Virtual Internal Auditor

EY Virtual Internal Auditor (EY VIA) is a digital platform that transforms the way Internal Audit (IA) is performed by reallocating the workload from humans to machines.

Related topics Consulting

When you can see the complete picture, why settle for a glimpse?

Chief audit executives (CAEs) face multiple challenges in an environment where the Internal Audit (IA) function is expected to keep pace with new and evolving risks like cyber threats, pandemic impact and political instability. Organizations willing to change their thinking and adopt innovative technologies to enhance their risk management strategy can improve decision-making and more effectively allocate critical resources.

How to overcome the challenges?

EY Virtual Internal Auditor (EY VIA) is an intuitive digital platform that simplifies the way Internal Audit and ICFR testing is performed, allowing you to focus on real-time risks. It goes beyond what traditional IA can do, enabling real-time risk monitoring and timely reporting of high-risk findings.

EY VIA centralizes your data and continuously monitors it for downside, upside and outside risk, acting as your “command central.” It gives you flexibility to respond to the identified risks while enabling you to work faster and with confidence by addressing the following factors that IA functions require today:

  • More time to focus on risks and topics beyond today’s scope
  • Additional capacity and capabilities to perform full population testing and full root cause analysis
  • A forward-looking approach
  • Adherence to the annual risk assessment model, rather than continuous review

EY VIA can help stakeholders identify the strategic priorities of an organization. It empowers management to make informed decisions by having more time to focus on risks and topics beyond today’s scope. Its suite of modules covers and transforms the complete IA life cycle.

Click below to play video.

What are the key features?

  • One-stop shop – A single tool for complete coverage of organization across risk, audit, process and transaction powered by advanced analytics with a suite of ready-to-use modules to provide a tailored experience.
  • Full risk coverage – EY VIA enables your IA function to complete full population testing by keeping your company’s data in the center of its operating model. This historic shift from sample testing to full population testing gives the three lines of defense visibility to a company’s holistic risk, enabling a coordinated risk response — which is imperative in an ever-changing business environment.
  • Automated data extraction –A digital platform to enable data to be securely extracted from ERP systems.
  • Analytics EY VIA can transform the internal audit process into a continuous risk management initiative that uses analytics to understand the threats that exist in the market. It uses an EY proprietary advanced analytics toolset to execute analytics with pre-interpreted results and comparison against EY benchmarking data. This is a tool that evolves to understand new threats, providing a proactive approach to managing risk. We bring our EY methodology to elevate the capabilities of IA function.
  • Flexible Audit Response Model (FARM) This model lets users determine a course of action for risk, ranging from a simple query to business function to advanced analytics through machine learning and artificial intelligence (AI) capabilities.
  • SOX control testing Automated SOX dashboards are used for ongoing status tracking and reporting, allowing an organization to perform SOX testing procedures (IT and non-IT) to consistently evaluate controls. EY professionals’ SOX knowledge and experience, and the enhanced competence and objectivity of testing, can increase the effectiveness of an organization’s independent auditor.
  • Flexible reporting – Timely and efficient reporting increases business value and induces trust in the IA function.
  • Beyond reporting When a control function identifies risks and action items, those action items flow into the follow-up module. This enables the organization to keep track of the fixes required to protect against the risk. Risk monitoring becomes more cyclical than linear and is embedded into the organization as a normal course of business.
  • Modularity EY VIA is a suite of different modules, giving the flexibility to pick and choose the functionalities relevant for an organization based on their current maturity. The different modules can be integrated within the existing IT application portfolio.


The traditional internal audit process takes time, typically requiring a steady flow of forms and paperwork to be completed in order to move forward. The mundane nature of this effort takes focus away from the critical role IA plays in protecting the business.

EY VIA expands the breadth and depth of risk coverage, delivering a comprehensive view that enables internal audit teams to identify issues in real time. It uses a single platform that integrates risk monitoring with a flexible audit execution model. This automation creates efficiency, leads to faster results and gives the company the ability to work with EY professionals to understand risks as they are uncovered.

IA becomes a partner to the C-suite, supporting confident decision-making and ultimately contributing to increased business value. The platform and functionality is sector agnostic, while the underlying content is tailored to different industries.

With EY VIA, we bring together a new IA value proposition, methodology, governance and people model that is enabled by technology. EY VIA’s rich features, powered by data analytics and leading technology, deliver audit excellence for our clients.

Contact us

Like what you've seen? Get in touch to learn more.