Internal Audit and DevOps: A Love Story

A book on internal auditing doesn’t sound like a typical title for a publisher known for books about DevOps, software development, and business leadership. But we’re pretty sure Beyond Agile Auditing by Clarissa Lucas is going to be a book you didn’t even know you needed.

See, it’s almost a universal fact that if you work in an enterprise, at some point your team will be the subject of an internal audit. The likelihood is even higher if you work with systems that deal with security, finance, personal data, etc. And it’s also a nearly universal fact that these audits are never what we’d call…uh…pleasant.

See if this scenario sounds familiar:

It’s a typical Monday, until your first afternoon meeting gets underway. In this meeting, you learn the internal auditors will be starting an audit of your process/product in the next few weeks. You immediately break out in a cold sweat, panic and anxiety washing over you as your mind races. You wonder what questions the auditors will ask, what evidence they’ll request, and what they’ll report to their leaders. 

You think, “The enforcers are here with their outdated checklists, looking for problems to shine a light on, wanting to make me look bad!” 

The problem is, auditors don’t understand your processes or what’s really important to you and your team. How are you supposed to get your actual work done when the auditors are setting up a million meetings, endlessly asking irrelevant questions, and requesting documentation that doesn’t even reflect the current process? 

An audit adds work to your plate without bringing much value. And then, at the end of it all, they’ll hand you a report that doesn’t help you or your team deliver value any faster or better. 

The auditors use the same approach they’ve been using to audit for years. Everyone else in the organization is changing to stay ahead of the change curve, but it seems like the auditors aren’t even trying to keep up.

Yeah, we know you’ve been there. But the truth is, internal audit gets kind of a bad rap. You see, they’re actually on the same team as you. They’re looking to help deliver business value to their organization just like you. They want to help you lower risk. They want to be your partners in leading your company to success.

Clarissa Lucas, an experienced audit and risk management leader in the financial services industry, is here to help us bridge the divide between nonauditors and auditors. In Beyond Agile Auditing: Three Practices to Revolutionize Your Internal Auditing Practices, she lays out a new way for audit to work, one that is more aligned with the unique, agile, emerging nature of risks and the work of software development. She calls it Auditing with Agility and it lays out a path to a more value-driven, integrated, adaptable audit experience that just might make you love your next internal audit.

In software development, we’ve been here once before. As Clarissa illustrates, “For years, software developers and operations teams were at odds. They were not incentivized to work together. There was a proverbial wall built up between the two organizations, as has famously been illustrated.” But we broke that wall down. We forged a path to a happier future.

Now it’s time to do the same with audit. This book will help you and your internal audit counterparts go from adversaries to partners. Don’t believe us? Check out her 2022 DevOps Enterprise Summit presentation, where she and her business counterpart detail the success they had with Auditing with Agility. Or stay tuned as we post excerpts from the book over the next several weeks. By the time the book comes out on May 30th, we’re pretty sure you’ll be ready to revolutionize your audit experience.

- About The Authors

Leah Brown

Managing Editor at IT Revolution working on publishing books and guidance papers for the modern business leader. I also oversee the production of the IT Revolution blog, combining the best of responsible, human-centered content with the assistance of AI tools.

Follow Leah on Social Media

•