam can’t afford to play badly even if it’s social golf. A pro who plays badly is very happy, no matter what occasion. Adam has much admiration for Tiger Woods and his massive achievements, although they are fierce competitors. It was an awesome experience winning the Masters. The Masters has one of the most appeal in terms of a golf tournament.

He is wearing a Rolex 2018 GMT Master II in two-tone Rolesor with a Root Beer bezel. Since 2001, Adam has been a Rolex ambassador and has been into vintage watches in recent years only. Rolex is definitely his kind of thing at the moment. He eventually managed to tour the Rolex factory and that completed changed his perception of the brand. Rolex usually only picks the winners from sports, so that they can wear the watch while they hold the trophy.

His favorite models are Subs and Sea-dwellers as they can be banged around. He has a Comex 16800 and the right provenance and history. Adam has a 6241 Paul Newman Daytona in his collection, and is planning his next Daytona purchase. Other things that he is interested in are furniture and chairs, surfboards etc. His wife wears some of his watches also, and is fine with his hobby. His family is golf crazy as well and introduced him to golf when he was young. The reception at home when he won the Masters was crazy.

When you’re playing good, you think you’ll never play bad. But when you’re playing bad, you don’t know when you will play good again. – Adam Scott

Episode 9 with Keegan Allen

He is an actor/photographer. There is a talking watches episode with him previously. He is wearing a 1675 Blueberry dial Rolex GMT Master II. Avoid using the watch in a pool etc. James is wearing the Tudor Black Bay GMT.

To Keegan, how the way a watch ages matters a lot. It’s hefty, but it wears extremely well on the wrist. An interesting thing about Keegan is that he wears a watch when he sleeps. He loves the ticking of the watch in his ear, like the tonal ping. He has written numerous photography books that reflects his history etc. The Hodinkee Talking watches episode has led to some strangers coming up to him and say hi.

Keegan uses his Leica M6 most of the time. His focus is definitely on street photography and stories. Using images to tell stories are simply awesome. You don’t know what you want until you touch and feel it. It was such an honour for Keegan to be on talking watches.

Watches isn’t an elitist hobby, but it’s a passion. One of his most important watches are the Patek 5164A Travel Time. Watches are one of the only main accessories that you can get as a man. If the watch hobby is not fun, don’t continue and do it. When you wear your favorite watch piece, it simply feels good. It used to be seen as tools in the past. Although Keegan has his grail, he still feels passionate about watches.

Watches can definitely outlive you, and take on a life of its own. A travel watch (GMT) suggests freedom, adventure etc. It is extremely hard to get a steel Rolex at the AD nowadays. Who you know at the AD matters. It is extremely hard to get a steel sports Rolex at the airports at the current moment. It can be scary to scratch up your gold Rolex, and one needs to be careful with it.

Hodinkee Podcasts Summary (Part 2)

Episode 4 with Om Malik

He is a partner at True Ventures, a Venture Cap firm. He is wearing a beautiful Grand Seiko SBGR301. He and Ben went shopping in Paris and Wempe. True Ventures is one of Hodinkee’s biggest investors. Om does not appreciate people talking down on others’ collections. To him, to his each own, and is it important to respect someone’s collection.

Affordable watch coverage is important. Om has watches like Grand Seiko and Nomos (Nomos Zurich etc). Grand Seiko is really under-rated in the industry but it is gaining prominence. Even the Seiko Presage range is outstanding. Watches are an emotional product and means more to you rather than anyone else. His preference is for smaller brands, likes Ochs Und Junior, which are incredibly innovative. People who know watches will recognize Grand Seikos and realize that their finishing is outstanding. Some Swiss executives see the Grand Seiko as a threat.

Swatch did not see the Apple watch coming and should have innovated more. For the Apple watch, it’s more about its functionality and not so much about the time. The Apple watch has potentially health features. There are some who do not like quartz watches.

Quartz watches don’t have the same feel, charm, fun factor as a mechanical watch. The outstanding GS 9F Quartz, Longines VHP watch is something to aim for. Dismissing quartz watches is what some watch guys do. There is a certain pseudo-intellectualism in the watch community, which is to show off something that you know, even though you don’t know much. The pursuit of watches can be incredibly rewarding.

Om bought a Moser. It can be fun to save a bit every day before buying a watch. Do your watches bring joy to you? If no, please stop. The line between collecting and hoarding is very thin.

Om is working on a book of photos actually. He aims to slow down time by going on long photography trips. Hodinkee provides the platform for people to engage in their watch fanaticism. It gives people networking opportunities etc. Many of the employees working in Hodinkee really loves it. The Hodinkee meetups are heavily oversubscribed and provide so much joy to people who attend. Om loves PSM (Speake Marin) watches. Ben places a lot of emphasis on the dial, more than the case, like his Patek 2526, his Eberhard chronograph.

When you buy watches, you need to wear them, and not simply keep them in a safe. Watches need air. If you wear it often, price-per-wear definitely reduces a lot. Most people end up acquiring things for no reason. For everything that you buy, think about its happiness quotient? What is the happiness that the object can bring? Never live your life based on what others think. Remember that happiness definitely comes first.

 

Episode 5 with Eric Ku

Eric is well respected watch dealer/collector in the industry. He is the guy to go to for vintage watches. He is wearing a Patek 3939, which is an enamel dial, minute repeater tourbillion. Since young, he had a fascination with mechanical watches.

In the 1990s, the Daytonas and Explorers grew in popularity. In the past, arbitrage for Rolex Explorers could be done. His first vintage was a Red Sub, in 1998. In his early days, he made some mistakes, but gradually he started learning from his mistakes. Watch knowledge and nomenclature was not documented on the Internet yet. Dealers will try to push the prices on something if they find something rare, but it is the market that dictates the pricing. Five digits Rolex prices are shooting up, even though they are not rare. As time passes, there are more vintage watches that are coming up, due to them ageing. This is also known as the ‘New Vintage’. People appreciate the smaller sizes of the older Rolexes.

