internal audit

fork in the road

Reinventing Internal Audit, Part 2

The winds of change are blowing, and internal audit is squarely in their path. Shifting demands from clients (namely Boards of Directors) and regulatory authorities will require internal audit to rethink its approach to reporting and its responsibility to educate its customers, among other practices. Read on for the second installment in a series on changes in ...


Reinventing Internal Audit, Part 1

In light of recent developments, the profession must rethink the role of internal audit and even its very practices and methods in order to maintain relevance in a shifting governance landscape. Today Tim Leech, Managing Director at Risk Oversight Solutions, brings us the first in a two-part series on the need for change in Internal Audit.


Defining the Five Lines of Defense

Rather than segregating risk management responsibilities into their own silo, making them the purview of only a select few, companies would benefit greatly from an integrated approach in which every person in the organization is responsible to some extent in managing risk. Jim DeLoach presents a method involving five distinct lines of defense. Read on for details. ...

medical device

CAPA & Internal Audits: A Medical Device Manufacturer’s Best Friend

In manufacturing, design issues are expected to some degree, but when it's medical devices being produced as opposed to televisions, for instance, the stakes are much higher when something goes wrong. Naturally, the FDA keeps a close eye on medical device manufacturers, but these organizations can beat them to the punch with a strong CAPA system in place.


Implementing COSO’s 2013 Framework: 10 Questions that Need to be Answered

A host of corporations are in the process of Implementing the new COSO Framework or are gearing up for the transition, and they'll have to establish the scope of objectives in which to apply the Framework. Candela Solutions' Ron Kral offers 10 key questions companies should be asking themselves to ensure their internal controls are up to snuff.

rolling dice

Whose Risk Is It, Anyway? When Management Says ‘No’ to Internal Audit

It sometimes happens that, even though you've identified a considerable risk and made a compelling case for addressing it, the management doesn't see the light, or agree with your findings. Frustrating for an audit professional, given that your effectiveness is measured by outcomes and, in cases such as these, your hands are tied. Then what?

interlocking gears

Strategically Leverage Compliance Activities to Add Value

Rather than make balance between compliance and all other priorities the goal, aim for achieving the greatest value out of testing so that all risks are identified. This means maximizing the efficiency of your internal audit function - time to talent. What follows are several suggestions for getting the most out of your existing program.

binary code

Improving Compliance with Data Science

Life sciences organizations face significant challenges with regard to risk management. One solution to minimizing risk may be better “big data” management, including forensic data analytics to mine mountains of data for indicators of fraud or corruption. Competitively speaking, there is immense power in big data...though that must be done with an eye on risk.