Norman Marks, CRMA, CPA, is an evangelist for better run business, focusing on corporate governance, risk management, internal audit, enterprise performance, and the value of information. He is the author of Management’s Guide to Sarbanes-Oxley Section 404: Maximize Value Within Your Organization, and his commentary can be found on his Wordpress blog and @normanmarks on Twitter. The views expressed in this blog are his personal views and may not represent those of The IIA.

How to Address the COSO Principles for Sarbanes-Oxley

Posted on Apr 14, 2014

I continue to see and hear questions about how organizations should address the 17 principles in the updated COSO Internal Control–Integrated Framework.

continue reading...

Evaluating New Technology

Posted on Apr 6, 2014

According to all the surveys, CEOs place technology as the number one driver of change in their business. New technologies like predictive analytics and the Internet of Things, or significant advances on existing technologies, like robotics and artificial intelligence, provide opportunities to not only enhance existing process but deliver new products and services.

continue reading...

PCAOB Board Member Clears the Air About SOX and the External Auditors

Posted on Mar 29, 2014

Board Member Jeanette Franzel spoke on the 26th at the IIA’s GAM conference on the topic of “Effective Audits of Internal Control in the Current “Perfect Storm.” The full text of her speech has been posted by the PCAOB. 

continue reading...

An Internal Auditor Recommended Taking More Risk

Posted on Mar 22, 2014

Something like 20 years ago, during my first years as the CAE of a major oil refining company, one of my staff (I only hired audit managers at that time and she was the most senior of the three) was working on an audit of Treasury. The Treasurer was a senior member of the Finance team, highly respected by company leadership. So it was important that we make a good impression in this first audit of his area.

continue reading...

Transforming Internal Audit Through Critical Thinking

Posted on Mar 15, 2014

Congratulations to KPMG for taking on this topic in a new publication (PDF)! I have been a big believer in the need for internal auditors to become better at using their native assets, writing about using their eyes, ears, and the space in between.

continue reading...

What Are the Characteristics of a World-class Risk Management Function?

Posted on Mar 8, 2014

In a short video, Watson Wyatt’s ERM Services Leader asserts that these are the characteristics of a world-class risk management function. 

continue reading...

Deloitte and the Risk-Intelligent Chief Audit Executive

Posted on Mar 1, 2014

The latest addition to the excellent Risk Intelligent series from Deloitte talks about how the head of the internal audit function (chief audit executive or CAE) can be a driver of risk excellence within an organization. 

continue reading...

Deloitte Suggests Finance Needs to Consider Risk in Planning, Forecasting, and More

Posted on Feb 22, 2014

A new piece from Deloitte, FP&A: What’s risk got to do with it?, addresses a topic I have been pushing for quite as well — although not as well as I should have.

continue reading...

A Review of Recent PwC Reports on Boards, Audit Committees, and Governance

Posted on Feb 15, 2014

PwC has published the results of their Annual Corporate Directors Survey (PDF). I recommend a read of the report and have selected a few important points for comment.

continue reading...

Congratulations to PCAOB for New SOX Guidance

Posted on Feb 10, 2014

In my SOX Master Classes and elsewhere I hear that the external audit firms are saying the PCAOB has issued new and more demanding Sarbanes-Oxley guidance. They are telling companies that both management and auditors have to do more work and fees have to rise accordingly.

continue reading...