Many retailers are not getting good allocation of steel sport Rolexes. Prices are shooting through the roof, but will they collapse one day? Pre-own watches are getting more common nowadays. Things are cyclical and prices will drop someday. What comes up, must come down, but there might be a slight upward trend. The pool of vintage keeps shrinking, as watches get lost/damaged etc. Auction records is like navel gazing and you can compare with previous auction prices. In a way, auction prices help to reflect the enthusiasm of the product. The truth is that there are so few that can afford 7 figure watches, so the auction records don’t mean much. Prices crashed in 2007/2008. In every business, there are good and bad times. The ultra-rich class has grown a lot more.

It’s very difficult for a newbie to get into vintage watches, 1675 and 5513 as they are more than $10,000 or more. Someone like that could consider other brands, like Cartier, Universe Geneve. Nomos makes a good watch for the price. The modern Rolex is now out of reach to most people. His first watch that cost over $10,000 was a Vianney Halter Antiqua. Eric really supports independent watch-makers. He appreciates brands like Gronefield and Cartier. Cartier produces timeless designs, like the Cartier Tank Cintree. Early Cartiers are really rare and desirable. Bubblebacks were popular, but fell out of favour recently. Large watches are over-rated. There is a trend nowadays, where brands are making smaller watches.

Rolex 36mm are the best fit. Good design is always timeless. Eric recommends 34mm Rolexes from the past, for about 2 to 3k. The good thing about Rolex is that they can retain their value well. Vintage gold Rolex watches are undervalued at the moment. Two important lessons are (i) condition of the watch (buy the best version based on your budget); (ii) buy what you like. Spend time to research about what you like.

Eric is really into food and trying our excellent restaurants as well.

 

Episode 6 with Todd Snyder

He is the founder of Todd Snyder brand of clothing. Cara has worked with Todd and has provided vintage watches for them to sell. Todd’s store is to be the one stop shop for a guy. Everything in the store is really edited and curated well. You can get everything in Todd’s. There are over 2,000 books for sale in the store.

Todd got inspired and worked for Ralph Lauren eventually. He brought a few Timex, Tudor Black Bay Chrono, Tudor Ranger and a Rolex as well. Since young, he has always worked in clothing stores and with tailors. He has always been interested in how garments were made etc. If you want to be the best, work for the best. Knowing the basics of clothing is the key. Working for Ralph was a dream come true for Todd. Todd even offered to work for free just to get to work for Ralph, and it worked. His advice for kids are to ‘work hard, innovate and be nice’. If you have poor attitude, you won’t go far in life. Todd has also worked in GAP and JCrew, key American brands. Ralph always reinvents iconic fashion and created their own styling to it. Todd tries to reinvent the basics and improves on them, making them very desirable.

He is also rather big on collaborations, like with RedWing etc. Todd would love to collaborate with an interior designer/architectural firm. The Timex Marlin collaboration was a huge success. Timex is one of his favorite brands, as his Dad owned one previously. He is definitely planning some more collaborations in future.

Tudor is definitely the value for money brand, as compared to Rolex. For clothes, it is really important to start off with great basics which fit well.

Hodinkee Podcasts Summary (Part 1)

Episode 1 with Ben Clymer

He was not interested in finance/consulting career and realized that after his role in banking. Started writing about grandfather’s watch on Tumblr and then Squarespace. It started off as a hobby. Back then, finance was the place where everyone wanted to be.

The first Hodinkee post was about the Eric Clapton’s Paul Newman Daytona. Gandhi’s watch, Einstein’s watch started coming up for sale at that time. He definitely has a flair for writing/photography and wanted to marry the two things together. The whole journey has been fun, especially meeting the press, going on press trips etc. Not many believe that one can start a career in the watch industry. The press trip by AP in 2009 was exceptional and really eye-opening, and it was really surreal. The hyper-lux world isn’t something that many are familiar with and can relate to.

Meeting Jay Z and writing for him, as well as meeting John Mayer were moments he knew that times changed and that Hodinkee was for real. Hodinkee started selling straps with vintage feel at the start. John Mayer also started writing for Hodinkee in 2012. He was also the first to be filmed for the Talking Watches series. The moment Stephen and Will joined were also massive highlights.

Hodinkee has a staff strength of 28 now, including full-time designers and engineers. In 2014, a large company offered to purchase the brand. In 2015, Watchville was launched. Other editors that were hired included Jack, Cara, John, James etc. Hodinkee’s audience is really educated and sophisticated.

Most of the time, it isn’t the best idea to get a cheap version of a certain watch model and it’s better to get the best version of a particular watch. Some of the common questions that people ask are what are the good investment pieces? Can you get me a discount on a watch? How does the name Hodinkee come about? Hodinkee means wristwatch in Czech.

Hodinkee is good at being the bridge between the hyper-lux world and reality. There could certainly be room for improvement in the watch boutique experience. As people decided to buy watches because of Hodinkee’s articles, this showed other watch brands the power of marketing. This proves that Hodinkee has plenty of might in terms of marketing and their e-commerce site. Almost all their limited editions have been sold out. Hodinkee propagated the love for vintage watch and new watches that had a vintage vibe. The ideas behind the limited editions are truly an organic process and fun. Almost all the limited editions have been great successes.

Ben’s grandfather gave him a Mark 40 Omega chronograph when he was 16, and that started Ben’s love for watches. Cars and cameras are a big thing for Ben as well. He plans to stick around to grow Hodinkee further. Success is not guaranteed even if you were successful before with a previous venture. Success is never easy.

