Forget the Surveys. These Are the Skills I Look for When I Hire Audit or Risk Practitioners

Posted on Sep 27, 2011

I was recently contacted by a professional organization that wanted to share the results of its survey of audit and risk executives. The survey focused on the skills they rated highest when they assessed potential new hires. The top two were technical skills and an understanding of the business.

continue reading...

A Great Example of Governance Failures and the Risks They Create. HP Board Had Not Met New CEO

Posted on Sep 22, 2011

This article on the board at HP demonstrates very clearly how a dysfunctional board is the source of major risks. It is fascinating that the infighting among the board members led to their hiring a CEO that the majority had not met — and who had been terminated from his prior position as CEO of SAP after a short tenure.

continue reading...

It Is Time to Rethink Whether Internal Audit Still Report to the Audit Committee of the Board

Posted on Sep 21, 2011

Last year, I wrote a piece for the Governance Perspectives column of the Internal Auditor magazine in which I advocated reconsidering where internal audit should report. I still think this is an important subject, especially as boards are considering how they and the various committees of the board should provide oversight of risk management.

continue reading...

Risk Appetite and Tolerance Guidance Produced, but What Does It Mean for Auditors?

Posted on Sep 14, 2011

I don't usually cross-post from my personal blog to this IIA blog, but the topic of risk appetite is important for internal auditors. If we are to assess whether risk management and related controls are effective, the issue is whether they manage risks to the levels desired by the company.

continue reading...

Maybe It's Time to Change Your Approach to Information Security

Posted on Sep 12, 2011

SC Magazine has published an interesting e-book on the topic of Cyber-Espionage: Companies need to shift their thinking about cyberattacks. Sponsored by information security vendors, the author suggests that companies may be focusing on the wrong things when it comes to protecting valuable information assets.

continue reading...

A Must Read for Internal Audit Practitioners and Board Members

Posted on Sep 8, 2011

I previously wrote about Lord Smith's speech at the International Conference in Kuala Lumpur (see here). He has now been interviewed by IIA UK (the Chartered Institute of Internal Auditors) and I highly recommend the resulting article.

continue reading...

Questions for Directors on Executive Compensation May Be Valuable for Risk and Audit Professionals

Posted on Sep 6, 2011

The Canadian Institute of Chartered Accountants (CICA) has a publication aimed at directors, especially members of the board’s compensation committee. Their “20 Questions Directors Should Ask about Executive Compensation” is one of several excellent resources in a series that you might want to check out.

continue reading...