On the CAE agenda: Q2 2022

The latest installment of the KPMG On the CAE Agenda reveals trends in geopolitical risks, ESG, and cyber security.

Strategy and value management

  • Role of IA in ESG
  • Resourcing in a virtual and high demand environment
  • IA's role in emerging topics such as ESG, cyber threats, and disruptive events (transactions, transformations, etc.)
  • Integration and coordination across three lines of defense (particularly the second and third lines)
  • Broadening risk coverage as business model and digitization efforts evolve

Operational model

  • Operating with increased agility, especially more frequently, for faster risk assessment and planning
  • Staying close to the business in a virtual environment

Stakeholder engagement

  • More SMP expertise in IA especially when working with first and second lines
  • Improving IA brand
  • Improving AC chair connectivity
  • Resourcing constraints across the organization

Digital acceleration

  • Data driven risk assessment*
  • Focus on automation
  • IA partnering with the second line on continuous monitoring

Modern workforce

  • Overall IA employee experience around data analytics, problem solving work and more*
  • Upskilling IT and enterprise technology acumen
  • Overcoming talent drain and resource needs through hiring and retention
  • Need for more specialized or mature capabilities around data analytics and insights

Risks and responses

  • Geopolitical risks and their impacts and translations to the audit plan*
  • ESG initial program assessment*
  • Supply chain and operational resiliency*
  • Cybersecurity* (e.g., ransomware incident response,* phishing, hacking, data theft)
  • Cloud services and storage (e.g., data security, business continuity)
  • Regulatory compliance (e.g., more regulated environment, expanded role for IT)
  • Third party risk management
  • Workforce* (e.g., contingent workforce, upskilling and reskilling talent, distributed tax implications)
Bold indicates newly added topics since the last agenda
*Indicates a complementary Signals of Risk briefing also now available

Contact us

Michael A. Smith

Michael A. Smith

Partner, Advisory, and U.S. Internal Audit Solution Leader, KPMG US

+1 214-840-6019
Richard Knight

Richard Knight

Principal, Advisory, and U.S. IT-Internal Audit Solutions Leader, Technology Risk Management, KPMG US

+1 703-286-8393