In a column at the start of the year, I contended that auditing records management programs should be one of your top dozen priorities for 2007. This month’s column explores that important subject in more detail. Auditing a records management program in many ways should follow the traditional program audit. To wit, review the program’s […]
Dan Swanson
Posted inTechnology
Ensuring Technology Changes Are Well Managed
Information technology is critical to the long-term success of most organizations. It is a key reason for the cost of operations, and cost of operations tends to be a vital component of overall profitability. It facilitates the introduction of new business initiatives, as well as the ongoing improvement of current processes, and allows the management […]
Posted inInternal Controls
Operational Resiliency: The Next Business Priority!
As I’ve mentioned in previous columns, ensuring that an organization can recover from disaster is a basic business requirement the board should explore regularly with management. Nowadays, leading companies are taking this requirement and turning it into a strategic advantage: Namely, investments in operational resiliency are assisting organizations to become more responsive to client needs […]
Posted inAccounting & Auditing
Internal Audit’s Seat At The Governance Table
In June 1999, the Institute of Internal Auditors approved a new definition for internal auditing. Internal auditing was described as “an independent, objective assurance and consulting activity,” which isn’t exactly news. Instead, the telling phrase came at the end of the revised IIA definition—which said internal auditing should be brought to bear on a company’s […]
Posted inFrom the Archive
The Tipping Point For Board Oversight Of IT
T raditionally, and properly, a company’s board of directors has focused on governing the organization; that is, the board ensures that the right CEO is in place, that the right business strategies have been developed, that performance is reported regularly and trending properly, and that the right questions are being asked of management. The board’s […]
Posted inAccounting & Auditing
Auditing Information Security: Are You Protected?
I recently read that many people worry about accidental death, particularly in ways that are very frightening: poisonous snakes or spiders, or even alligator attacks. This same article noted that based on official death statistics, the vast majority of people actually die from chronic health causes: heart attacks, obesity, and other ailments that result from […]
Posted inInternal Controls
The Value Of ‘Performance Measurement’
Steven Covey, author of The Seven Habits of Highly Effective People, and many others quite rightly recommend that when you start any kind of new project, you should begin with the end in mind. What does that involve? Deciding where you want to be in the future (that is, what your “end state” will be); […]
Posted inAccounting & Auditing
Auditing Business Continuity Efforts, Part II
In last month’s column, I introduced the task of auditing business-continuity plans and disaster-recovery programs by providing an overview of what an effective program consists of, what the typical internal auditor’s roles in BCP and DR are, and what the key audit-scoping issues are. We’re going to complete the discussion this month by providing further […]
Posted inAccounting & Auditing
How to audit business continuity programs
Being able to continue critical business functions while responding to a major disaster, and then to return to normal operations efficiently and cohesively afterward, is a critical success factor for all organizations.
Posted inEthics & Culture
Auditing To Spot Fraud, From Start To End
The Sarbanes-Oxley Act was enacted to help fight corporate fraud. Public companies have spent untold millions to comply and hired compliance and ethics officers ostensibly to ensure that the law is adhered to. Yet, somehow, at the end of the day, fraud is still here. However comprehensive your code of ethics may be, and however […]
