When the head of internal audit at Köln Bonn Airport realised that his team would not be able to fulfil its duties without more rigorous, consistent processes and more efficient use of data and reporting, TeamMate+ helped him to achieve these objectives.
International airports operate like small cities, explains Alexander Hilgert, head of internal audit at Köln Bonn Airport. They have myriad functions and businesses onsite and tentacles that extend around the world, through their complex relationships with airlines, retailers and authorities. Their risks are varied and many involve third parties, which makes the internal auditor’s role important and challenging. When Hilgert took on the role in 2017, he was keen to bring the function up to date and ensure that it followed globally recognised best practice standards. This transition included migrating from generic tools such as SharePoint, Word and Excel to a secure, automated internal audit software system.
Hilgert had previously worked at Harman International Industries, where he became familiar with TeamMate AM. His new team comprised just four internal auditors, who were responsible for providing assurance and supporting management across the operations of an airport that is Germany’s third largest in terms of cargo, and which welcomed 12.4 million passengers that year. He was immediately aware that they could not provide the service that management required using laborious, manual, unconnected systems.
“There was an internal audit process, but it was not strictly based on the IIA standards,” he explains. “The focus was mainly on operational areas, and trying to implement a true risk-based plan to audit all the airport’s risks and processes with four people was clearly impossible. They ended up revolving around different areas on the plan each year, regardless of the risk to that area, so spent valuable time on risks that were probably very low.”
While he thought that most of the key risks were being addressed in some form each year, Hilgert could see huge gaps where the assurance and support they offered could be far more timely and valuable. To change the way they worked, he needed software that provided a clear template for a risk-based audit plan and enabled them to ensure consistent audit processes and follow-up systems.
Even more urgently, he was not convinced that the existing data was secure and he wanted software that would give him full control over who could access the data and for what purpose. It was also important that users could drill down and extract and compare data to get a clearer picture of what was really happening in different parts of the business.