Episode 2 with Gary Shteyngart

He wrote an article on watches for the New Yorker in 2017. His upcoming book is ‘Lake Success’. Gary is an author and watch collector and a strap tanner. His watch collection started in 2016 and he was originally from Russia. One of his first few watches is the Junghans Maxbill (Bauhaus design), Nomos. Mid 20^th century was an awesome period. He grew up with an electronic Casio musical watch. His taste isn’t gaudy, but is anti-ostentatious and doesn’t want people to notice them. In the past, watches for most appeared to be too large.

The signaling of watches is very important, especially in rich cities like Singapore. It is a natural breeding ground for luxury watches. The watch community is so small, but meeting someone who is into watches is incredibly inspiring. Watches are certainly a very pricey hobby, especially if you are vintage Rolex. If you are bad at driving, a Rolex Daytona just doesn’t fit your image. Gary loves GMTs and divers. Desk divers are great as well and it helps to aspire to things. The Omega Speedmaster has a rich heritage as it has been to the Moon and is commonly known as the Moonwatch. William Gibson is one of Gary’s inspirational writers.

Gary bought a Rolex Explorer 1016, which is simply a lovely watch. He owns a 1675 GMT-Master II, and a Patek 3445. The vintage market is kind of heated, unfortunately. To him, movements are important but they are more difficult to understand, unlike dials. Seamasters with the 321 movements are super rare and desirable. The one watch man is simply a dream to many, like an aspirational goal, like a unicorn. As a matter of fact, faux-patina is not something that he fancies.

Nostalgia is a big thing in the watch industry nowadays. With a trend of nostalgia, how will brands create anything new and appealing to the market?  Oak and Oscar borrows vintage cues, but makes it modern as well.

When you own a mechanical watch, you believe in the traditional craft and the beauty of time. However, when you check the time on a phone, you are constantly distracted. It’s like physical books, there will still be a market for it. The apple watch does different things as compared to mechanical watches, and is unlikely to displace them. It probably isn’t a good idea to treat watches as investments. There are plenty of good vintage watch finds in El Paso.

Episode 3 with Rian Johnson

He directed the latest Star Wars film. Twitter is like a war. Rian is wearing a beautiful Rolex Explorer 1016 (1965) with a tropical dial (caramel colour). There is an element of engineering to screenplay. He doesn’t like writing, but he is a producer and director at times. Rian obviously prefers being the director. He bought a Speedmaster (pre-moon, 1969) when he was picked for Star Wars. Each of his watches has a story, and says a bit about particular moments of his life. Sometimes, you even know the history of the watch that you own if it’s pre-owned. Now, he has appreciated vintage watches. He wore his dad’s watch during film shooting, in order to re-connect with him as he passed away. Patek’s 3417 Amagnetic is one of his grail pieces.

SSA 300 – Planning an Audit of Financial Statements

Good planning can really help to focus the audit and make it more efficient and effective.

The objective of the auditor is to plan the audit so that it will be performed in an effective manner.

Engagement partner and key members of the engagement shall plan and discuss the planning with the team.

The auditor needs to perform procedures on client relationship and engagement, evaluate compliance with ethical requirements and understand the terms of the engagement.

The audit plan shall include the nature, extent, timing of planned audit procedures and also the resources required to complete the audit. The audit strategy can be modified as the audit progresses. The extent of supervision also needs to be planned.

The audit plan and strategy must be part of audit documentation (can be memorandum form, checklists etc). Significant changes to the audit plan needs to be explained. Planning needs to consider things like analytical procedures, understanding of legal framework, materiality, involvement of experts etc.

Singapore Standards of Auditing 200 (SSA) Summary

SSA 200 Summary

This SSA concerns the responsibilities and objectives of the external auditor when conducting an FS audit.

The purpose of an audit is to express an opinion on whether FS is presented fairly, in all material aspects, or give a true and fair view in accordance with the financial reporting framework. There is no need to provide assurance on viability of business, efficiency or effectiveness of business processes or effectiveness of internal controls.

The auditor needs to obtain reasonable assurance (high level) about whether the FS as a whole are free from material misstatement, whether due to fraud or error. Audit risk (function of risk of material misstatement and detection risk) should be reduced to an acceptably low level. This is the risk that auditor expresses an inappropriate opinion when the FS is materially misstated. Note that reasonable assurance is not absolute assurance.

The auditor needs to apply the concept of materiality (FS and assertion level for classes of transactions, account balances and disclosures). Auditor is not responsible for detection of misstatements which are not material to the FS.

The SSAs requires the auditor to identify and assess risks of material misstatement (ROMM), obtain sufficient and appropriate audit evidence and form opinion on the FS based on conclusion from audit evidence.

If reasonable assurance cannot be obtained, the auditor should disclaim an opinion or withdraw from the engagement.

The management and those charged with governance are responsible for preparing FS in accordance to financial reporting framework, appropriate internal controls over financial reporting, provide auditor with unrestricted access to information for the audit.

ROMM comprises of two components, the inherent risk component (higher for complex transactions and those requiring accounting estimates) and the control risk (cannot full eliminate ROMM due to inherent limitations such as human errors or mistakes or management override of controls) component.

As per SSA, the auditor needs to comply with relevant ethical requirements (ACRA code related to audit of FS and Integrity, Objectivity, professional competence and due care, confidentiality, professional behaviour), exercise professional scepticism (critical assessment of audit evidence, looking out for fraud risks, looking out for reliability of evidence) and professional judgment (materiality, extent of audit procedures, evaluating management judgments, drawing conclusions based on audit evidence) in planning and performing the audit.

Auditors have to comply with all SSAs that are relevant to the audit. If there is a failure to achieve an objective, there may be a need to modify the auditor’s opinion or withdraw from the engagement.

As part of preparing the FS, management may need to exercise judgment and make accounting estimates which are reasonable in the circumstances.

Management and those charged with governance have to acknowledge and understand a set of responsibilities for accepting the audit engagement.

