KnowledgeLeader Blog

Given the complexity of the business environment, executives need to be careful to avoid overconfidence that can be bred by an expressed or implied “official” view of the future during the risk assessment process. Overconfidence is a powerful source of illusions. It is often driven by the degree of success managers have experienced and the quality and coherence of the storyline they construct regarding the future they envision. Scenario planning is the process of testing management’s “view of the future” by visualizing different future conditions or events, what their consequences or effects would be like, and how the organization can respond to or benefit from them. Scenario planning avoids the risk of a single view of the future by enabling management to identify the likely direction and order of magnitude of the effects of changes that affect the drivers of the enterprise’s revenues, costs, profits and market share.

Developing risk maps, heat maps and risk rankings based on subjective assessments of the severity of impact of potential future events and their likelihood of occurrence is common practice. These approaches provide an overall picture of the risks, seem simple and understandable to most people, are often the result of a systematic process, and provide a rough profile of the organization’s risks.

"Close the books" is a process that a corporation uses to reconcile, consolidate and report financial information on a periodic basis. Each company defines closing the books a little differently; not all companies complete an identical list of tasks in their close-the-books process.

Every audit committee should assess the effectiveness of the organization’s internal audit function at least annually, if not throughout the year. The critical role that internal audit plays requires the audit committee to ensure that the organization receives substantial benefits from the investments made in the internal audit function. Though the charter, scope, funding and activities of internal audit vary from company to company, audit committees should at least consider the following questions when evaluating their company’s internal audit function:

Once a company forms an internal audit function, completes the risk assessment process and develops an internal audit plan that is responsive to the risk assessment, it can initiate individual internal audit assignments.

The process of purchasing materials and supplies comprises procedures and activities to acquire goods in the correct quantity and in a timely manner. The process should include how purchases are started (e.g., inventory levels), who is involved and how it is made. In addition, the process covers the communication of purchases to all required areas of the company (e.g., accounting). Inventory management follows and starts from the time inventory purchases are received to the time the inventory is sold to the customer and payment is received.

The digital revolution currently taking place is transforming our world. Over the next few years, many organizations will need to undertake radical change programs and, in some cases, completely reinvent themselves to remain relevant and competitive.

What should the audit committee’s relationship be with an organization’s board of directors, compensation committee, disclosure committee, and nominating and governance committee?

In a world of rapid change on almost every front at which organizations must adapt and grow or risk decline and their ultimate demise, everybody faces the same reality — either continuously improve their efforts to contribute sustainable value or be left behind. The chief audit executive (CAE) is no exception. As the risks and complexities companies face change, so do the focus, skill sets and capabilities needed by internal audit.

Auditing Standards for Internal Audit

The Institute of Internal Auditors (IIA) promulgates the International Professional Practices Framework (IPPF) which includes Mandatory Guidance and Recommended Guidance.

Mandatory Guidance:

• Core Principles for the Professional Practice of Internal Auditing
• Definition of Internal Auditing
• Code of Ethics
• International Standards for the Professional Practice of Internal Auditing 

Recommended Guidance:

• Implementation Guidance
• Supplemental Guidance