Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

Keep me logged in Forgot your password?

Please wait...

Please wait...

Dan Swanson

Compliance Week Columnist Dan Swanson is an internal audit veteran, who previously was director of professional practices at the Institute of Internal Auditors. The author of dozens of articles on internal auditing, Swanson has completed audit projects for more than 30 different organizations and has completed nearly 100 internal audits. An expert on financial, operational, and IT audits, his columns on auditing ethics, compliance, and ERM programs have been extremely popular.

Recent Articles

Auditing Records Management

November 06, 2007

In a column at the start of the year, I contended that auditing records management programs should be one of your top dozen priorities for 2007. This month’s column explores that important subject in more detail.

Ensuring Technology Changes Are Well Managed

October 02, 2007

Information technology is critical to the long-term success of most organizations. It is a key reason for the cost of operations, and cost of operations tends to be a vital component of overall profitability. It facilitates the introduction of new business initiatives, as well as the ongoing improvement of current processes, and allows the management team to monitor and report on performance. IT enables business operations through connectivity, information processing, business intelligence, and the like.

Operational Resiliency: The Next Business Priority!

September 05, 2007

As I’ve mentioned in previous columns, ensuring that an organization can recover from disaster is a basic business requirement the board should explore regularly with management. Nowadays, leading companies are taking this requirement and turning it into a strategic advantage: Namely, investments in operational resiliency are assisting organizations to become more responsive to client needs as well as improving operational reliability, quality, and efficiency. It’s an effort you should embrace, too.

Internal Audit’s Seat At The Governance Table

July 03, 2007

In June 1999, the Institute of Internal Auditors approved a new definition for internal auditing. Internal auditing was described as “an independent, objective assurance and consulting activity,” which isn’t exactly news.

The Tipping Point For Board Oversight Of IT

June 05, 2007

Traditionally, and properly, a company’s board of directors has focused on governing the organization; that is, the board ensures that the right CEO is in place, that the right business strategies have been developed, that performance is reported regularly and trending properly, and that the right questions are being asked of management.

Auditing Information Security: Are You Protected?

May 01, 2007

I recently read that many people worry about accidental death, particularly in ways that are very frightening: poisonous snakes or spiders, or even alligator attacks. This same article noted that based on official death statistics, the vast majority of people actually die from chronic health causes: heart attacks, obesity, and other ailments that result from poor attention to long-term personal fitness. In 2003, accidental deaths in the United States numbered around 100,000; chronic health-related deaths were more than 2.4 million.

The Value Of ‘Performance Measurement’

April 10, 2007

Steven Covey, author of The Seven Habits of Highly Effective People, and many others quite rightly recommend that when you start any kind of new project, you should begin with the end in mind. What does that involve?

Auditing Business Continuity Efforts, Part II

March 06, 2007

n last month’s column, I introduced auditing your business continuity plan and disaster recovery program by providing an overview of what an effective program consists of, what the typical internal auditor’s roles in BCP and DR are, and what the key audit scoping issues are. We’re going to complete the discussion this month by providing further guidance regarding audit planning efforts, audit fieldwork activities, and reporting of results and improvement efforts.

How To Audit Business Continuity Programs

February 06, 2007

Being able to continue critical business functions while responding to a major disaster, and then to return to normal operations efficiently and cohesively afterward, is a critical success factor for all organizations. Effective business continuity (BCP) and disaster recovery (DR) programs are vital and have become a necessary cost of doing business. They must receive adequate attention and support from management if the company is to survive and remain competitive in a post-disaster situation.

Auditing To Spot Fraud, From Start To End

January 09, 2007

The Sarbanes-Oxley Act was enacted to help fight corporate fraud. Public companies have spent untold millions to comply and hired compliance and ethics officers ostensibly to ensure that the law is adhered to.

Compliance Week now has a companion group on LinkedIn, where members can network and discuss the compliance and governance news of the day. Open to all compliance professionals, free to join.

Top Global GRC Risks
Sponsored by NAVEX Global

Thought Leadership

Data: The Tail That Wags the Stress Test
Sponsored by Trillium Software

Conflict Minerals Webcast Series
Sponsored by 3e Co., iPoint, Schulte Roth & Zabel and Source Intelligence

Compliance Week Podcasts ...

Every week we chat with leading thinkers in compliance, auditing, risk management, public policy and more. These short (10-15 minutes) interviews are free to all. Follow Compliance Week podcasts on iTunes.