The auditor must be independent both in mind and in appearance. This is to enhance the auditor’s ability to act with integrity and be objective and to maintain professional scepticism.

Refer to SSA 220 for quality assurance and partner review requirements.

Detection risk relates to the nature, timing and extent of the auditor’s procedures that are determined by the auditor to reduce audit risk to an acceptably low level.

Some of the inherent limitations of the audit include information that is withheld by the management and complicated fraud schemes which is difficult for auditor to detect. Auditor is also not trained to authenticate original documents. The audit must also be performed within a reasonable time and cost. However, despite these limitations, auditor should not accept less than persuasive evidence.  

IIA Magazine Feb 2016 Issue

This is the 75^th year of the anniversary of the IIA.

Capturing the Moment. Experts from around the globe provide a snapshot of the profession, discussing key issues impacting IA. In the past, IA was more focused on hindsight, it is now more about foresight too. Often, some IA staff may want to move to other departments. It is critical to find a clear path ahead for IA. Some of them might just want to stay in the profession forever. There has a clear shift from compliance to risk based audits. It is also good to volunteer for the profession. Combined assurance is also becoming more widely used. Students should try to contact the industries and ask for challenging assignments on IA. IA should set aside a portion of their paycheck every month to attend training etc. Work objectives should be clear and there must be clear communication. IA can also provide assurance on the management of strategy risks. IA can also add value to process effectiveness.

A Career on Point. There are many more women in this profession. IA has matured and many have viewed this function more positively now. To some, IA seems interesting and challenging. It is good as it helps you prepare for a leadership role.

Expanding the Foundation. Required audit competencies have changed considerably over the years, placing more and more emphasis on technology, business acumen and soft skills. IA is now a very respected profession. Effectiveness and efficiency are the hallmarks now. Information has increased over time and data analytics is being used more frequently nowadays. Soft skills and business acumen are very important too. Nowadays, it is good for IA to possess leadership capabilities and strategic thinking capabilities. There is a need for long-term adaptability, continuous learning etc.

Changing with the Profession. The IPPF has a history of adapting to meet stakeholder and member needs. They often listen to the needs of the profession. Now, the framework is more broad and flexible in its approach. The Standards are separated into attribute, performance and implementation types.

Twenty-first Century Milestones. Over the last 15 years, several watershed events helped define the practice of IA. IA is never dull. The first is flagrant financial reporting fraud, with cases like Enron etc. IA cannot ignore controls over financial reporting. The next is financial markets meltdown. The dotcom crash and the subprime crisis wreaked chaos throughout. ERM grew in stature as a result of all these meltdowns. The 3 lines of defence is all the more important in recent times. The next 2 big issues were cybersecurity and bribery and corruption.

The Perception of Value. A comparison of 2 IIA studies suggest internal audit may still have a long way to go in delivering stakeholder insight. Most IA are not meeting stakeholders’ expectations. Sometimes, there might be a lack of general management or operating insights within IA. Sometimes, IA also does not consult departments when developing audit plans.

Where We Are. Today’s IA enjoy greater stature within the organization and are working to meet ever-increasing expectations.

A Steady Progression. Audit professionals are in demand. IA needs to shape management’s expectations of them. IA should market themselves more. Cross-training and gaining exposure from other departments is the key. Auditors must be well-rounded and learn to take personal responsibility.

Conformance to the Standards. The top 10 non-conformance issues are: 1) Internal assessments; 2) reporting on the QAIP; 3) recognition of the definition of IA, code of ethics, standards in the IA charter; 4) external assessments; 5) QAIP; 6) requirements of the QAIP; 7) Engagement work program; 8) purpose, authority and responsibility; 9) co-ordination; 10) communication and approval

The ‘Anti-Fraud Moment’. Fighting fraud demands more than just awareness. There needs to be meaningful training when it comes to learning of skills. There is little training on red flag indicators. Create simple articles to share with employees. Record 5 minute training videos. Take advantage of live formal and informal skills training opportunities.

How Much Do Risks Really Change? The risk landscape shifts radically from 1 year to the next. It can changed a lot in 75 years. Global events can rock the market and commodity prices etc. Tech breakthroughs happen fast and world events disrupt things. Regulations change as well.

Internal Audit Fundamentals. The most basic skills remain largely unchanged. Critical thinking and communication are the key. Co-sourcing is an option when IA lacks certain technical skill sets.

Around the Globe. IA around the world are providing value to their organizations in a wide variety of ways and at different levels of complexity and sophistication. The role of IA may not be well-understood. Value demonstration is the key. Different auditors will be at different levels of proficiency and maturity.

Industry Roundup. The challenges IA face today are many and vary by sector. Public sector audit has moved beyond compliance or financial audits into performance auditing. There is also emphasis on effectiveness. There are sophisticated products in banking and safeguarding information is one of the key objectives. Money laundering is also a key area to watch. As for health care, there are issues like quality of service, compliance, data security are all big challenges.

A Different Perspective. IA’s business partners offer their views of the profession. Audit can identify opportunities for improvement throughout the organization. It is important to have a sharing environment. Technical skills matter a lot nowadays. IA should look at areas that management struggle with. IA should not hide or mask problems from management. Being able to understand IT etc would make IA more valuable.

Educating Auditors. Determining what IA students need to know now is a constant challenge. Being skilled in IA is a unique skill that is useful. It is possible to simulate real-world IA case studies for students. IA needs to be intellectually curious to learn more. One cannot speed up experience as time is required.

IA Future. IA allows one to understand the business. Do not miss the change to meet senior leaders.

‘I realized the role of IA aligned with many of my interests. I wanted to add value and bring a positive impact to a business while understanding how it operates, and IA presents opportunities not found in other roles within the company.’

IT Audit Trends and Foresight. Technology will continue to bring new risks for organizations. IA need to address the IOTs. We need to understand the inventory of devices and the type of data that is collected. One needs to understand the value of digital strategy.

