The expanding scope of technological disruption
What is technological disruption?
When new technologies radically change established markets, procedures, or sectors, technological disruption results. Unlike slow technical progress, disruptions cause seismic changes, often making conventional systems outdated. These developments provide a two-fold challenge for internal audit: knowing the potential risks these developments bring about and finding ways to use them for more insight and efficiency.
Consider the rise of generative AI, a recent breakthrough in artificial intelligence. Generative AI models like ChatGPT can assist audit in real-time by drafting reports, summarizing large datasets, or even identifying patterns in unstructured data. Meanwhile AI agents can autonomously learn and execute tasks, which are beginning to revolutionize daily tasks like reviewing and responding to emails. However, these technologies also introduce risks, such as misuse of sensitive data, ethical concerns, and automation errors that could go undetected.
What are examples of disruptive technologies?
Let's look at some of the more powerful disruptive technologies influencing the risk scene of both today and tomorrow:
- Generative AI and Agents
Generative AI has already started to transform industries by automating decision-making, enhancing predictive analytics, and optimizing processes. Up from 45% in Q1 of 2024, 68% of leaders will invest between $50-$250 million in GenAI over the next 12 months, per KPMG’s January 2025 AI Quarterly Pulse Survey. Now, we are also seeing AI Agents—autonomous systems that perform tasks, make decisions, and interact with their environment, like a digital assistant—are adding another layer of capability, automating content creation and decision-making. For example, an AI Agent can review incoming emails, categorize them, and draft personalized responses in your tone and style, saving you time. But these advancements also come with risks, such as algorithmic bias, ethical misuse, and compliance challenges. For example, generative AI systems trained on incomplete data could provide inaccurate insights, exposing organizations to reputational damage.
- Autonomous systems and robotics
Autonomous systems include drones, autonomous vehicles/vessels, delivery robots, and humanoids. Advances in Generative AI and Agents will make these systems more dependable and affordable throughout 2025, therefore encouraging further adoption in industries like manufacturing, transportation, logistics, and farming. These technologies do, however, also introduce risks, such as liability concerns, cybersecurity vulnerabilities, and ethical dilemmas. For example, a malfunction in an autonomous vehicle could result in unexpected behavior, such as failing to reach its intended destination or misinterpreting its environment, leading to operational disruptions and reputational challenges.
- Quantum computing
According to a recent Reuters article, commercial quantum computing application could be available within the next five (Google) to 20 years (Nvidia). No matter, quantum computing represents a leap in computational power, enabling breakthroughs in optimization, cryptography, and simulations. However, this technology is also a big threat to old encryption algorithms, which could mean that the way we protect ourselves now is no longer useful. Internal auditors must assess whether their organizations are prepared for the transition to quantum-resistant encryption.
- Neuromorphic computing
Neuromorphic computing mimics the structure and function of the human brain, using artificial neurons and synapses to process information. With a compound annual growth rate (CAGR) of 29.5% by 2033, this technology is transforming real-time processing and energy-efficient AI applications. Neuromorphic chips are particularly suited for robotics, autonomous systems, and edge computing. However, the adoption of neuromorphic computing introduces governance challenges and risks tied to autonomous decision-making.
These technologies are changing industries at a speed that calls for internal audit's awareness and adaptability to make certain organizations can navigate these changes responsibly.
The role of internal audit in mitigating technological risks
Proactive vs. reactive risk approaches
As everyone is aware, internal audit has traditionally been reactive, addressing risks only as they become evident. But the speed and scope of technological disruption call for an even greater proactive response, one that sees risks and mitigates them before they can escalate.
Proactive strategies include:
- Early warning systems
Leverage analytics, AI, and machine learning to identify potential risks before they materialize. Create shared dashboards, for instance, that analyze trends in key risk indicators including vendor behavior, cybersecurity alerts, or unusual financial activities, to offer real-time insights and early warnings for emerging threats.
- Technology adoption readiness reviews
Evaluate the organization’s preparedness to adopt and integrate emerging technologies by assessing existing infrastructure, talent capabilities, and governance frameworks. For example, before implementing AI or blockchain solutions, conduct readiness reviews to identify gaps in skills, compliance policies, or cybersecurity measures and provide recommendations to mitigate risks proactively.
- Dynamic audit planning
Regularly updating audit plans will help to reflect the changing risk profile of your organization. Audit strategies in implementing autonomous systems, for instance, should include evaluations of cybersecurity resilience and liability structures.
By being proactive, internal audit will always be a strategic ally in navigating technological disturbances.
Leveraging technology to enhance audit efficiency
IIA Standard 10.3 underlines the need of internal audit functions having a well-defined technology plan that enables them to utilize advanced tools and techniques to improve their audit capabilities and offer greater value to the organization. Against technological upheaval, audit management solutions such as Wolters Kluwer TeamMate provide internal audit teams a path forward to increase efficiency, maximize resource allocation, and strengthen relationships with their stakeholders.
- Centralized audit management
From planning to reporting, a centralized solution streamlines the audit lifecycle on a single system. By centralizing audit activities, organizations can improve transparency and streamline workflows, especially when dealing with disruptions like neuromorphic computing or autonomous systems.
- Data-driven insights
Integrating advanced analytics capabilities within your audit management solution enables audit teams to analyze large datasets for anomalies, trends, and emerging risks during their planning and fieldwork, all under one roof. Audit teams can use the analytics tool, for example, to identify patterns in vendor payments or detect cybersecurity vulnerabilities before they escalate. It’s like being able to quickly find and repair a pipe leak, before it becomes a costly flood.
- Enhanced collaboration across teams
By allowing real-time communication across internal audit, IT, accounting/finance, and risk management teams, audit management solutions serve to promote cooperation in an environment where risks may span multiple departments. Dynamic dashboards and shared reporting ensure that all stakeholders are aligned in addressing emerging threats.
Solutions like these help audit teams to stay ahead of disruptive technology by enhancing efficiency, improving accuracy, and enabling seamless collaboration.
