Utilities Tech Outlook Weekly Brief
Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Utilities Tech Outlook
Stephen Harrison, Director of Internal Audit, California Water ServiceStephen Harrison is the Director of Internal Audit at California Water Service. With a wealth of experience as the former Director of Asset Management, Stephen showcased his skills in overseeing the lifecycle of vital utility assets, ensuring their reliability and maximizing longevity. In his current role, he guides his team towards a forward-looking audit approach that surpasses traditional internal audit practices and extends beyond SOX compliance. Stephen's dedication and innovative vision make him a driving force in ensuring the integrity and efficiency of California Water Service's internal processes and operations.
In an interview with CIOReview, Stephen Harrison, Director of Internal Audit, California Water Service, shares his thoughts on the existing trends in the auditing space and the challenges associated with maintaining SOX compliance.
What are some of the biggest challenges you have observed in the internal audit space?
There is a significant challenge with SOX compliance. The manual documentation process prevalent in the industry is difficult to break away from and relies heavily on Excel-based records and physical evidence. Another challenge is the need to modernize and standardize SOX compliance as it ages. Automating tasks and documentation to create an efficient audit trail is now a priority. Striking the right balance in technology enablement is also a major issue. It is important to find the optimal point for technology integration to realize benefits without incurring unnecessary costs. Aspirations for technological advancements must align with practical outcomes to ensure effective investment and process reengineering.
What are the current conditions companies are facing due to the rising costs and time spent while ensuring compliance with the SOX act?
In addition to the rising expenses of adhering to the SOX act, there is a need for external certification from big four accounting firms added to the financial burden of publicly traded companies. The complexity of SOX compliance extends to IT general controls, where technology implementation brought new audit requirements. The realization that technology doesn't always lead to optimization is always a significant learning curve, as it could increase workload rather than streamline processes. Balancing efficiency and compliance proves to be challenging in the ever-changing landscape of SOX requirements.
"Auditors are true partners, actively adding value and proactively identifying potential issues to prevent them from escalating"
How do you see the internal audit space evolving over the next few years?
There is a shift in the internal audit function's future, moving away from extensive focus on SOX compliance toward building out operational and non-compliance areas. These areas encompass day-to-day activities, enterprise risk management, quality assurance, and technology deployment, including user testing and assurance activities.
Two significant developments in the corporate world hold implications for internal audit. The first is Environmental Social Governance (ESG), with the SEC finalizing documentation and submission requirements in financial reports. Internal audit will play a crucial role in providing validation and assurance work for ESG-related information.
The second major development is AI and related technologies like automation and robotic process automation. AI's application may excel in black-and-white scenarios, like assessing completed tasks based on objective criteria. However, areas with subjective elements that necessitate human judgment might fall outside AI's scope.
What is the advice you would like to pass on to fellow CXOs and peers in the internal audit space?
It is important to foster a successful relationship with the external audit partner. There are three key strategies that can be applied to achieve this goal. Firstly, prioritize maintaining an arm's length yet coordinated approach with the external auditor to minimize redundant efforts. Jointly conducting key control walkthroughs can facilitate the efficient assessment of controls and transactions, yielding quick wins.
Secondly, aligning datasets enables both parties to conduct assessments and select samples more effectively, streamlining the audit process and enhancing overall efficiency. Lastly, open and transparent communication with the external auditor is paramount, as well as remaining receptive to suggestions and alternative approaches. This collaborative give-and-take relationship facilitates finding common ground, and meeting compliance requirements.
There is a historical negative perception of auditors, but we must alter this narrative. Auditors are true partners, actively adding value and proactively identifying potential issues to prevent them from escalating. The ultimate goal is to foster a collaborative and cooperative environment.