The Changing Business World. Auditors can anticipate future developments by looking beyond their organization’s current business situation. Africa is going to grow fast in future. Businesses need to create space to think. IA needs to be able to anticipate new risks. IA can follow current affairs. Talk to customers to see how their needs are changing. IA is really looking to delight people.

Five Trends. Top global IA thinkers take a broad look at key issues that will shape the profession. The world is changing fast and risk are interdisciplinary. New risks must be understood and evaluated. IA can learn new ways of analysing and also develop strategic foresight. The compliance scope is continually expanding and making things more difficult. IA needs to link compliance activities to upstream processes and control improvements. It will be a challenge for lower the cost of compliance. Stakeholders are more demanding nowadays. IA must have knowledge of the various industries and any new business lines. Technology risk is getting more complicated. Data is becoming more prevalent and data analytics is getting more useful than ever before.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

IIA Magazine Aug 2017 issue

The Technology Issue

 A technology revolution. Tech is moving at a fast pace and some businesses may not be able to reap the benefits. IA needs to understand the evolving risk landscape related to the business. Tech will continue to disrupt the landscape and IA needs to reassess what data means to them going forward. Auditors help organizations avoid getting into trouble by identifying issues early and avoid them being surfaced by regulators or the media.

The Cyber Readiness Gap. Organizations may not be prepared for the attacks they are expecting. Ransomware is a big issue and thinks will get worse. Only half the organizations surveyed have a plan to address ransomware attacks. IA can help to scrutinize cybersecurity practices and plans. IT security governance needs to include the human factor in corporate risk analysis and assessment. IA can move from a supportive to front-seat role when building crisis-resilient culture.

More than Compliance with ‘A’. Transforming a compliance program into a value-adding activity starts with IA. Compliance with AML regulations are important. However, many managers do not see value in compliance work. IA needs to ensure compliance can provide real assurance. It is important to do the right thing and do things correctly. Ask yourself why there is a compliance requirement in the first place. IA needs to work with the first and second line of defence to ensure all risks are being addressed. IA should also question the need for, existence of, and adequacy of compliance with A. Sometimes, the original risks may not be present and hence the compliance requirement should not be relevant. One needs to examine the adequacy and effectiveness of the mitigating control. The audit needs to maximize the use of resources and analytics. One can use trend analysis to understand whether risk is increasing or decreasing. Effectiveness of controls can be tested with analytics.

‘But it should not be compliance simply for compliance sake. Internal audit should consider the overarching business objective and the controls that help mitigate risk to the achievement of the objective – even when examining compliance-related controls.’

Stop Clicking, Start Coding. SQL queries can enable internal auditors to uncover greater insights from organizational data. Data needs to be analysed etc. Some auditors are required to learn SQL. It is a language for managing data held in databases. To be good, logical thinking and reasoning are important and necessary for coding. SQL can be tailored for auditing needs and for ad-hoc queries. SQL and other audit software can form a powerful set of analytical tools.

Internal Audit needs risk management too. Managing its own risks can improve the audit function’s performance and demonstrate that it practices what it preaches. One key risk of IA is whether the department is strategically positioned within the organization its objectives. Other risks are whether the department has enough staff, on assurance etc. Reputation risks are important too, and so is compliance risks. Operational risks are like the resourcing problems, annual audit plan etc. If audits are behind schedule by about a month, it needs to be highlighted as a red flag. IA can also do a risk control self-assessment to evaluate internal controls in place.

The Cashier Cash Thief. Mounting family pressures and opportunity cause a trusted warranty clerk to pocket payments from customers. IA must emphasize the importance of SOD and monitor any exceptions. Trend analysis would allow organization to detect fraud more timely. Routine audits are vital for all cash processes. Mandatory vacations and rotation of duties should have prevented fraud from happening.

In Safe Hands. Organizations must grapple with a host of issues when determining how to best protect their data and manage the way it’s used. In Europe, there is a General Data Protection Regulation that goes into effect in spring 2018. It is a stricter regulation than ever before. Firms need to obtain consent for data collected from individuals. IA needs to go back to the drawing board to strike a balance. Respecting someone’s privacy rights is actually a soft skill and needs a soft approach. Privacy controls need to be engineered into business processes. Businesses must be clear about what they need the data for. Many companies do not know where their data comes from and how it is used. IA can be a role model in innovation etc.

Great tech expectations. As technology becomes more integrated with business processes, auditors must raise their IT skills. New auditors usually have better skills than older ones. People with expertise in IT will be in demand. Those with experience in DA will have an advantage over those who don’t. Experience with audit-specific software is also a plus. Auditors need to have an understanding of the infrastructure and applications being used. New authors are not usually well versed in soft skills. IA needs to have a good understanding of flow, controls and governance. Determine the specialty skills needed. Maintaining the right mix of generalists and specialists is a key IT challenge. IA needs to have a training plan for the IT risk and controls. Training hours need to be tracked and there needs to be information sharing at every meeting.

Building a data analytics program. Six strategies can facilitate progress when starting or furthering an analytics program. Many functions suffer from pitfalls/ setbacks. The six strategies are (1) create awareness rather than a silo; (2) understand the data before investing in a tool; (3) plan sufficiently; (4) think big picture; (5) Partner with IT; (6) Take advantage of visualization tools for inspired reporting.

#PurposeServiceImpact. The IIA’s 2017-2018 Global Chairman of the Board J Michael Peppers encourages IA to unify around the three concepts in his powerful hashtag. Purpose, Service and Impact are important words for our profession. It is about the why we do things. We should help enhance shareholder value through our work. Service is basically walking the talk. It is important to establish credibility with clients. We are both change agents and educators and need to do the right thing. Volunteering is important and internal auditors should strive to give back to the society. Always try to make a positive difference. We need to understand the purpose of the organization.

