The National Association of Corporate Directors (NACD) has established an advisory council on risk oversight and published a report on its second meeting that contains notable comments. It is available athttp://www.nacdonline.org/Resources/Article.cfm?ItemNumber=6762. 

Deloitte’s Risk Intelligence White Papers are a set of thought leadership that I have strongly recommended in the past — and continue to do so today. 

Gartner’s 2013 Global CIO Study points to issues I have previously aired: namely a failure to obtain full advantage from new and disruptive technology. This should be of concern to board, all executives, leaders of IT, and risk and assurance professionals.

Survey after survey talk about the top 10 risks or such. For example, look at the 2013 Global Risk Management Survey by Aon. It raises some good points, including a refreshing observation that companies are paying more attention to risk management these days.

 I have been reading an October 2012 publication by McKinsey, Evaluating technology on the boardroom  agenda (registration required – and well worth it). The title of this post is drawn from the piece. The full and important quote is:

Businesses are becoming increasingly digital and it’s not just a matter of process automation or resource-planning systems. Technology trends such as big data, cloud computing, mobility, and social media are giving rise to new marketing and operational capabilities. Indeed, technology has become too embedded in the fabric of the business—and too critical for competitive performance—to be left to the IT function alone.”

My good friend, Michael Rasmussen, is perhaps the father of the term GRC and styles himself as the GRC Pundit. He has an excellent web site that I wholeheartedly recommend and one of his latest posts is on the subject of 2013 GRC Drivers and Trends.

Almost everybody, whether on the board, in management, or in internal audit, agrees that internal audit should be “risk-based. But I don’t think they are talking in the same language. 

Deloitte’s Tech Trends 2013 is a pretty detailed and interesting look at the disruptive effects of technology on business — and the necessary change in the role of the CIO.

Earlier, I reviewed PwC’s 2013 State of the Internal Audit Profession. Protiviti has added insights through their 2013 Internal Audit Capabilities and Needs Survey, which identified these areas as needing improved understanding. 

Each year, I look forward to PwC’s important report on the state of the internal audit profession. Their 2007 report, which had a forward-looking perspective and called out for internal audit to move its focus from controls to risk, was one of the best I have read over the last 20 or more years.