Risk appetite is a critical link between strategy and performance. In an effort to help executives and managers better understand and communication risk appetite, the Committee of Sponsoring Organizations (COSO) issued new guidance, on how organizations can promote risk appetite as an integral part of decision-making. The guidance, titled “Risk Read More
The 2020 Pulse of Internal Audit, a report released this week by the Institute of Internal Auditors reveals serious gaps in internal audit’s coverage, with audit plans deficient in key risk areas, including: Almost one-third of respondents did not include cybersecurity and information technology in their audit plans. More Read More
There is no question that corporate America is facing one of the biggest crises it has ever faced. Indeed, the nation is facing the biggest crisis since 9/11 and possibly since World War II. Nothing has been as disruptive; shuttering stores, restaurants, hotels, and offices across the nation. The coronavirus Read More
AuditBoard, a provider of cloud-based software for managing and automating risk, audit, and compliance work, has announced the release of a new risk management offering, RiskOversight. AuditBoard says the new product, an expansion of its platform, was built to elevate and execute risk management programs across the enterprise—including risk identification, Read More
The Chartered Institute of Internal Auditors released its long-awaited new Internal Audit Code of Practice, to serve as a guide to practices and standards of internal audit professionals in the United Kingdom and Ireland. The professional organization says the new code will increase the effectiveness of internal audit functions and Read More
Where, exactly, does responsibility lie in a modern corporation for ensuring that risks are being identified and managed? It may seem like a simple question, but the answer is far more complex. In fact, a long-used model to define such responsibilities, the “Three Lines of Defense” model, is in the Read More
Boards are significantly overconfident when it comes to addressing the most difficult issues their companies face, party because they are underinformed on top risks, finds a new survey. According to the report, there is a gap between how board members view key risks and how executive management does, due to Read More
A new survey of top business risks, as identified by chief internal auditors in Europe, has found that companies there are most concerned about cybersecurity and data security, increased regulation, and disruptive technology. The survey of 528 chief internal auditors conducted by a group of eight internal audit professional associations Read More
Businesses today cannot be separated from their digital assets. Data drives every aspect of business, from strategic decisions to tactical operations, and all that data is stored in, accessed by, and transmitted across networked systems. Keeping cyber risks under control is a critical issue for any company. Even small, non-tech-oriented Read More
GUEST BLOG Over the years, Big Four audit and consulting firm PwC has provided great value through their annual commentaries and reports on internal auditing. However, in their 2019 State of the Internal Audit Profession Study, they are advising internal auditors to adopt approaches and practices with which I disagree. Read More
