internal audit


Defining the Five Lines of Defense

Rather than segregating risk management responsibilities into their own silo, making them the purview of only a select few, companies would benefit greatly from an integrated approach in which every person in the organization is responsible to some extent in managing risk. Jim DeLoach presents a method involving five distinct lines of defense. Read on for details. ...

medical device

CAPA & Internal Audits: A Medical Device Manufacturer’s Best Friend

In manufacturing, design issues are expected to some degree, but when it's medical devices being produced as opposed to televisions, for instance, the stakes are much higher when something goes wrong. Naturally, the FDA keeps a close eye on medical device manufacturers, but these organizations can beat them to the punch with a strong CAPA system in place.


Implementing COSO’s 2013 Framework: 10 Questions that Need to be Answered

A host of corporations are in the process of Implementing the new COSO Framework or are gearing up for the transition, and they'll have to establish the scope of objectives in which to apply the Framework. Candela Solutions' Ron Kral offers 10 key questions companies should be asking themselves to ensure their internal controls are up to snuff.

rolling dice

Whose Risk Is It, Anyway? When Management Says ‘No’ to Internal Audit

It sometimes happens that, even though you've identified a considerable risk and made a compelling case for addressing it, the management doesn't see the light, or agree with your findings. Frustrating for an audit professional, given that your effectiveness is measured by outcomes and, in cases such as these, your hands are tied. Then what?

interlocking gears

Strategically Leverage Compliance Activities to Add Value

Rather than make balance between compliance and all other priorities the goal, aim for achieving the greatest value out of testing so that all risks are identified. This means maximizing the efficiency of your internal audit function - time to talent. What follows are several suggestions for getting the most out of your existing program.

binary code

Improving Compliance with Data Science

Life sciences organizations face significant challenges with regard to risk management. One solution to minimizing risk may be better “big data” management, including forensic data analytics to mine mountains of data for indicators of fraud or corruption. Competitively speaking, there is immense power in big data...though that must be done with an eye on risk.


Fight SOX Complacency To Reduce Your Risk of Restatement

SOX compliance is now a routine process for most companies. How can we then explain the rapidly growing number of restatements and recognition complaints when companies certify they are in compliance? Author Mark Alexander asks compelling questions. Can your organization provide good answers?

risk dial

5 Risks That Should Be On the Internal Audit Radar – Now!

Internal auditors do a good job of assessing risks and developing risk-based audit plans -- generally speaking -- but there is always a danger that unfamiliar risks may be overlooked or that rapidly emerging risks will render even the best-crafted audit plans obsolete. Author Richard Chambers discusses perils and pitfalls you should avoid in 2014...

zipped lips

Five Things the Audit Committee Won’t Tell Internal Audit

Most audit executives work hard to develop open relationships with their audit committee members. The effort generally pays off. Regardless of how hard we work at fostering openness and honesty, however, some audit committee members may not be comfortable telling us everything that’s on their minds.