control, and governance
control, and governance
August 2012
Partners in Technology
In light of a compliance issue raised by the audit committee, a chief auditor agrees to collaborate with the CFO on continuous auditing and monitoring efforts.
Charlie Wilson, chief audit executive for Ranger Communications, finds himself in a difficult situation. Although he was hoping to move his audit department in a more progressive, consultative direction, the company’s audit committee doesn’t seem ready to support a plan that places lower priority on regulatory and compliance risks (see Finding the Right Balance [link to be added]). As Charlie discussed his risk-based audit plans for the coming year during a meeting with the committee members, they questioned whether there was enough attention focused on basic compliance auditing. “We understand that the compliance results for last year were positive,” the committee chair said, “and you’ve factored that into your risk assessment for next year — but what if significant compliance lapses occur? How will those be detected before it’s too late?”
At that point Ranger’s chief financial officer (CFO) offered a solution. She explained that several people within her division were already engaged in continuous auditing and monitoring activities focused on various policy elements and U.S. Sarbanes-Oxley Act of 2002 compliance. Many of the activities, she said, involve automated tools and other technology that permit her teams to audit 100 percent of daily or weekly transactions and minimize the human resources that would otherwise be devoted to such tasks to attain that level of coverage. She offered to work with Charlie and his team to get them involved in those processes, thereby allowing Charlie to report back to the committee with the assurances they are looking for. Besides, she said, it might also enable her reallocate resources to other strategic initiatives within the finance organization.
After further discussion on the types of compliance elements that would be covered, the committee thanked the CFO and agreed that Charlie should consider the proposed collaboration for the coming year. Charlie said he would work with the CFO to coordinate the continuous auditing and monitoring activities and report back to the committee on the results.
After the meeting, Charlie thanked the CFO for “saving” him during the meeting. He appreciated the offer to collaborate and felt the arrangement could be mutually beneficial. Besides, does it really matter who does what or how it’s accomplished, as long as Ranger’s objectives are met in the end?
Share your comments below.