‘The best and most successful internal auditors I know understand that internal auditing is more than just a job: it is a sincere effort to improve the lot of others, whether organizations or individuals.’

The Root of the Matter. Performing root-cause analysis requires that auditors recognize common myths associated with the process. Addressing root cause will prevent the issue from recurring. Complex problems may be due a variety of factors. There may not be a single root cause at times. Use the 5 Why techniques. Sometimes, two root causes can lead to one problem. Some brainstorming is required to address all the root causes. One can use the fishbone diagram and identify problems in different categories like: Man, Machine, Measurements, Method, Materials, and Mother Nature. One can also use scatter diagrams to pair cause and effect and look for relationships. Good recommendations in the audit report should address the root causes of a problem. However, IA should understand that RCA requires time and resources and the organization must weigh the pros and cons of doing it.

Seven Steps to Transformation. IA can assist management throughout the many stages of business change. The first is pre-implementation review. It helps management to identify problems at the planning stage. Ask yourself what is the best ERP project model for ERP packages? The other steps are process/controls analysis, In-flight reviews, IT and User Acceptance Testing and Output/Results testing. The last 2 steps are post-implementation reviews and comparison to project management reviews.

It’s only one word. Excessive audit report wordsmithing is often a disservice to the client – and the audit function. Let those who did the work have a say in the changes. Never make a change unless you can explain why that change is necessary. Otherwise, you are just changing for personal preference. Always explain the reasons for any change to the person who wrote the original drafts. Do not be too anal about phrasing as this will result in rewriting and delays and frustrations.

‘Far too often, the lead, manager, chief audit executive doesn’t like what is written and starts editing the audit report. The process often results in a report the auditor no longer recognizes and, in the worst situations, it says something the auditor never intended it to say.’

The Data Analytics Strategy. Adding analytics to the audit methodology requires careful change management. Funding and resources needs to be provided. Integrate data analytics requirements into the audit methodology. Look for quick wins if possible. Use a champion to lead the strategy. CAE must emphasize that analytics is good as it improves audit efficiency. Analytics can add value not just to fieldwork, but also risk assessment and planning. Data is also evidence and that’s what sells well.

From ratings to Recommendations. Behavioural psychology suggests internal auditors’ approach could benefit from more carrot and less stick. Audit gradings are hated by auditees as it sends a signal that they did something wrong and that things are really bad. The SDT (self-determination theory) shows that human motivation is optimized when the following 3 are present: developing one’s skills (competency); exercising free will (autonomy); feeling connected with others (relatedness). Give your auditee the chance by sharing about common goals and building good relationships with them.

A Man and His Watch (Iconic Watches & Stories From the Men Who Wore Them) by Matt Hranek (Part 2)

Eng Tay. He is an artist. His favorite watch is the Panerai Reference 3646. I always liked vintage items, like cars and watches. In Asia, I loved to window shop for watches. I bought my first Pam from a friend (it originally belonged to a Navy officer). The story of how I got the PAM21 was more interesting. I actually flew down to Singapore and paid crazy money for it. That is just me, I am very passionate about Panerai.

George Bamford. He is the founder of the Bamford Watch Department. His favorite watch is the ‘Popeye’ Yacht Master. I started the watch customization business. I loved cartoon characters like Popeye since young. Because of that, I wanted to put Popeye on a watch. The sales of the watch were a massive success. It’s like paying homage to these character characters, but also adding a twist to it.

Everything you buy has a soul to it. You remember the details: exactly when you bought it, how much you paid for it. You want to think of that item as exclusively yours – unique to you. – George Bamford

Mark Cho. He is the co-founder of the Armoury and Co-owner of Drake’s. His watch is the Grand Seiko 61GS Very Fine Adjusted. When I first saw a Seiko that costs 8k, I was shocked. I decided to research extensively on the Seiko and really how significant the watch was. I loved its history. I even visited the Seiko museum in northeast Tokyo. To my surprise, the watch I purchased was also being displayed in the museum. The quality of finishing can rival their Swiss counterparts. Seiko is known for their big flanked lugs, lots of planes and is very angular. One day, Seiko will really live up to their reputation.

I love the Japanese attitude, the dedication to trying to be the absolute best you can be, to really push the envelope even given your own constraints. – Mark Cho

The Grand Seiko is a subtle watch, not really recognizable for what it is, but I like that. It’s a lucky watch for me. – Mark Cho

Holger Thoss. He is a photographer. His watch is the Breitling Chrono-Matic GMT. My dad gave it to me. I loved it very much. All along, I believed in the Buddhist tradition and belief in the temporal nature of things.

It’s also important to cherish the things you have and – this might seem weird to say – to have a relationship with them. You have to honor each object and, at the same time, be ready to let it go. – Holger Thoss

Eric Ku. He is a vintage watch dealer. His watch is the Jaeger-LeCoultre Deep Sea Alarm. He had an obsession with mechanical objects. When I was younger, we often looked forward to get the full-color catalog in the mail. I kept following this JLC watch, but the price increased over time, and I regretted not getting it. I eventually bought it for $35,000, which I over-paid. However, to me, it was okay. This was really a unique watch because of its rich history. I paid a huge premium for it.

Watches are very personal things – expressions of who you are. And what you’re willing to pay all comes down to perception of value. – Eric Ku

James H. Ragan. He is a former aerospace engineer at NASA. His favorite watches are the Omega Speedmaster Moonwatches. Watches were the backup instrument to test flight time. 4 companies bid. However, the Omega was the most durable. Wally Schirra and Gordo Cooper had worn Omega Chronographs for their mercury days. NASA kept using Speedmasters thereafter. The speedmaster professional came in useful during the Apollo 13 mission. These Omegas really meant a lot to me. The Omega Speedmaster Alaska Project aimed at triple protection. However, it never flew into space

Omega Archives. I got the chance to visit the Omega archives. I photographed the second-generation Omega Speedmaster ref CK2998. It was Wally Schirra’s watch. I also got to see John F. Kennedy’s watch, which he worn when he was sworn in as the 35^th president of the United States.

