Given the dynamic environment, the audit committee should take a close look at the company’s risk profile at least annually. Ideally, this review should be supported by an updated risk assessment by management. As the committee evaluates disclosure issues, an understanding of the key risks can provide valuable insights.
Topics: Enterprise Risk Management, Risk Assessment, Audit Committee & Board, Strategic Risk
The chief audit executive (CAE) and internal audit can play one or more of the following roles in conjunction with the implementation of enterprise risk management (ERM) in an organization.
Topics: Enterprise Risk Management, Internal Audit, Risk Assessment, Audit Planning, Strategic Risk
Chief audit executives and audit teams may be comfortable with the fact that their approach to audit committee reporting has followed the same unwavering path for the past decade. But are they shortchanging themselves by not communicating results as clearly and engagingly as possible?
Topics: Internal Audit, Risk Assessment, Audit Committee & Board, Quality Assessment Review, Audit Reporting
The internal audit function’s position within a company is unique. It provides its principal stakeholders (audit committee members and management) valuable and objective assurance on governance, risk management and control processes, as well as consulting services to improve operations. With this critical responsibility to fulfill, implicit in executing those duties is internal audit’s continuous improvement to its own practices.
Topics: Internal Audit, Risk Assessment, Audit Committee & Board, Quality Assessment Review, Audit Planning
Topics: Enterprise Risk Management, Internal Audit, COSO, Risk Assessment, Audit Committee & Board, Governance, Risk & Compliance
In January 2013, the updated version of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Integrated Internal Control Framework went into effect (https://www.coso.org/). If you’re wondering what this model is, you probably work for a privately held corporation or a non-profit or are very new to internal audit.
Topics: Compliance, COSO, Internal Controls, Risk Assessment, Entity-Level Control
Many organizations have failed to keep pace with changing trends in risk and compliance. Resource allocation for many risk and compliance initiatives implemented under pressure of a crisis to demonstrate urgency and prioritization or regulators has proven to be unsustainable.
Topics: Enterprise Risk Management, Risk Assessment, Governance, Risk & Compliance, Strategic Risk, Agile Auditing
While strategy-setting defines an enterprise’s overall strategic direction, differentiating capabilities and required infrastructure, a business plan lays out how an organization intends to execute a strategy during an annual period or, if longer, the operating cycle. Organizations should ask themselves: How should risk be integrated into the annual business planning process?
Topics: Enterprise Risk Management, Risk Assessment, Governance, Risk & Compliance, Business Continuity Management
Cash flow management is the mobilization of company funds, the investment of these funds to produce income and compensation of the banks that support the process. Cash managers use most noncredit services of banks, as well as of some nonbanks.
Topics: Risk Assessment, Investments & Foreign Exchange, Accounting/Finance, Process-Level Control, Cash & Treasury
Given the complexity of the business environment, executives need to be careful to avoid overconfidence that can be bred by an expressed or implied “official” view of the future during the risk assessment process. Overconfidence is a powerful source of illusions. It is often driven by the degree of success managers have experienced and the quality and coherence of the storyline they construct regarding the future they envision. Scenario planning is the process of testing management’s “view of the future” by visualizing different future conditions or events, what their consequences or effects would be like, and how the organization can respond to or benefit from them. Scenario planning avoids the risk of a single view of the future by enabling management to identify the likely direction and order of magnitude of the effects of changes that affect the drivers of the enterprise’s revenues, costs, profits and market share.
Topics: Internal Audit, Risk Assessment
Add a Comment: