The Institute of Internal Auditors (IIA) has opened a public comment period and is conducting a survey on the widely used “Three Lines of Defense” model, as it considers revising the model to update thinking about how it is applied. The comment period will be open from June 20 to Read More
It’s likely that most internal auditors and risk managers can appreciate the expression: “The more things change, they more they stay the same.” That’s because they see it in action all the time. At most companies, for example, the internal audit and risk management capabilities have improved considerably over the Read More
Like companies in many industries, banks are having a difficult time finding and retaining qualified compliance staffers. In fact, recruiting good compliance professionals has gotten so hard that the U.S. Office of the Comptroller of Currency (OCC) says that it has become a top risk for financial firms, especially regional Read More
Despite the constant drumbeat on the need for companies to improve and formalize risk management systems, most are still way behind, a new report finds. A study released this week by the American Institute of CPAs (AICPA) and North Carolina State University’s Enterprise Risk Management Initiative finds that while companies Read More
GUEST BLOG One thing I know for certain … the times they are a-changin’ … and internal audit is no exception. I spent the last several months interviewing many chief audit executives (CAEs) from all over the world to gain a better understanding of the current state of internal audit. Read More
Internal audits are great at identifying problematic or even fraudulent transactions, whether in audits of payables to third parties, travel and expense audits, or other assessments. But when an internal audit uncovers improper transactions, it’s often too late. The funds have already been spent and reversing that process is never Read More
The Institute of Internal Auditors has released a new guide to help internal auditors assess the risk management process, one of the fundamental audits that internal audit must conduct. The IIA says the latest practice guide will help chief audit executives navigate an evolving risk management environment and deliver on Read More
French data protection regulator CNIL has imposed a €50 million ($57 million) fine on tech giant Google for failing to comply with the EU’s General Data Protection Regulation (GDPR). The EU privacy law, which took effect last May, is among the most strict set of data privacy regulations in the Read More
Among the many things that may keep internal auditors up at night are cybersecurity, compliance, and data security and protection, according to a recent survey by the Chartered Institute of Internal Auditors. These top three concerns significantly outrank other risk categories like human resources, regulatory change, and digitalization, although, of Read More
The past year was a busy one for internal auditors. Most internal audit shops are still coming to grips with some big underlying shifts in internal audit. The biggest trend was the acceleration in the use of technology to fulfill internal audit’s objectives. The second theme of 2018 was finding Read More
