Norman Marks, CRMA, CPA, is an evangelist for better run business, focusing on corporate governance, risk management, internal audit, enterprise performance, and the value of information. He is the author of Management’s Guide to Sarbanes-Oxley Section 404: Maximize Value Within Your Organization, and his commentary can be found on his Wordpress blog and @normanmarks on Twitter. The views expressed in this blog are his personal views and may not represent those of The IIA.

The State of the Internal Audit Profession

Posted on Apr 21, 2014

PwC has published the 2014 edition of their State of the Internal Audit Profession. The stated theme is bland: “alignment of stakeholder expectations, and matching skills and capabilities to those expectations, helps internal audit enhance the value delivered to the organization.” But there is a clear message to internal audit leaders, as well as to audit committee members and others with oversight responsibility for internal audit.

continue reading...

Lessons Learned on the Audit Trail. A Review

Posted on Apr 18, 2014

Richard Chambers, President and CEO of The IIA and a gentleman I consider a friend, has written an interesting book that describes “life-based lessons on strategies for success for internal auditors and CAEs.” I decided to purchase a copy and see what he has to say. Neither he nor anybody else asked me to review it, and they don’t have any clue what I am going to say! Well, I think this is a good read and recommend it to every striving internal auditor.

continue reading...

How to Address the COSO Principles for Sarbanes-Oxley

Posted on Apr 14, 2014

I continue to see and hear questions about how organizations should address the 17 principles in the updated COSO Internal Control–Integrated Framework.

continue reading...

Evaluating New Technology

Posted on Apr 6, 2014

According to all the surveys, CEOs place technology as the number one driver of change in their business. New technologies like predictive analytics and the Internet of Things, or significant advances on existing technologies, like robotics and artificial intelligence, provide opportunities to not only enhance existing process but deliver new products and services.

continue reading...

PCAOB Board Member Clears the Air About SOX and the External Auditors

Posted on Mar 29, 2014

Board Member Jeanette Franzel spoke on the 26th at the IIA’s GAM conference on the topic of “Effective Audits of Internal Control in the Current “Perfect Storm.” The full text of her speech has been posted by the PCAOB. 

continue reading...

An Internal Auditor Recommended Taking More Risk

Posted on Mar 22, 2014

Something like 20 years ago, during my first years as the CAE of a major oil refining company, one of my staff (I only hired audit managers at that time and she was the most senior of the three) was working on an audit of Treasury. The Treasurer was a senior member of the Finance team, highly respected by company leadership. So it was important that we make a good impression in this first audit of his area.

continue reading...

Transforming Internal Audit Through Critical Thinking

Posted on Mar 15, 2014

Congratulations to KPMG for taking on this topic in a new publication (PDF)! I have been a big believer in the need for internal auditors to become better at using their native assets, writing about using their eyes, ears, and the space in between.

continue reading...

What Are the Characteristics of a World-class Risk Management Function?

Posted on Mar 8, 2014

In a short video, Watson Wyatt’s ERM Services Leader asserts that these are the characteristics of a world-class risk management function. 

continue reading...

Deloitte and the Risk-Intelligent Chief Audit Executive

Posted on Mar 1, 2014

The latest addition to the excellent Risk Intelligent series from Deloitte talks about how the head of the internal audit function (chief audit executive or CAE) can be a driver of risk excellence within an organization. 

continue reading...

Deloitte Suggests Finance Needs to Consider Risk in Planning, Forecasting, and More

Posted on Feb 22, 2014

A new piece from Deloitte, FP&A: What’s risk got to do with it?, addresses a topic I have been pushing for quite as well — although not as well as I should have.

continue reading...