Board Oversight of Risk

Posted on May 30, 2011

I want to bring two items to your attention today. A recent KPMG study showed that risk management practices still have a very long way to go. In particular, boards members continue to be concerned that they have insufficient information with which to manage risk.

continue reading...

An Internal Audit Opinion That Means Something

Posted on May 24, 2011

If the audit report says that there are significant weaknesses in the system of internal control, or that the level of risk is high, what does that mean?

continue reading...

Revisiting Audit Reports and Ratings Based on a Report by E&Y

Posted on May 13, 2011

E&Y has published a thought-provoking piece in their 5 Insights for Executives series. This one is Internal Audit: a 3-D look at risk.

continue reading...

Linking Corporate Governance and Performance

Posted on May 13, 2011

The Australian Treasury released a paper (March 2009) that purports to demonstrate a linkage between corporate governance and performance — whether it be operating results or share price.

continue reading...

IT-related Risks to Worry About

Posted on May 11, 2011

Keeping up with the emergence of IT-related risks is a major challenge. Perhaps the greatest risk for the IT audit function is losing touch with what is happening, so that risks may emerge that are not addressed in the audit plan.

continue reading...

Continuous Monitoring of Controls Is Not the Same as Inspecting the Integrity of Transactions

Posted on May 11, 2011

I continue (pun intended) to be surprised that people don't understand the difference between the continuous monitoring of controls and the continuous monitoring, or inspection, of transactions.

continue reading...

Auditing the Control Environment

Posted on May 9, 2011

The IIA has just released guidance on this critical area (by way of full disclosure, I was on the development team). By the way, the term “Control Environment” refers to the COSO Internal Control Framework layer, not the entire system of internal control.

continue reading...

Who Can You Trust With Corporate Funds?

Posted on May 5, 2011

This week, disturbing news came from Avon Products regarding their investigation into suspected bribery of foreign officials in violation of the U.S. Foreign Corrupt Practices Act (FCPA).

continue reading...

Shedding New Light on Governance, Risk and Compliance (GRC)

Posted on May 5, 2011

I recently spoke on a webinar by Business Finance on the topic of GRC: what it is and where the value lies. The webinar was recorded and is available (after registration) for free here.

continue reading...

Hiring Managers Taking Too Much Advantage of Social Media

Posted on May 4, 2011

It’s so easy, so tempting, to "Google" candidates as part of the hiring process. But, as Tamara Russell (an attorney with Barran Lebman LLP) told the RIMS conference this week in Vancouver, they could be violating employment and privacy laws.

continue reading...