We all know that change is inevitable, but what can an organization do to keep its strategies and risk management capabilities on the same course as the ever-changing business environment?
In November 2013, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) will formally release long-anticipated updates to ISO/IEC 27001 and 27002. The last time these standards were updated was in 2005.
Expectations for transaction monitoring (TM) governance are quickly evolving due to the complexity of detection systems, the demand for additional operational oversight, increased regulatory scrutiny, and the need for an adequate control framework to guarantee proper risk management.
Many lessons were learned from the financial crisis. For example, if a chief executive ignores the warning signs posed by the risk management function, resists contrarian information suggesting the corporate strategy is either not working or losing relevance, or fails to consider critical risks when evaluating whether to enter a new market or consummate a complex acquisition, the shareholders and other constituents can end up paying a high price.
Chief audit executives and audit teams may be comfortable with the fact that their approach to audit committee reporting has followed the same unwavering path for the past decade. But are they shortchanging themselves by not communicating results as clearly and engagingly as possible?
Three Protiviti executives – David Brand, managing director, Chicago; Jason Maslan, director, Chicago internal audit practice; and Ari Sagett, director, Chicago internal audit practice – addressed the all-too-frequent issue of stale audit committee reporting by offering some eye-opening leading practice examples in a recent webcast.
In more than 20 years of experience as an auditor, I have had the good fortune to go on audit assignments and client meetings throughout the U.S. and in many countries of the world. Some trips were spectacular, landing me in the midst of great cities like New York, New Orleans and San Francisco. Others, however, put me in danger zones amidst civil war and natural disaster. If you’re a well-heeled auditor like me, you’ll appreciate the stories and advice I share in this article. If you have ever dreamed of getting that plum auditing role that includes travel, take note: it isn’t always what you imagined it to be. This article will help you understand the pros and cons of the traveling auditor’s life.
Topics: Protiviti, information technology risk, Hot Issues, internal audit, Cross-border & Non-US issues, audit, project management, travel, audit assignments, network & internet security, Paul Pettit
Add a Comment: