A new version of the KnowledgeLeader website launched today, and with that big change comes a big change for our blog as well.
The KnowledgeLeader Blog Has Moved to a New Home
Risk Oversight: How to be Aware of Emerging Business Risks
Given the dynamic environment, the audit committee should take a close look at the company’s risk profile at least annually. Ideally, this review should be supported by an updated risk assessment by management. As the committee evaluates disclosure issues, an understanding of the key risks can provide valuable insights.
Topics: Enterprise Risk Management, Risk Assessment, Audit Committee & Board, Strategic Risk
What You Need to Build Remarkable Partnerships With the IT Organization
The strength of the partnership between IT audit and the IT organization is a significant differentiator in the overall success of IT projects and IT audit effectiveness, our research shows.
Topics: IT Governance, IT Strategy, IT Risk, IT Controls
Segregation of Duties: Key Facts You Need to Know
Segregation of duties (SODs) is an important concept to internal control frameworks, financial reporting and regulatory compliance, including the Sarbanes-Oxley Act (SOX). It is a component of an effective control environment. The overall effectiveness of management’s internal controls depends on SoDs to a large extent. For effective internal controls, there needs to be an adequate division of responsibilities.
Topics: COSO, Internal Controls, IT Controls, Process-Level Control, Segregation of Duties
How to Monitor Transaction Governance for Anti-Money Laundering
Expectations for transaction monitoring (TM) governance are quickly evolving due to the complexity of detection systems, the demand for additional operational oversight, increased regulatory scrutiny and the need for an adequate control framework to guarantee proper risk management.
Topics: Enterprise Risk Management, Laws & Regulations, Fraud, Foreign Corrupt Practices Act, Compliance, Financial Services Industry
How to Conduct an Up-to-Date Information Security Audit
The point of the article, of course, was that people must focus their attention in the correct places when considering what would most influence their quality of life. That same exact issue exists within organizations where the board and management must ensure that they build and sustain the long-term health of the company.
Topics: Enterprise Risk Management, Internal Audit, Audit Committee & Board, IT Infrastructure
ISO/IEC 27001 and 27002: Risk Changes You Need to Know
In November 2013, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) will formally release long-anticipated updates to ISO/IEC 27001 and 27002. The last time these standards were updated was in 2005.
Topics: IT Audit, Governance, Risk & Compliance, IT Governance, IT Infrastructure
Important Roles You Need to Be Aware of During Enterprise Risk Management
The chief audit executive (CAE) and internal audit can play one or more of the following roles in conjunction with the implementation of enterprise risk management (ERM) in an organization.
Topics: Enterprise Risk Management, Internal Audit, Risk Assessment, Audit Planning, Strategic Risk
Five Components of the COSO Framework You Need to Know
WHAT DOES COSO STAND FOR?
In 1992, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) developed a COSO Framework for evaluating internal controls. This model has been adopted as the generally accepted framework for internal control and is widely recognized as the definitive standard against which organizations measure the effectiveness of their systems of internal control.
Topics: Enterprise Risk Management, Corporate Governance, COSO, Audit Committee & Board
Five Tips for Increasing Your Influence as an Auditor
Topics: Human Resources, Training & Development, Internal Audit, Change Management
Add a Comment: