Agile delivery of IT audits in today’s context – Deloitte

Session Description: 

Everyone will appreciate the pace of changes to technology as well as emerging risks in our world today. Organizations are challenged to cope with this change and respond in ways that align with their business strategies and where possible take advantage of the change.  Consequently, organizations are increasingly adopting Agile methods to build or enhance products, services and capabilities to accelerate value delivery.  The recent digital transformation trend at several organizations is another driver that necessitates re-development of several core applications using Agile development methods.

The above trends in the front line have begun to place demand on second line control functions as well as the third line (Internal Audit-IA) function, to also embrace Agile where necessary. Stakeholders are demanding IA’s involvement in initiatives to deliver value in sprints. In some specific situations, Agile delivery of Internal Audit is the best way to deliver value if not the only way. 

Despite the above reality and stakeholder expectation, IA shops find it difficult to change their methods and transition to an agile delivery methodology. It takes learning new capabilities, being strategic about the application of the new technique to the right use-cases, having the discipline to apply the new method and stick to it for a given audit without defaulting to traditional methods. In regulated organizations, there is also some anxiety as to how the regulator would view Agile delivery of Internal Audits.

After a brief introduction to Agile and related terminology, the session will illustrate how Agile delivery of Internal Audits work, when to use it and what the pre-requisites are. We will discuss two case studies and allow participants to run a simulation of Agile delivery of those two audits.

The session will end with a discussion on lessons learned to date and considerations for successful adoption when organizations launch their journey to embrace Agile.

Session Presenters:

Baskaran Rajamani is a Technology Risk Advisory Partner at Deloitte in Toronto.  Baskaran leads teams to help Financial Services clients on:  IT Risk Management, IT Audit, IT Regulatory Compliance, Outsourcing/Supplier risk management, IT Governance and Agile and Digital transformation risk management. He also provides thought leadership on related frameworks and methodologies. Baskaran is a Faculty at Deloitte University in its Toronto and Dallas, TX campuses.

Baskaran has over 34 years of experience of which the last 22 years have been in professional services, preceded by his career in engineering automation. He holds a Master’s degree in Engineering and an MBA.  His designations include CISA and CISSP and was the recent past President of the ISACA Toronto Chapter.


Mark Varmais a Manager with Deloitte & Touche in Toronto, with Deloitte’s Technology & Information Risk Services practice.

Mark’s work involves assisting with management of information technology and business risk for clients in in a range of industries including financial services, government, retail and real estate, with a focus on IT Internal Audit, External Audit, IT Risk Management, Compliance and Outsourcing risks.

Mark has extensive experience leading training for Deloitte’s clients and staff. Mark is a Chartered Accountant (CA), and a Certified Information Systems Auditor (CISA). He holds a Bachelor of Commerce degree from Queen’s University.

Date & Time: Feb 20, 2018 08:30 AM to
Feb 20, 2018 12:00 PM
[America/Toronto UTC -5]


Add to my Calendar
Location: Ivey Tangerine Leadership Centre
Ground Floor
130 King Street West
Toronto ON

Get Driving Directions
Registration Closes: Feb 20, 2018 08:00 AM

Event Coordinator:

Admin Support
 Registration Fees
Member Price
Registration Fee  
Non-member Price
Registration Fee  

Registration is now closed.


Powered By