The internal controls specialist, especially those with CICS - Certified Internal Control Specialist certification, cannot be supporting actors, they need to be protagonists, leading the dissemination and application of the best management practice structures in their organization, supporting management in this process structural changes, allowing the company to maintain its competitive advantage.

For this, internal control professionals must innovate their approach in the activities of modeling, implementation or evaluation of operational processes, risk management and internal control system.

Having a more holistic view of the company, aligning the market, strategy and operation, is a fundamental requirement for the specialist. He needs to see and understand the meaning of the "parts" in the "whole" business, making sense throughout the operation's ecosystem.

In addition to all the technical and managerial training that this professional must have, he needs to include, in his activities, new structured models, breaking paradigms and expanding his coverage and vision beyond the controls

Thinking about encouraging some reflections and also contributing to these changes, I describe in the diagram, some attributes, which I consider essential, and which should be part of this approach which I called, for lack of creativity, as 4.0, alluding to the fourth industrial revolution that focuses on increased efficiency and productivity using physical cyber systems, automation, IOT, cloud and others.

Let's take a look in these attributes:

1. Evaluation of the organizational structure based on a business vision, so that it can promote the alignment of the capital applied in the operational organization with the planned strategic return,

2. Application of structured and disciplined methodology to evaluate processes and activities, considering the inclusion of agile principles and values,

3. Add a review of the performance of the governance, compliance and integrity program as a requirement in the processes, tasks and environment assessment and validation programs,

4. Use of data science techniques and tools in its processes for surveying and testing the efficiency and effectiveness of the internal control system, such as for database validation and information security,

5. Strengthen the vision of strategic and operational risks inherent to the corporation, paying special attention to the emerging risks, whether in the management of data processing technology applied to operational processes, in innovation, in the market, or in other dimensions that may impact the organization's ability not to achieve its mission,

6. Identify the best management practices that can be considered as paradigms for improving performance and innovation, promoting them in the structure, strengthening the control environment and perfecting the fundamentals of corporate governance, risk management, internal control systems, compliance and / or other related activities.

As you may see, the adoption of these attributes, in the activity of internal controls, requires a change of “mindset”, not only of the professionals of internal controls, but also of the management, at all levels.

Every change generates reaction and resistance, so that in order to be successful they must be planned, including in this plan a robust process of sensitizing the structure for the promotion and justification of awareness and culture of efficiency, risks and controls, mitigating the risk of not being successful in this change.

I end this article with a phrase that always helps me when I'm making some excuse for not changing, which is:

"Change is the law of life, those who look only to the past, or to the present will be forgotten in the future" J.F Kennedy

 Be Happy!