How Deckers’s Internal Audit Team Transformed from Regulator to Business Partner
Learn how Kara Goslin, Internal Audit Manager at Deckers, is creating a culture where internal audit is seen as a valued partner assisting the organization in launching improvements to business processes and achieving its larger objectives.
Prior to joining Deckers as an Internal Audit Manager, Kara Goslin knew she was interested in a career in audit because it was the best place to work closely with teams throughout the business and enhance knowledge of processes. Today, Kara manages Deckers’s European and North American regions from London, while also taking on CAE-level responsibilities as the point of contact for the audit committee. From her unique vantage, Kara has excelled in helping to transform the perception of internal audit as “the regulator” into a partner the business can turn to for helpful insights. Her other successes include a best in class SOX program and effectively leveraging ERM to find opportunities to help Deckers achieve its business goals while using those insights to drive the audit plan. Read more about Kara’s role at Deckers below.
What drew you to a career as an internal auditor?
Kara: I was drawn to audit because it felt like the most hands-on and holistic way to learn how businesses operate from end to end. When I started in the assurance practice at PwC after college, I quickly realized I was more interested in learning about the business as a whole over focusing purely on financial statements. The idea of going to client sites and working with a variety of companies at that level was appealing to me. Eventually, as the time to move to the manager level in external audit approached, it felt natural to pursue the route of internal audit. This was when I became aware of the role at Deckers; five years later, and I’m very happy with the decision I made.
What was the most challenging aspect of taking on CAE-level responsibilities while managing the North American and European regions?
Kara: The most challenging but exciting piece is being in a position where I am able to look at internal audit from a strategic lens, where I get to consider how to improve the department and help initiate and drive those improvements. I am able to view internal audit from a high-level perspective, where I look at things like our enterprise risk management program, our audit plan, and our team—which were areas that I have always had a lot of ideas on as a manager. The opportunity and ability to put those ideas forth both with the internal audit team and executive leadership, as well as set them in motion, is very exciting to me.
What is the most fulfilling aspect of your role?
Kara: Equally challenging and fulfilling are the CAE-level responsibilities that have come with being the new point of contact for the audit committee over the past few months. I have always been passionate about partnering with the business, but it’s even more important for me to help transform the perception of internal audit as “the regulator” into a partner where the business can go to gain valuable insights into risks and how to manage them effectively. Knowing that we are moving closer to that goal daily is fulfilling for me.
What is the number one priority for your team this year?
Kara: As a small team at a public company our initial priority, of course, is maintaining a robust and compliant SOX program. But beyond this, I have been working with our Chief Compliance Officer and CFO to develop and evolve our ERM program. I’m very excited to be leveraging technology to help Deckers build out our ERM this year, which has been very helpful with reporting and improving our presentation to the Board. I’m also looking forward to leveraging the insights and successful finds we are gaining from ERM to drive our audit plan and operational audits.
What do you feel is the most difficult challenge facing internal auditors right now?
Kara: Considering the pace at which internal audit as an industry is changing alongside the evolution of risks faced by global businesses, I think the biggest challenge is gaining a real understanding of the current risks and those around the corner. Everything from cyber and information security to utilizing AI, data analytics, and robotic process automation requires our attention. It’s important for the entire internal audit team to understand the IT environment, their implications, and how we can use new technologies to automate processes, gain efficiencies, and perform ongoing monitoring.
How are you championing agility, effectiveness, and efficiency for audits at Deckers?
Kara: The immediate, relevant example is how my team is utilizing ERM to drill down and find opportunities to assist the business in its goals. Our operational audits have first and foremost looked at high-risk gaps, but we’ve simultaneously used them as a platform to launch improvements to business processes as we learn more about what the various departments are working on and implementing.
In addition, I’ve placed great emphasis on developing relationships with the business in order to create a culture of internal audit being seen as a partner to the business instead of “the regulator.” I tell everyone I work with throughout Deckers, “If you’re thinking about putting a new policy in place or changing a procedure, even if it’s not SOX-related, reach out to me.” I am more than happy to listen and give feedback to encourage this culture, because I believe this type of proactive participation by internal audit and the organization—with everyone building these relationships—will benefit the business in exponential ways.