Recent Stories

Hire People Who Can Think

Hire People Who Can Think

I am often encouraged by surveys of the attributes executives look for when they hire. An increasing number recognize that education, certifications, and even experience are insufficient. The so-called…
Why Internal Audit Fails At Many Organizations

Why Internal Audit Fails At Many Organizations

When recent studies by KPMG and PwC indicate that about half of internal audit’s key stakeholders (board members and top executives) do not believe that internal audit is neither delivering…
Risk Management Books I Recommend

Risk Management Books I Recommend

As we near the gift-giving season, here are some books on risk management you might consider as gifts for yourself, your team, or a friend with a passion for risk management. First,…
The Effective Audit Committee

The Effective Audit Committee

A short article in CGMA Magazine, Ingredients of an effective audit committee, caught my eye. I recommend reading it. I think there are some key ingredients to an effective audit…
Leveraging The COSO Internal Control Update For Advantage

Leveraging The COSO Internal Control Update For Advantage

PwC, who led the project for COSO that updated the Internal Control – Integrated Framework, have shared 10 minutes on why the COSO Update deserves your attention. PwC has…
New E-Book On Segregation Of Duties: A Review

New E-Book On Segregation Of Duties: A Review

I congratulate Larry Carter for his new e-book, published by Compliance Week, on the topic Segregation of Duties and Sensitive Access: Leveraging System-Enforced Controls. This is…
The Effective Audit Engagement

The Effective Audit Engagement

 So far, I have discussed What Should Auditors Audit? and The Risks to Include in the Audit Plan. Now I want to talk about…
Technology, Strategy, Cyber, And Risk

Technology, Strategy, Cyber, And Risk

How do you assess the risk of missing the opportunity to leverage disruptive technology? Does being on the “bleeding edge” still scare you? Are you…
Considering Reputation Risk

Considering Reputation Risk

An organization’s reputation is critical to their success (in almost every case). A smart CEO and her board pay attention to the organization’s reputation and take care to nurture, protect, and
The Risks To Include In The Audit Plan

The Risks To Include In The Audit Plan

In my last post, I discussed What Should Auditors Audit? My answer was that internal audit should address the risks that matter to the organization, its board, and…