Companies are increasingly seeking to improve their ability to define and manage growing and changing risk profiles. More often, they are turning to internal audit to help with that task. Chief audit executives and internal audit commentators agree that internal audit activities should be risk-based in order to contribute to the long-term assurance needs of […]
Jose Tabuena
Posted inFrom the Archive
Conducting an Information Security Audit
If you’re amazed— and maybe even a little alarmed—about how much Google seems to know about you, brace yourself. It’s only getting harder to hide. Google recently began to operate under a streamlined privacy policy that enables them to dig even deeper into the lives of its users. Organizations in many industries have similarly made […]
Posted inFrom the Archive
Internal Audit and Compliance: Getting It Together!
Can internal audit and compliance professionals better collaborate for the benefit of their organization? Why not? Audit and compliance—working together—are uniquely positioned to help the board and management understand the importance of an integrated approach to governance activities that enables wise resource use, prevents undesirable outcomes, and grasps advantages for achieving business objectives. It’s all […]
Posted inEthics & Culture
The Reasonable Person: Internal Audit’s Role in Internal Investigations
Corporate scandals and misconduct in the workplace will always be around. No strategy or set of controls can ever completely shield a company to the risk of fraudulent behavior. But a lesson that often needs repeating and relearning is that how you conduct the internal investigation can be as critical as the effect of the […]
Posted inFrom the Archive
Surveys as Internal Auditing Tool
The long (and recent) history of major business frauds and failures invariably points to the culture of the fraudulent organization as a root cause—whether it’s one where “greed is good,” or has a mentality to “do whatever it takes to hit the numbers,” and so forth. Fair enough. But how can an internal audit department […]
Posted inInternal Controls
Auditing in the Clouds, Coming Down to Earth
“The cloud” appears to be the next big thing in Corporate America, with advocates touting its potential to simplify IT infrastructure and lower costs. Cloud computing provides a way for companies to outsource everything from data storage to powerful service applications, paying only for what they use, scaling rapidly, and cutting IT costs in the […]
Posted inFrom the Archive
Continuous Auditing and Monitoring: From Theory Into Practice
For many auditors, continuous auditing remains more of a goal than a reality. The concept—which shifts the internal auditing paradigm from routine periodic audits of a small sample of transactions, to the ongoing review of much larger volumes of data—has proven difficult to put into practice. Financial and audit executives warmed to the idea of […]
Posted inEthics & Culture
Axioms and Proof of Compliance
I doubt that many of us remember our high school geometry class fondly. For most, geometry was a difficult topic, detached from practical life, and the first time we encountered formal proofs and deductive reasoning. Constructing mathematical proofs starts from assumed facts, followed by a series of statements that ultimately justify a theorem. This often […]
Posted inFrom the Archive
How to Tell if Your Compliance Programs Work
At large U.S. companies, effective compliance and ethics programs have never been more vital, yet there’s no definitive way to determine if these programs are actually working. That’s where internal audit comes in. The internal audit function can be a valuable resource for assessing the effectiveness of these programs. But it’s not the same as […]
Posted inInternal Controls
A Smart Approach to Compliance Program Assessment
Ethics and compliance officers, internal auditors, and the like have tried to conduct periodic reviews of their programs, but that has taken on new importance thanks to and updated definition of “effective” compliance programs under the U.S. Sentencing Guidelines. Those guidelines—whose most recent amendments went into effect Nov. 1—emphasize the importance of assessing compliance and […]
