Basel Guidance on Internal Audit Published as Final

Posted on Jun 28, 2012

The Basel Committee on Banking Supervision has updated its guidance for Supervisors for assessing the adequacy of the internal audit function in banks. Earlier this year, I commented on the draft, and the IIA providedcomments in a letter to the Committee

continue reading...

E&Y 2012 Global Fraud Survey

Posted on Jun 25, 2012

E&Y’s latest survey (their 12th) is an excellent and essential read for all concerned with the risk of fraud. I especially like the separate sections for different regions.

continue reading...

The Problem With Risk Heat Maps and Dashboards

Posted on Jun 20, 2012

Most risk practitioners seem to use some form of visualization, such as a heat map or dashboard, to communicate risk levels. But I have my doubts as to whether these reports are as valuable as they seem. 

continue reading...

How Many Independent Directors Should a Board Have?

Posted on Jun 15, 2012

When I reviewed the updated corporate governance code from Singapore (see my earlier post on this site), I was struck by the guideline that one third of the board members should be independent. Is that enough?

continue reading...

Updated Singapore Code of Corporate Governance (Part 1)

Posted on Jun 10, 2012

The Monetary Authority of Singapore (MAS) released an updated version of the Singapore Code of Corporate Governance in May. It includes a number of principles, each of which has a number of Guidelines. You may have seen my earlier review of their excellent guide to risk oversight.

continue reading...

Updated Singapore Code of Corporate Governance (Part 2)

Posted on Jun 10, 2012

This is a continuation of the post on the updated Singapore Code of Corporate Governance issued in May by The Monetary Authority of Singapore. 

continue reading...

Prioritizing the Work of a Tiny Audit Department

Posted on Jun 4, 2012

I have been a strong advocate for:

  • Building the audit plan so that it focuses on the more significant risks to the organization.
  • Providing a formal opinion on management's processes and controls to manage those risks within organizational criteria.
continue reading...