KnowledgeLeader Blog

Sharise Cruz

Recent Posts

Applying the Five Lines of Defense in Managing Risk

Posted by Sharise Cruz on Wed, Sep 25, 2013 @ 10:04 AM

Many lessons were learned from the financial crisis. For example, if a chief executive ignores the warning signs posed by the risk management function, resists contrarian information suggesting the corporate strategy is either not working or losing relevance, or fails to consider critical risks when evaluating whether to enter a new market or consummate a complex acquisition, the shareholders and other constituents can end up paying a high price.

Read More

Topics: Enterprise Risk Management, Internal Audit, Audit Committee & Board, Strategic Risk

Auditing IT Initiatives Is a Recommended Quality Practice

Posted by Sharise Cruz on Fri, Aug 30, 2013 @ 07:00 PM

Changes to a company’s information technology (IT) environment, both information systems and the underlying platforms, are a source of significant operational risk for every organization. To protect its IT investment and reduce operating risk, robust change management processes are critical. The need for a positive control environment and a very unforgiving attitude regarding unauthorized IT changes by management cannot be overemphasized. Insufficiently tested IT changes is an unacceptable practice.

Read More

Topics: IT Audit, IT Governance, IT Infrastructure, IT Strategy

Mining Internal Audit’s Capabilities and Needs

Posted by Sharise Cruz on Wed, Aug 21, 2013 @ 09:51 AM
Read More

Topics: Internal Audit, IT Audit, Audit Committee & Board, Audit Planning

Audit Committee Reporting: Leading Practice Examples and Insights

Posted by Sharise Cruz on Tue, Jul 30, 2013 @ 11:48 AM

Chief audit executives and audit teams may be comfortable with the fact that their approach to audit committee reporting has followed the same unwavering path for the past decade. But are they shortchanging themselves by not communicating results as clearly and engagingly as possible?

Three Protiviti executives – David Brand, managing director, Chicago; Jason Maslan, director, Chicago internal audit practice; and Ari Sagett, director, Chicago internal audit practice – addressed the all-too-frequent issue of stale audit committee reporting by offering some eye-opening leading practice examples in a recent webcast.

Read More

Topics: Internal Audit, Risk Assessment, Audit Committee & Board, Quality Assessment Review, Audit Reporting

Auditing Technology Changes: Are Yours Well-Managed?

Posted by Sharise Cruz on Wed, Jul 17, 2013 @ 11:29 AM

Information technology is critical to the long-term success of most organizations. It is a key driver for the cost of operations, and cost of operations tends to be a vital component of overall profitability. It facilitates the introduction of new business initiatives, as well as the ongoing improvement of current processes, and allows the management team to monitor and report on performance. IT enables business operations through connectivity, information processing, business intelligence and the like. Lastly, and especially important to this audience, IT can contribute greatly to a company’s system of internal control. 

Read More

Topics: Internal Audit, IT Audit, Reporting/Disclosure, Change Management

Auditing IT Management: Aligning IT with Business Priorities

Posted by Sharise Cruz on Wed, May 15, 2013 @ 09:45 AM

The "Holy Grail" for IT has always been to be closely aligned with business efforts. For years, business has encouraged IT to focus on delivering business priorities. At the same time, IT has tried to be an integral part of business planning and align IT efforts and investments with business priorities. Ultimately, effective IT alignment really does require the ongoing and engaged involvement of all key participants. 

Read More

Topics: Project Management, IT Infrastructure, IT Strategy

COSO Integrated Control Framework: Do the Changes Really Matter?

Posted by Sharise Cruz on Mon, May 06, 2013 @ 10:00 AM

In January 2013, the updated version of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Integrated Internal Control Framework (Framework) went into effect (http://www.ic.coso.org). If you’re wondering what this model is, you probably work for a privately held corporation or a non-profit, or are very new to internal audit.

Read More

Topics: Compliance, COSO, Internal Controls, Risk Assessment, Entity-Level Control

Current Events and Headlines in Auditing and Risk Management: March 18-22

Posted by Sharise Cruz on Thu, Mar 21, 2013 @ 12:25 PM

Sen. Levin "London Whale" Report to Put Pressure on Volker Rule Writers

Read More

Topics: Laws & Regulations, Disaster Recovery, Cloud Computing

How Data Analytics Can Help You Audit Vendors and Contractors

Posted by Sharise Cruz on Mon, Mar 18, 2013 @ 09:16 AM

In a recent KnowledgeLeader article, Paul Pettit, Director for Protiviti's Capital Projects and Contracts practice in Houston, Texas, explained how auditors can use data analytics to avoid the massive waste spending that often goes hand-in-hand with hiring outside vendors and contractors.

Read More

Topics: Human Resources, Continuous Auditing, Expense Reporting

Risk Management: Integrating Risk with Business Planning

Posted by Sharise Cruz on Mon, Mar 11, 2013 @ 10:25 AM

While strategy-setting defines an enterprise’s overall strategic direction, differentiating capabilities and required infrastructure, a business plan lays out how an organization intends to execute a strategy during an annual period or, if longer, the operating cycle.

Read More

Topics: Enterprise Risk Management

Add a Comment:

Subscribe to Our Blog

About KnowledgeLeader

KnowledgeLeader, provided by Protiviti, is the premier resource for internal audit and risk management professionals.

With over 1,400 customizable tools and 1,300 articles by industry experts, we offer the most comprehensive service on the market.

For more information:

 Tour the Site

Recent Posts

Posts by Topic

see all