control, and governance
In light of a compliance issue raised by the audit committee, a chief auditor agrees to collaborate with the CFO on continuous auditing and monitoring efforts.
Charlie Wilson, chief audit executive for Ranger Communications, finds himself in a difficult situation. Although he was hoping to move his audit department in a more progressive, consultative direction, the company’s audit committee doesn’t seem ready to support a plan that places lower priority on regulatory and compliance risks (see Finding the Right Balance [link to be added]). As Charlie discussed his risk-based audit plans for the coming year during a meeting with the committee members, they questioned whether there was enough attention focused on basic compliance auditing. “We understand that the compliance results for last year were positive,” the committee chair said, “and you’ve factored that into your risk assessment for next year — but what if significant compliance lapses occur? How will those be detected before it’s too late?”
At that point Ranger’s chief financial officer (CFO) offered a solution. She explained that several people within her division were already engaged in continuous auditing and monitoring activities focused on various policy elements and U.S. Sarbanes-Oxley Act of 2002 compliance. Many of the activities, she said, involve automated tools and other technology that permit her teams to audit 100 percent of daily or weekly transactions and minimize the human resources that would otherwise be devoted to such tasks to attain that level of coverage. She offered to work with Charlie and his team to get them involved in those processes, thereby allowing Charlie to report back to the committee with the assurances they are looking for. Besides, she said, it might also enable her reallocate resources to other strategic initiatives within the finance organization.
Share your comments below.