Alessandro Squarzi. He is a fashion entrepreneur. His favorite watch is the 1968 Rolex Submariner Reference 5508. My dad gave me the watch when I was 18. To me, it looked very modern. It’s a priceless piece.

Gabriel Vachette. He is the founder of Les Rhabilleurs. His watch is the Universal Geneve Compax. The watch was handed down from my grandpa to my dad and now to me. My dad was a watch collector too. The chronograph movement was amazing. I fell in love in watches because of my dad. Later on in my life, I created a watch blog, which was lifestyle focused.

Kenta Watanabe. He is the co-founder of Buaisou Indigo Studio. His watch is the Indigo-Dyed Casio G-shock. I kept soaking the watch in Indigo dye. It turned out to be amazing.

Hamilton Powell. He is the founder and CEO of Crown and Caliber. His watch is the Abercrombie & Fitch Seafarer. It has a running second hand. It was made by Heuer, for A&F. Back then, A&F was a cool adventure outfitter. It was both for adventurers and for guys who likes beautiful things.

I also like that it’s a manual-winding watch. I believe we’re alive for a brief period of time; whether it’s fifty years or a hundred, in the scheme of things, that’s a short blip. And it’s up to us to use that time intentionally. So taking a moment to wind my watch means giving myself 20 seconds of the day to create a sense of purpose as to how I’m going to use my time- to ask myself, Am I going to live today with intention? – Hamilton Powell

Josh Condon. He is a writer, editor and author. His watch is the Movado Moon Phase. The idea of heirlooms are a big deal. I have been handed down things from my grandpa etc. My dad loved to give me things too. My dad bought a Movado moon phase and I started writing about it. On my 36^th birthday, my dad bought it for me. He also gave my brothers the same watch. I haven’t taken the watch off since. Every time I wear it, it reminds me of my family.

Geoffrey Hess. He is the CEO of Analog/Shift. His watch is the Rolex Eagle Beak Tropical Submariner, Ref 5512. It’s the story behind the watches that is important. I met my wife because of this hobby. I love vintage Rolexes. Often, I go for collector events overseas. We are almost like brothers. People like vintage because of the tropical dial, serial number matches the box, lume on dial match the hands etc, crown guards look like an eagle etc.

But to some degree, the world of vintage Rolex is a science; we collector always have a loupe, and we’re examining the colors, the serifs on the fonts, the way the Rolex coronet is printed. It’s a grown-man science. – Geoffrey Hess

Michael Friedman. He is a historian at Audemars Piquet. His watch is the 1938 AP. This watch would be included in an auction. My dad was impressed by the history behind it. I studied time through the different time periods and realized how interesting it was. My dad used to encourage me to explore the world. It was a moment which I shared with my dad forever.

Tom Sachs. He is a sculptor. His watch is the ‘New Bedford’, customized Casio G-shock DW-5600. I hot-glued a metal cage around a digital watch in the past. The Japanese created the Casio with the concept of status and of a low price. I have worn the same G-shock for the past 20 years. I engrave every Gshock I buy.

I like the idea of something that costs $40 that you own, versus something that costs $4,000 that owns you. – Tom Sachs

People wear watches for their associated value. You wear an Omega Speedmaster and you’re Neil Armstrong. Or you wear whatever watch James Bond wears, or Sir Edmund Hillary wore, and you become that person – even if you work in an office, at least your watch is the same as that hero’s. – Tom Sachs

Bre Pettis. He is the founder of Bre & Co. His watch is the Bulova Accutron Spaceview and Origami watch. I am impressed by the Stonehenge because of its accurate astronomical alignments. Watches represent a worldwide contract and are incredibly interesting. My dad gave me this watch. It’s a transition between a mechanical and quartz movement. The tuning fork was like the gear-train of the watch. Watches actually make great gifts to others and encourages friendship building. I created the origami watch.

Stephen Lewis. He is a photographer. His watch is the paper cutout of a HP calculator watch. I used to like cutting watches out from famous watch magazines. I was impressed by James Bond when he checked the time on his Pulsar digital watch. Nowadays, I wear a Rolex submariner, which was a present from my wife. I have been able to dig myself out of a hole with little imagination.

David Coggins. He is a writer. His watch is the JLC Reverso. Reverso was a gift from my parents. In the past, polo players could flip the dial as it was necessary to protect the watch crystal. The way the watch flips is also very purposeful. I also like Art Deco numerals.

I want a watch that’s well-made and designed with purpose – just like a suit, for that matter. And I like to wear a watch every day. – David Coggins

I think you can tell a lot about a man from his watch, and I prefer one that errs on the side of discretion. – David Coggins

Annual Conference and Global Internal Audit Leadership Summit 2017 (27 Oct)

Managing Cyber Risks. (KPMG) Cybersecurity is one of the top 5 risks as rated by CAEs. Cyberattacks are one of the top 3 man-made risks which can be addressed. In a survey, Asian CEOs aren’t as well prepared as their US counterparts when dealing with cyber risks and cybersecurity. There is a need for cybersecurity risk assessment. Sometimes, insiders can provoke a cyberattack too. Due to the widening of the digital footprint, it can lead to greater cybersecurity threats. External threats like new technology, technology change, regulatory compliance and changing market forces will continue to affect the cyber landscape. The new cybersecurity bill by CSA is slated to be released in Feb 2018. The Bill will affect CIIs from 7 different industries. The cyber risk gap needs to be plugged through the use of specialist reviews and audits. Some of the losses that an organization could face are theft of client information, IP, corporate date, DOS attacks etc. Nowadays, it is quite common for the attacker to attack your service provider (since there are less strict internal controls) and get information from them about your company. Some of the staff from your vendor might not be well screened also. Usually, there is no point trying to figure out who the cyber-attacker is as it is hard to prosecute if it’s not in Singapore jurisdiction. Some of the tactics that cyber-attackers use is ransomware, key loggers, phishing, insider data theft and man in the middle attacks. Do not give away passwords at any cost. Training/education is important, more so that IT tools at times. As auditors, we can audit the data classification in an organization. Cybersecurity is a growing factor and needs to be included as a risk indicator. There needs to be a detailed response plan after being attacked. There is also a need to link the cybersecurity threats to your business. One can read the ISO27000 series, MAS TRM Guidelines, NIST, COBIT and others.

