How Risk Management and Internal Audit Can Add Value in Light of the Current Pandemic: COVID-19 Risk Considerations

During these unprecedented times, internal audit and risk management professionals need to reevaluate risks affecting their organization. Audit plans must be realigned and reprioritized to ensure internal audit plays a pivotal role in helping the business successfully navigate significant changes.

As risk management professionals, we need to serve as trusted advisors and assist with understanding and assessing challenges, while continuing to maintain independence and objectivity. Given that people, processes and technology are all changing, with many companies restructuring operations to allow employees to work from home, internal audit needs to completely understand the impact of those changes. Some of the business risks that need to be considered are: 

Strategic Risks

• Deteriorating economic conditions
• Adaptation of company communication channels, collaboration provisions and oversight considerations to accommodate alternative work arrangements
• Heightened reliance on estimates within business outlook and scenario analysis
• Impact on customer engagement and interaction
• Continued disruption; arising innovators 
• No prior history to govern situational decision-making
• Loss of key employees
• Crisis management and contingency plans

Operational Risks

• Volatility in customer demand and supply chain
• Internal exposure to the pandemic
• Product safety and liability considerations
• Staging operational and safety measures commensurate with risk and changing regulations
• Impact on workforce mobility and attendance
• Process changes and pressures on efficiency and productivity
• R&D and capital investments
• Regional and/or international exposures
• Workforce reduction
• Vendor and third-party exposures
• Cost containment

Financial Risks

• Liquidity and cash flow constraints
• Going concern and impairment considerations
• Debt restrictions
• Stimulus package risk and opportunities
• Tax positions, incentives and credits
• Increasing reserves
• Credit risk and payment deferrals and defaults
• Forecasting and budgeting uncertainty
• Control environment changes
• COVID-19 disclosure matters

Technology Risks

• Elevated cyber exposure
• Maintenance of existing systems
• Delayed investments in new technology
• Innovation
• Workforce mobility
• Technology support
• Resiliency

Schneider Downs Risk Advisory Services consists of individuals with expertise in accounting, operations, information technology and cybersecurity who can assist your organization with enhancing or developing your risk register, as well as developing and executing audits. We provide consulting services to your organization on critical business matters and advise on strategies needed to address emerging risks and opportunities as we navigate the unique circumstances brought on by COVID-19.