Recent Stories

cyber security

New Information And Perspectives On Cyber Security

The world continues to buzz about cyber security (or, perhaps we should say, insecurity). Now we have the Chinese government apparently admitting that they have a cyberwarfare capability:…
Drive Business Results By Harnessing Uncertainty

Drive Business Results By Harnessing Uncertainty

I am very pleased to see new guidance on risk management from Ernst & Young (EY) that recognizes that risk management is not a defensive activity designed only…
What Should The Audit Committee Focus On In 2015?

What Should The Audit Committee Focus On In 2015?

Every year, the audit firms provide audit committees with their ideas of what the agenda should include in the coming year. Their ideas are usually good, although typically (and…
Hire People Who Can Think

Hire People Who Can Think

I am often encouraged by surveys of the attributes executives look for when they hire. An increasing number recognize that education, certifications, and even experience are insufficient. The so-called…
Why Internal Audit Fails At Many Organizations

Why Internal Audit Fails At Many Organizations

When recent studies by KPMG and PwC indicate that about half of internal audit’s key stakeholders (board members and top executives) do not believe that internal audit is neither delivering…
Risk Management Books I Recommend

Risk Management Books I Recommend

As we near the gift-giving season, here are some books on risk management you might consider as gifts for yourself, your team, or a friend with a passion for risk management. First,…
The Effective Audit Committee

The Effective Audit Committee

A short article in CGMA Magazine, Ingredients of an effective audit committee, caught my eye. I recommend reading it. I think there are some key ingredients to an effective audit…
Leveraging The COSO Internal Control Update For Advantage

Leveraging The COSO Internal Control Update For Advantage

PwC, who led the project for COSO that updated the Internal Control – Integrated Framework, have shared 10 minutes on why the COSO Update deserves your attention. PwC has…
New E-Book On Segregation Of Duties: A Review

New E-Book On Segregation Of Duties: A Review

I congratulate Larry Carter for his new e-book, published by Compliance Week, on the topic Segregation of Duties and Sensitive Access: Leveraging System-Enforced Controls. This is…
The Effective Audit Engagement

The Effective Audit Engagement

 So far, I have discussed What Should Auditors Audit? and The Risks to Include in the Audit Plan. Now I want to talk about…