Have you ever thought of the risks in BIG data? If so, this information is for you. First, let’s define: BIG data involves large information in volume that comes from varying sources and is produce at a quick rate. That’s why they are known as the 3 “V” of BIG Data: volume, variety and velocity. Therefore traditional data-processing application software’s are inadequate to deal with it.

Hence the first risk relies on which software is your company going to use? Most companies decide upon the software; not based upon their processes. Keep in mind: the software has to adapt to your company not the other way around.

What kind of data your company has? Is it relevant? Is it complete and updated? Where does the information come from? The second risk is to start managing data that is bad or useless and the third risk is that it is unorganized. Make sure to organize it according to the fields your company needs.

After that, analyze and interpret data. By doing so, the information becomes meaningful, ready to make accurate business decisions. Erase information that has no use. This will help you to minimize the fourth risk: wrong decision making.

Now that you have relevant data, make sure where it is going to be store; because the fifth risk is not to have the conditions; for example temperature, maintenance, location. Sixth risk: who is going to have access to the information? Remember data protection…you don't want data leaks or breaches!

Seventh risk is lack of back-ups: secure the data by carrying out a backup in a regular basis and make sure that it is store in a different location than the company’s.

​Up to this point keep in mind that although we talk about risks, if manage them correctly your company can have high-quality data…so make it BIG!

What will 2018 bring to Internal Audit?

• Risk management: the world is changing, new risks emerge and with that the challenge of Internal Auditors to know how to manage them. They key point here is: how to manage something that you don’t understand or know? If you are in that case, it’s very unlikely to assess risk in an effective way and to show concrete results of Internal Audit's work. Target: helping the company to be able to adapt to any risk in a quick way before it concretes.  Solution: understand how the company works and its associated risks.
• Cybersecurity, technology and data analytics: with all the attacks some big companies faced this year, it is mandatory to have controls in place to guarantee that the information is protected and of course that business continues… with the minimum harm to its image and reputation. Think about ransomware, data breach…they are dangerous for companies and individuals and are becoming more sophisticated. Target: have at least one expert in technology within the Internal Audit team; in this way can also be covered new technologies and data analytics. Solution: hire someone expert in technology and teach that person to be an auditor…it is simpler in this way!

• Regulation: new rules are arising, new rules will arise… the first challenge is to understand what should be done, secondly, train staff about it. Target: implement new regulation in time to comply with deadlines and avoid sanctions. Solution: have a multidisciplinary team composed by: Compliance, Legal and Internal Audit who analyzes how to do it; they’ll complement each other by their expertise. Add any other area needed according to the subject.
• Skills: an Internal Auditor should have several skills but one that is imminent: manage conflict. Tip: listen more than talk. Show with evidence your position. Be fair.

Above all: you are not alone; this affects all the Internal Audit profession. See them as opportunities to grow, to make a bigger role for Internal Audit in 2018!