Ep 265: Stepping into the CAE Role w/ Mike McDonald (BorgWarner)

The Audit Podcast – Ep 265: “Stepping into the CAE Role” with Mike McDonald (BorgWarner)
Date: November 25, 2025
Host: Trent Russell
Guest: Mike McDonald, Chief Audit Executive (CAE), BorgWarner

Episode Overview

This episode dives into Mike McDonald's first year as the Chief Audit Executive (CAE) at BorgWarner, his perspectives on successfully transitioning into the CAE role, and actionable insights for aspiring or new audit leaders. The discussion covers challenges in modern internal audit, quick wins, integrating technology (including AI), managing focus amidst resource constraints, and skills critical for today's auditors.

Key Discussion Points & Insights

1. Intro to Mike McDonald and Team Context

[02:38]

Team Structure: 23 team members in a $15B company.
- ~10% IT audit (mostly outsourced), 90% CPAs/business process auditors.
- Geographic spread: North America (majority), ~5 in Europe, ~5 in Asia.
Role Context: Peer group includes direct reports to CFO; presents quarterly to Audit Committee; focus on transparency and risk reduction.

2. Transitioning into the CAE Role

[03:21]

New Peer Group: “My peers are all the direct reports to our chief financial officer… it's much more relationship building, making sure we’re setting the mandate the way it should be set…” —Mike [03:38]
Key Tasks: Establish protocols, mandate clarity, leverage tech for risk identification, drive transparency.

3. Advice for New/Aspiring CAEs – The First 100 Days

[05:10]

Prioritize Stakeholder Input: “One of the mistakes… is that they’re doing the entire scoping assessment themselves. The reality is internal audit knows a little about a lot… we’re not subject matter experts in anything.” —Mike [05:15]
First Steps:
- Engage with the business to understand risks.
- Don’t build the audit plan in isolation.
- Incorporate cross-functional insights, particularly with emerging risks like cybersecurity and AI.

Day One Advice

[06:56]

“Walk through with your key stakeholders what your goals and objectives are and make sure that those… align with the business.” —Mike
Shift focus from policing/compliance to being a risk advisor.
“The business has to feel supported from you on day one, and then you’ll be successful as an audit group.”

4. Internal Audit Department Mission & Composition

[08:51]

Mission Statement: “The mission is to do as much advisory work as you possibly can… at the top of that house is you’re an advisor to the organization.”
Current Focus: 60% compliance (SOX, regulatory), 40% advisory/operations.
Future Ambition: Flip to majority (60%+) advisory by making compliance more efficient.

5. Focusing on What Matters with Limited Resources

[09:47]

Prioritize based on risk assessment.
Compliance/SOX is a given for public companies; where possible, outsource low-value compliance work to focus audit resources on higher-value advisory.
“How do we make sure we run an appropriate risk assessment so that we are prioritizing what we should be prioritizing?” —Mike

6. KPIs in Internal Audit

[11:34]

Internal Efficiency KPIs:
- Milestone dashboards in AuditBoard (audit software)
- 30 days pre-request, 30 days fieldwork, 30 days wrap-up = 90 days total per engagement
- Weekly tracking in AuditBoard/Power BI; late audits flagged for action.
Quality KPIs:
- Timely audit reports with actionable recs and clear management plans
- Annual business feedback surveys: “Was the audit scope clear? Did recommendations mitigate risk? What could we do better?” [12:45]
Quote: “You have to get feedback from your peers and your customer to be successful.” —Mike

7. Leveraging Technology & Analytics

[13:57]

Full-Population vs. Right-Population Testing:
- “Full population testing is kind of a given now… but it’s not even so much about full populations as… the right populations.” —Mike [14:24]
- Data analytics (using Supervisor) helps narrow focus on populations most at risk; critical for decentralized ERP environments.
Collaboration with Tech Vendors
- “What I’m most impressed with Supervisor is their speed to delivery and their attention to detail…” —Mike [16:33]

Build vs. Buy Analytics

[18:01]

Use 3rd party tools for universal, out-of-the-box analytics.
In-house development for nuanced, entity-specific processes (e.g., custom pricing analysis using Alteryx, PowerBI).
“You need to make sure that you can distinguish between what is sort of universal and that you can apply… and what is very customized…” —Mike [18:38]

Whittling Down Large Result Sets

[20:49]

Materiality thresholds help cut through “noise” (e.g., ignore duplicates below a set $ level).
Understand root causes (e.g., recurring contractual payments) and refine algorithms to reduce false positives.
“Analytics… tell you the what. They don’t necessarily tell you the how or how it’s working.” —Mike [21:34]

8. Talent and Skills for Modern Audit Teams (“Auditor of the Present”)

[22:56]

Key Skillsets:
- Data scientists with business acumen are highly valued (“a dual threat”).
- “Data is becoming the most valuable commodity we have… as you guys all know on the call.”
Encouragement:
- Traditional accounting/finance backgrounds are still relevant but bolstering skills in data, analytics, and AI is essential. [24:11]

