EY Virtual Internal Auditor (EY VIA)
One platform, trusted view
Single platformed solution providing complete coverage of your entire organization across regions, units, risks, processes and transactions, powered by data and analytics.
Full risk coverage
Historic shift from sampling to full population testing allowing you to thoroughly assess your organization’s risk exposure.
Faster navigation through risks and processes end-to-end
Leverage the power of data to generate value-based insights that help you prioritize risks that matter the most and better anticipate future risks.
Think big, start small, scale fast
Completely modular solution providing you flexibility to choose functionalities based on your organization’s maturity.
Data at the center of your internal audit
Blending data from multiple sources, including your ERP systems such as SAP, Oracle and other structured and unstructured data sources (including GRC interface), EY Virtual Internal Auditor (EY VIA) integrates and transforms your raw data for continuous auditing and monitoring. EY VIA offers automated data extraction of all relevant master data, transactional data and configuration data.
- A fully automated interface between all the source systems and EY VIA
- Covers dimensions required for an internal audit function – locations, auditable units, IT applications, processes, risks and transactional / configuration data
- Embedded data quality checks and transformation to enrich the data to be used for continuous risk monitoring
Continuously monitor and audit the risk status of your organization
EY Virtual Internal Auditor (EY VIA)’s Risk Monitoring engine continuously monitors and audits the risk status of the organization, supporting internal auditors to focus on existing red flags and upcoming issues that pose a significant future risk.
EY VIA uses EY proprietary tools including EY Global Risk and Compliance (GRC) capability for risk assessment and data analytics toolset to execute analytics with pre-interpreted results and comparison against EY benchmarking data.
Risk is monitored through three functions:
- Analytical test procedures: Cover your transaction-based operational processes, IT general controls and application-based configuration controls with pre-built and configurable test procedures, alongside capabilities to build your own customized tests
- Benchmarking: Compare your results of analytical procedures against EY benchmarks to determine your risk exposure
- Dashboards: Easily understand your results through data pre-interpretation supported with filter capabilities and drill down and aggregation functionalities
Plan the next best actions for the identified risks
Flexible Audit Response Model (FARM) is an EY unique model that lets users determine a course of action for risk, ranging from a simple query to business function to data and analytics enabled by latest technology and – of course – seamlessly execute audits.
- Determine the next best action for identified risks: remote/on-site audit activities, inquiry, high-impact audit, accepting risk
- Flexible, differentiating, and digitized reporting capabilities. Timely and efficient reporting increases business value and induces trust in the internal audit function
- Issue tracker module which helps enable the organization to keep track of the fixes required to protect against the risk during the follow-up process. Risk monitoring becomes more cyclical than linear and is embedded into the organization as a normal course of business
Seamlessly manage your ICFR (Internal Controls over Financial Reporting) work programmes across multiple entities and locations
Automated ICFR dashboards allow an organization to perform controls testing procedures (IT and non-IT) to consistently evaluate controls.
- Real-time monitoring of deficiencies and remediation plans as well as inbuilt controls view provides full oversight of the status of each control
- Comprehensive control testing (Test of Design, Test of Effectiveness) and documentation
- Simplifies and streamlines the 302- certification process through online forms and sign-offs
- Complete IT General Controls (ITGC) specific testing forms and IT Application tagging
Other capabilities offered by the EY VIA solution
- One-stop shop: A single solution for complete coverage of organization across regions, units, risk, audit, process and transaction powered by data and analytics with a suite of ready-to-use modules to provide a tailored experience.
- A platform of the future: With EY VIA, we bring together a new IA value proposition, methodology, governance and people model that is supported by technology. EY VIA’s rich features, powered by data analytics and leading technology, deliver audit excellence for EY clients.
- Global and latest EY Intellectual Property: Leverage path-breaking, globally available EY proprietary toolset driven by data and analytics with good practice risk, controls and audit procedures for all core process as well as hot topics like Environmental, Social and Governance (ESG) and others.
- Flexibility with modular approach: EY VIA is a suite of different modules, giving the flexibility to pick and choose the functionalities relevant for an organization based on their current maturity.
- Easily integrate with your systems: EY VIA can be easily integrated to your environment. All the modules (and related services) of the solution are integrated providing consistency and can be connected to your existing software suite.
- Configurable to your business needs: Each Internal Audit function operates in a different way; hence we have built EY VIA to be flexible and configurable to the individual IA methodology and process.
Through EY VIA’s continuous auditing capabilities, we have been able to cut down IA costs by 20% while significantly extending the risk coverage for one of our global IA Outsourcing clients.
Director, Enterprise Risk