In case you missed them, these were the most popular posts on this site (see here for the top posts on my personal blog), based on the number of views. 

QFinance recently published an article of mine on Continuous Auditing: Putting Theory into Practice. When I shared this news, a couple of people commented that internal audit should not be doing this kind of work, because it is a detective control, management's responsibility, and management may rely on it instead of taking ownership themselves. (I should point out that they reacted to the idea of continuous auditing, without reading the article.)

Let me tell you a story. It applies whether you are a risk officer, internal auditor, compliance professional, or even a manager of people.

A couple of months ago, I wrote a couple of pieces about mobile technology. 

My congratulations go to Professor Larry Rittenberg and Frank Martens of PwC on the Thought Leadership PaperUnderstanding and Communicating Risk Appetite, released today by COSO. 

I recently wrote an article on this topic for CFO.com, which you can read here. I listed a few of the more significant expectations (explained in the article) 

The following article (by me) first appeared in the June 2010 issue of Internal Auditor. I will comment in a separate post about how I see IT governance changing as a result of advances in technology. 

In another post, I have shared an article of mine from 2010 on IT governance and internal audit. But, has IT governance changed in the meantime? 

The new draft internal control framework (ICF) from COSO includes guidance on how to assess whether the system of internal control is effective. 

The ASX Corporate Governance Council, chaired by the Australian Securities Exchange (ASX), has released a second edition of Corporate Governance Principles and Recommendations (see here for the ASX announcement and related resources, or here if you want to go directly to the document (PDF)).