9. AI in Internal Audit

[24:41]

Current Usage:
- Microsoft Copilot 365 for day-to-day documentation, contract interpretation, and automating workbook procedures.
- Homegrown chatbot applications built by IT for file queries and procedure automation.
Looking Ahead:
- “We’re using M365 and some homegrown chatbots as of today. Supervisor is going to be releasing… AI on top of their analytics that will certainly support us in the future.” —Mike

Notable Quotes & Memorable Moments

“[Internal audit] knows a little about a lot, but that’s really to the extent of it… we’re certainly not subject matter experts in anything.” —Mike [05:16]
“Internal audit needs to morph into an advisory function… if you’re seen as only the police… you’re not going to get input from your management teams… as opposed to feeling supported.” —Mike [07:19]
“You have to get feedback from your peers and your customer to be successful. Do not take it on your own… you’re really not going to be successful unless you get other people’s opinions.” —Mike [13:18]
“Data scientists with a business acumen are going to be a dual threat and a very hot commodity…” —Mike [23:01]
“Analytics… tell you the what. They don’t necessarily tell you the how…” —Mike [21:34]

Important Timestamps

[02:38]: Overview of BorgWarner audit team & structure
[03:21]: Transition to CAE – new peer group & responsibilities
[05:10]: 100-day plan advice for new CAEs
[06:56]: Day one priorities
[08:51]: Internal audit mission: advisory vs compliance
[11:34]: KPIs: Efficiency, quality, and feedback
[13:57]: Evolution of analytics: right vs full-population testing
[16:33]: Working with analytics vendors (Supervisor)
[18:01]: Deciding between outsourced and in-house analytics
[20:49]: Filtering large data sets and finding actionable results
[22:56]: The “auditor of the present” skillset
[24:41]: Use of AI today and roadmap for the future

Conclusion

This episode is a practical handbook for aspiring CAEs and audit leaders, packed with invaluable insights on aligning audit with business, harnessing technology and analytics (especially AI), fostering advisory over “policing,” and building the right team. Mike McDonald’s journey underscores the vital role of business partnership, continual feedback, and flexible, tech-driven audit processes in driving real impact within a global enterprise.

For further information, feedback, and updates, check out The Audit Podcast show notes and connect via LinkedIn, Instagram, or TikTok. Subscribe for more industry perspectives and actionable audit leadership advice!

Episode Overview

Key Discussion Points & Insights

1. Intro to Mike McDonald and Team Context

[02:38]

Team Structure: 23 team members in a $15B company.
- ~10% IT audit (mostly outsourced), 90% CPAs/business process auditors.
- Geographic spread: North America (majority), ~5 in Europe, ~5 in Asia.
Role Context: Peer group includes direct reports to CFO; presents quarterly to Audit Committee; focus on transparency and risk reduction.

2. Transitioning into the CAE Role

[03:21]

New Peer Group: “My peers are all the direct reports to our chief financial officer… it's much more relationship building, making sure we’re setting the mandate the way it should be set…” —Mike [03:38]
Key Tasks: Establish protocols, mandate clarity, leverage tech for risk identification, drive transparency.

3. Advice for New/Aspiring CAEs – The First 100 Days

[05:10]

Prioritize Stakeholder Input: “One of the mistakes… is that they’re doing the entire scoping assessment themselves. The reality is internal audit knows a little about a lot… we’re not subject matter experts in anything.” —Mike [05:15]
First Steps:
- Engage with the business to understand risks.
- Don’t build the audit plan in isolation.
- Incorporate cross-functional insights, particularly with emerging risks like cybersecurity and AI.

Day One Advice

[06:56]

“Walk through with your key stakeholders what your goals and objectives are and make sure that those… align with the business.” —Mike
Shift focus from policing/compliance to being a risk advisor.
“The business has to feel supported from you on day one, and then you’ll be successful as an audit group.”

4. Internal Audit Department Mission & Composition

[08:51]

Mission Statement: “The mission is to do as much advisory work as you possibly can… at the top of that house is you’re an advisor to the organization.”
Current Focus: 60% compliance (SOX, regulatory), 40% advisory/operations.
Future Ambition: Flip to majority (60%+) advisory by making compliance more efficient.

5. Focusing on What Matters with Limited Resources

[09:47]

Prioritize based on risk assessment.
Compliance/SOX is a given for public companies; where possible, outsource low-value compliance work to focus audit resources on higher-value advisory.
“How do we make sure we run an appropriate risk assessment so that we are prioritizing what we should be prioritizing?” —Mike

6. KPIs in Internal Audit

[11:34]

Internal Efficiency KPIs:
- Milestone dashboards in AuditBoard (audit software)
- 30 days pre-request, 30 days fieldwork, 30 days wrap-up = 90 days total per engagement
- Weekly tracking in AuditBoard/Power BI; late audits flagged for action.
Quality KPIs:
- Timely audit reports with actionable recs and clear management plans
- Annual business feedback surveys: “Was the audit scope clear? Did recommendations mitigate risk? What could we do better?” [12:45]
Quote: “You have to get feedback from your peers and your customer to be successful.” —Mike

7. Leveraging Technology & Analytics

[13:57]

Full-Population vs. Right-Population Testing:
- “Full population testing is kind of a given now… but it’s not even so much about full populations as… the right populations.” —Mike [14:24]
- Data analytics (using Supervisor) helps narrow focus on populations most at risk; critical for decentralized ERP environments.
Collaboration with Tech Vendors
- “What I’m most impressed with Supervisor is their speed to delivery and their attention to detail…” —Mike [16:33]

Build vs. Buy Analytics

[18:01]

Use 3rd party tools for universal, out-of-the-box analytics.
In-house development for nuanced, entity-specific processes (e.g., custom pricing analysis using Alteryx, PowerBI).
“You need to make sure that you can distinguish between what is sort of universal and that you can apply… and what is very customized…” —Mike [18:38]

Whittling Down Large Result Sets

[20:49]

Materiality thresholds help cut through “noise” (e.g., ignore duplicates below a set $ level).
Understand root causes (e.g., recurring contractual payments) and refine algorithms to reduce false positives.
“Analytics… tell you the what. They don’t necessarily tell you the how or how it’s working.” —Mike [21:34]

8. Talent and Skills for Modern Audit Teams (“Auditor of the Present”)

[22:56]

Key Skillsets:
- Data scientists with business acumen are highly valued (“a dual threat”).
- “Data is becoming the most valuable commodity we have… as you guys all know on the call.”
Encouragement:
- Traditional accounting/finance backgrounds are still relevant but bolstering skills in data, analytics, and AI is essential. [24:11]

9. AI in Internal Audit

[24:41]

Current Usage:
- Microsoft Copilot 365 for day-to-day documentation, contract interpretation, and automating workbook procedures.
- Homegrown chatbot applications built by IT for file queries and procedure automation.
Looking Ahead:
- “We’re using M365 and some homegrown chatbots as of today. Supervisor is going to be releasing… AI on top of their analytics that will certainly support us in the future.” —Mike

Notable Quotes & Memorable Moments

“[Internal audit] knows a little about a lot, but that’s really to the extent of it… we’re certainly not subject matter experts in anything.” —Mike [05:16]
“Internal audit needs to morph into an advisory function… if you’re seen as only the police… you’re not going to get input from your management teams… as opposed to feeling supported.” —Mike [07:19]
“You have to get feedback from your peers and your customer to be successful. Do not take it on your own… you’re really not going to be successful unless you get other people’s opinions.” —Mike [13:18]
“Data scientists with a business acumen are going to be a dual threat and a very hot commodity…” —Mike [23:01]
“Analytics… tell you the what. They don’t necessarily tell you the how…” —Mike [21:34]

Important Timestamps

[02:38]: Overview of BorgWarner audit team & structure
[03:21]: Transition to CAE – new peer group & responsibilities
[05:10]: 100-day plan advice for new CAEs
[06:56]: Day one priorities
[08:51]: Internal audit mission: advisory vs compliance
[11:34]: KPIs: Efficiency, quality, and feedback
[13:57]: Evolution of analytics: right vs full-population testing
[16:33]: Working with analytics vendors (Supervisor)
[18:01]: Deciding between outsourced and in-house analytics
[20:49]: Filtering large data sets and finding actionable results
[22:56]: The “auditor of the present” skillset
[24:41]: Use of AI today and roadmap for the future

wavePod

Powered by Wave AI

Summary

Episode Overview

Key Discussion Points & Insights

1. Intro to Mike McDonald and Team Context

2. Transitioning into the CAE Role

3. Advice for New/Aspiring CAEs – The First 100 Days

Day One Advice

4. Internal Audit Department Mission & Composition

5. Focusing on What Matters with Limited Resources

6. KPIs in Internal Audit

7. Leveraging Technology & Analytics

Build vs. Buy Analytics

Whittling Down Large Result Sets

8. Talent and Skills for Modern Audit Teams (“Auditor of the Present”)

9. AI in Internal Audit

Notable Quotes & Memorable Moments

Important Timestamps

Conclusion

Summary

Episode Overview

Key Discussion Points & Insights

1. Intro to Mike McDonald and Team Context

2. Transitioning into the CAE Role

3. Advice for New/Aspiring CAEs – The First 100 Days

Day One Advice

4. Internal Audit Department Mission & Composition

5. Focusing on What Matters with Limited Resources

6. KPIs in Internal Audit

7. Leveraging Technology & Analytics

Build vs. Buy Analytics

Whittling Down Large Result Sets

8. Talent and Skills for Modern Audit Teams (“Auditor of the Present”)

9. AI in Internal Audit

Notable Quotes & Memorable Moments

Important Timestamps

Conclusion