KnowledgeLeader Blog

Chief audit executives and audit teams may be comfortable with the fact that their approach to audit committee reporting has followed the same unwavering path for the past decade. But are they shortchanging themselves by not communicating results as clearly and engagingly as possible?

Topics: Internal Audit, Risk Assessment, Audit Committee & Board, Quality Assessment Review, Audit Reporting

Internal auditors have weighed the benefits of data analytics software since the earliest versions of the technology began to surface nearly two decades ago. The conversation has continued even as the tools have grown in sophistication and become more pervasive on Windows-based systems.

Topics: Internal Audit, Audit Planning, Audit Reporting, Data Analytics

Changes to a company’s information technology (IT) environment, both information systems and the underlying platforms, are a source of significant operational risk for every organization. To protect its IT investment and reduce operating risk, robust change management processes are critical. The need for a positive control environment and a very unforgiving attitude regarding unauthorized IT changes by management cannot be overemphasized. Insufficiently tested IT changes is an unacceptable practice.

Topics: IT Audit, IT Governance, IT Infrastructure, IT Strategy

In order to be a high-performing auditor, you must be able to deliver messages in a clear and compelling manner. From kickoff meetings and status reports to internal training sessions, executive committee reports and even ordinary staff meetings, auditors are often required to communicate with tact, diplomacy and conviction.

Topics: Human Resources, Training & Development, Internal Audit, Audit Committee & Board

The internal audit function’s position within a company is unique. It provides its principal stakeholders (audit committee members and management) valuable and objective assurance on governance, risk management and control processes, as well as consulting services to improve operations. With this critical responsibility to fulfill, implicit in executing those duties is internal audit’s continuous improvement to its own practices.

Topics: Internal Audit, Risk Assessment, Audit Committee & Board, Quality Assessment Review, Audit Planning

Everyone talks about the need for good risk management programs, but nobody seems to know how to audit them to ensure that they work. The people that bear responsibility for setting the parameters of an enterprise risk management (ERM) program is pretty clear: the board of directors and the C-level executives. They decide what the risks are, what level of risk they’re willing to tolerate and what risks they do not want to tolerate. They are responsible for monitoring and responding to ERM outputs and obtaining assurance that the organization’s risks are acceptably managed within the specified boundaries.

 

Topics: Enterprise Risk Management, Internal Audit, COSO, Risk Assessment, Audit Committee & Board, Governance, Risk & Compliance

Ongoing professional development is essential for today’s internal auditors, previously outlined in Protiviti’s 2013 Internal Audit Capabilities and Needs Survey. The results of the survey provide plenty of food for thought on the importance internal auditors assign to professional development in the light of a rapidly changing environment with new challenges at every turn. At the same time, internal auditors are enjoying a broader range of career paths and becoming innovative thinkers to meet the needs and challenges of a changing environment.        

Topics: Internal Audit, IT Audit, Audit Committee & Board, Audit Planning

Over time, auditors have had the good fortune to go on audit assignments and client meetings throughout the U.S. and in many countries of the world. Some trips are spectacular, landing them in the midst of great cities like New York, New Orleans and San Francisco. Others, however, put some of them in danger zones amidst civil war and natural disaster. If you’re a well-heeled auditor, you’ll appreciate the stories and advice in this blog post. If you have ever dreamed of getting that plum auditing role that includes travel, take note: it isn’t always what you imagined it to be. This blog post will help you understand the pros and cons of the traveling auditor’s life.

Topics: Internal Audit, Cross Border & Non-US Issues, Project Management, Audit Planning

 

In January 2013, the updated version of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Integrated Internal Control Framework went into effect (https://www.coso.org/). If you’re wondering what this model is, you probably work for a privately held corporation or a non-profit or are very new to internal audit.

 

Topics: Compliance, COSO, Internal Controls, Risk Assessment, Entity-Level Control

Many organizations have failed to keep pace with changing trends in risk and compliance. Resource allocation for many risk and compliance initiatives implemented under pressure of a crisis to demonstrate urgency and prioritization or regulators has proven to be unsustainable.

Topics: Enterprise Risk Management, Risk Assessment, Governance, Risk & Compliance, Strategic Risk, Agile Auditing