Year: 2025

NIST Updates Privacy Framework

Five years after debuting guidelines that can help organizations balance the goals of using information while protecting individual privacy, the National Institute of Standards and Technology (NIST) has drafted a new version of the NIST Privacy Framework intended to address current privacy risk management needs, maintain alignment with NIST’s recently Read More

Knox County Tenn.

Internal Audit Sparks Investigation into Spending at Tenn. County

If not for an anonymous call to Knox County’s waste, fraud, and abuse hotline, the investigation into misuse of taxpayer dollars and leased vehicles by Knox County Trustee Justin Biggs and some staffers might never have been launched. Justin Biggs and his staff were reimbursed $4,716.59 that exceeded the county Read More

Tim Berichon

A Q&A with Tim Berichon
CAEs Should Follow a Three-Step Process to Achieve EQA Conformance

External quality assessment (EQA) has evolved with the new Institute of Internal Auditors (IIA) standards, and chief audit executives must develop a strategic plan to bridge any gaps in conformance. The standards set a more stringent benchmark for audit departments undergoing an EQA. Tim Berichon explained to research and advisory Read More

Internal audit action item follow-up

Some Common Sense on Following Up on Internal Audit Action Items

GUEST BLOG POST There are conflicting views on whether internal audit should follow up on every action item from previous audits. Let me see if I can inject some common sense into the debate. Imagine this is the situation: A year ago, management agreed to a recommendation by internal audit Read More

Institute of Internal Auditors

RIMS and IIA Reach Agreement to Share Education Resources

As expectations rise for both risk management professionals and internal auditors, RIMS, the risk management society, and The Institute for Internal Auditors have entered into an agreement to provide both professional communities with greater access to career-building and program-advancing learning experiences. RIMS and The IIA will offer their respective memberships Read More

Internal Audit Ethics

Ten Ways to Enhance Ethical Leadership in Internal Audit Departments

Ethics are a crucial component of every organization and are broadly defined as the values and principles that govern and shape behaviours and leadership. According to a recent study by Gallup, only 20 percent of employees surveyed strongly agreed that they trusted the leadership of their organization. Forbes estimates that Read More

Auditing Risk Management

Top Five Use Cases for Applying GenAI in Risk Management

Risk management teams can increase their efficiency and drive better risk insight and mitigation by using generative AI tools in five ways, according to Gartner, an IT research and advisory firm. “GenAI offers ERM teams a unique opportunity to expand their capabilities without significant investments,” said Joel Backaler, Director Analyst Read More

IIA Releases Draft of Its Third-Party ‘Topical Requirement’

The Institute of Internal Auditors released a draft of its Third-Party “Topical Requirement.” The document provides a consistent and comprehensive approach to assessing the design and implementation of third-party governance, risk management, and control processes. It was developed with input from internal audit practitioners and stakeholders globally, says the IIA. Read More

Internal audit leaders say they are underfunded

Report: Nearly Half of All Internal Audit Functions Are Underfunded

A new report finds that many internal audit leaders say they don’t have the funds to sufficiently run their departments, even as many reported increases in funding. According to the 2025 North American Pulse of Internal Audit Survey, nearly half of respondents said their internal audit departments were either insufficiently Read More

PwC Logo

PwC Unit Penalized for Manipulating Compliance Reporting

The Public Company Accounting Oversight Board announced that PricewaterhouseCoopers Singapore agreed to pay $1.5 million for violations of PCAOB rules and quality control standards. The violations arose from the Firm’s failure to have appropriate policies and procedures over its Personal Independence Compliance Testing (PICT) process and to foster an appropriate ethical Read More