KnowledgeLeader Blog

Perhaps no disaster in recent history has done more to show the need for strong business continuity and disaster recovery planning than the Japan earthquake and tsunami of 2011. This massive 9.0 Richter scale earthquake, which occurred off the Pacific coast of Japan, caused tsunami waves that reached more than six miles inland in spots. More than one million buildings were damaged or destroyed, and nearly 20,000 people died or went missing. Tsunami damage was estimated at more than $300 billion.

Topics: Internal Audit, Supply Chain, Disaster Recovery, Business Continuity Management

The "Holy Grail" for IT has always been to be closely aligned with business efforts. For years, business has encouraged IT to focus on delivering business priorities. At the same time, IT has tried to be an integral part of business planning and align IT efforts and investments with business priorities. Ultimately, effective IT alignment really does require the ongoing and engaged involvement of all key participants.

Topics: Project Management, IT Infrastructure, IT Strategy, Change Management

While strategy-setting defines an enterprise’s overall strategic direction, differentiating capabilities and required infrastructure, a business plan lays out how an organization intends to execute a strategy during an annual period or, if longer, the operating cycle. Organizations should ask themselves: How should risk be integrated into the annual business planning process?

Topics: Enterprise Risk Management, Risk Assessment, Governance, Risk & Compliance, Business Continuity Management

Auditors can use data analytics in organizations to avoid the massive waste spending that often goes hand-in-hand with hiring outside vendors and contractors. This technique doesn’t require overly complicated or expensive software.

 

Topics: Human Resources, Continuous Auditing, Expense Reporting

Ensuring that an organization can recover from disaster is a basic business requirement the board should explore regularly with management. Nowadays, leading organizations are taking this requirement and turning it into a strategic advantage. Namely, investments in operational resiliency are assisting organizations to become more responsive to client needs as well as improving operational reliability, quality and efficiency. It’s an effort you should consider.  

Topics: Internal Audit, Disaster Recovery, Business Continuity Management

Organizations have learned many lessons over the years from specific financial crises. For example, if a chief executive ignores the warning signs posed by the risk management function, resists contrarian information suggesting the corporate strategy is either not working or losing relevance, or fails to consider critical risks when evaluating whether to enter a new market or consummate a complex acquisition, the shareholders and other constituents can end up paying a high price.

Topics: Enterprise Risk Management, Internal Audit, Audit Committee & Board, Strategic Risk

Information technology is critical to the long-term success of most organizations. It is a key driver for the cost of operations, which tends to be a vital component of overall profitability. It facilitates the introduction of new business initiatives, as well as the ongoing improvement of current processes and allows the management team to monitor and report on performance. IT enables business operations through connectivity, information processing and business intelligence. Lastly, and especially important to this audience, IT can contribute greatly to a company’s system of internal controls. 

Topics: Internal Audit, IT Audit, Reporting/Disclosure, Change Management

The SEC introduced “disclosure controls and procedures” as a new term in its initial August 29, 2002, release following the enactment of Sarbanes-Oxley.

Topics: Internal Controls, Entity-Level Control, Sarbanes-Oxley Act, Financial Reporting, Section 302 - Executive Certs.

We all know that change is inevitable, but what can an organization do to keep its strategies and risk management capabilities on the same course as the ever-changing business environment? 

Topics: Enterprise Risk Management, Corporate Governance, Audit Committee & Board, Strategic Risk

Everybody is talking about IT Strategy these days. As IT managers, you’re faced with considerable pressure to communicate a comprehensive strategy, and show a clear road to improving the business value of your activities. IT strategy management is often met with yawns by CEOs and other executives, yet it can advance or undermine every move that a company makes. In one-sided communication models like this, it’s often the case that only problems are properly recognized or attributed to your team.

Topics: IT Audit, IT Strategy, Digital Transformation