SAP Case Study. (SAP) SAP is a German company. Maintenance costs is a big part of the implementation costs of having such an ERP software. For SAP itself, some of the risks facing the organization are acquisition risks, cloud computing etc. Within the audit team, they use the SAP Audit Management Software, which is automated from the end to end auditing process. One will be able to see clear audit plan overviews and also real time status updates of the plan. There are also resource management tools in place which will help improve the global resource transparency. In addition, there are audit executive dashboards in use. All these lead to better cost savings, user satisfaction and faster audit cycles for the organization. As a result, during quality assessments, the IA function scores better. Analytics helps in audit sampling for auditors.

Internet of Things. (Microsoft) The Internet has shifted from the Internet of content to service to people and now to ‘Things’. Internet is very commonly used nowadays as it is more efficient and has led to increased productivity. It has brought the whole world together through Skype. There is data in chips in our everyday devices and such data can be harnessed for decision making. Some of the benefits of IoT are that it leads to 1) safety, comfort and efficiency; 2) faster decision making; 3) revenue generation. Some of the risks of IoT are 1) privacy, security and legal (types of data collected can be collected and should be collected etc). The major challenges that will be faced are to obtain the business and IT buy-in and also the fact that data magnitude can be huge and complex and hard to interpret. It is important for IA to stay ahead of the changes and understand the risks emanating from IoT. We need to be trusted advisers to the business. CAEs need to determine the skillsets required, like from data scientists, private specialists etc. IA needs to recruit the right people. We need to change our approach to how to audit etc. The process flow is like this: device connection -> data sensing -> communication (access rights) -> data analytics (queries etc) -> data value -> human value

Data Analytics at MAS. (MAS) Data is the new AIR that we breathe. Insight is the new storage of value also. There are a few Vs we need to be aware of: Veracity, Value etc. We have approached the other departments, like banking, insurance and capital markets, to understand what are the pain points of these departments. We have moved from rule based (AML + STR) to machine learning. There is a strong need to enforce data quality and to move from just big data to smart data. Labels must be given for supervised machine learning in order for it to work more efficiently. However, there is also such a thing as unsupervised machine learning etc. For data, there is a need to achieve generalisability. An important question to ask is whether your model can work on future data? Or just past data? Ensure that your data can be interpreted and cleaned before it can be used. The process is as follows: 1) know the question; 2) understand the data; 3) find the right algorithm; 4) be aware of the limitations; 5) be sceptical; 6) automate; 7) experiment. It is important to share insights across the different departments. Machine learning is a programme which automatically improve its performance through learning and experience. Culture is hard to change and in fact, culture is more important than the application of an algorithm.

Cybersecurity Lessons Learned. (SWIFT Asia Pacific) SWIFT is a co-operative that is based out of Belgium. Nowadays, cyberattacks are tailored for a particular institution and that can be really scary. Hackers are now able to perform multi-stage attacks. There is a hacker collaboration space in the dark web. Cross-border banking usually requires the use of SWIFT. Hackers have different motivations for committing crimes and it is difficult to predict. Cyber must be managed from the top-down. One needs to understand that spending money doesn’t make you more secure and there is a need to evaluate cost-benefit analysis. At times, it could be the client servers which have issues. There is a need to dictate how the client runs their programmes in order to secure their environment. There needs to be a cyber-response plan in place to address attacks and to recover. In future, SWIFT would make it compulsory for banks to report on their compliance to SWIFT’s assurance framework. This will certainly help to improve transparency.

Ethics in a Digital World. (Avande) Avanade is a cloud service provider and is a partnership between Accenture and Microsoft. In this digital age, there is a debate between Personalization vs Privacy. Facebook tried to have two bots chats with one another, but they turned racist and eventually had to be put down. Although AI development is swift, it might be necessary to put the guardrails on AI and curb its growth in view of ethical considerations. What is morally acceptable in today’s society? What is lawful? Digital is becoming a way of life and ethical behaviour is vital in this day and age. Is there a need for a framework to manage ethical dilemmas? What are the possibilities of digital tech? Core ethical values are embodied by leadership and there needs to be a good tone from the top.

IA in the Age of Transformation. (Asia Pacific Black Sun, Sofitel Singapore, UOB, NTUC, EDB) What are the elephants in the room? This refers to important issues that are not being addressed by IA. IA needs to keep themselves relevant. 43% of jobs in Singapore can eventually become automated (mechanized, robotized, digitalized) etc. However, there are still many opportunities in the audit space to add value. IA needs to be high tech, high touch (build strong relationships with management), and high trust. IA’s job is to highlight exceptions to management and in order to do so, they need to be loud and courageous in the boardroom and not shirk from difficult conversations. IA needs to avoid getting on the newspaper. IA needs to familiarize themselves in the area of sustainability reporting and professional scepticism. IA needs to constantly update themselves through attending training etc. Industrial domain knowledge is also important and this is usually learnt on-the-job. People retention is important and there could be a risk of knowledge loss without people. There is a need for IA to provide inputs on controls for IT projects right at the start. If there are no audit findings, it is possible for IA to issue a clean audit report. IA should gradually take on a more advisory role for the business.