It sometimes happens that, even though you've identified a considerable risk and made a compelling case for addressing it, the management doesn't see the light, or agree with your findings. Frustrating for an audit professional, given that your effectiveness is measured by outcomes and, in cases such as these, your hands are tied. Then what?
Rather than make balance between compliance and all other priorities the goal, aim for achieving the greatest value out of testing so that all risks are identified. This means maximizing the efficiency of your internal audit function - time to talent. What follows are several suggestions for getting the most out of your existing program.
Life sciences organizations face significant challenges with regard to risk management. One solution to minimizing risk may be better “big data” management, including forensic data analytics to mine mountains of data for indicators of fraud or corruption. Competitively speaking, there is immense power in big data...though that must be done with an eye on risk.
SOX compliance is now a routine process for most companies. How can we then explain the rapidly growing number of restatements and recognition complaints when companies certify they are in compliance? Author Mark Alexander asks compelling questions. Can your organization provide good answers?
Internal auditors do a good job of assessing risks and developing risk-based audit plans -- generally speaking -- but there is always a danger that unfamiliar risks may be overlooked or that rapidly emerging risks will render even the best-crafted audit plans obsolete. Author Richard Chambers discusses perils and pitfalls you should avoid in 2014...
Most audit executives work hard to develop open relationships with their audit committee members. The effort generally pays off. Regardless of how hard we work at fostering openness and honesty, however, some audit committee members may not be comfortable telling us everything that’s on their minds.
For publicly traded companies subject to SEC periodic reporting, now is the time to take serious action in transitioning from COSO’s 1992 framework to its 2013 framework.
Internal auditors are right to be concerned about third-party risks. The days of a company’s suppliers or partners being well-known and trusted businesses on the same street or town are a distant memory.
We often hear of the concept of partnering with regard to internal audit. For example, does it make sense for internal audit to partner with compliance? If so, what does this partnering entail?
As the year end approaches, I have been thinking back on the last 11 months and where I have seen the most confusion for companies regarding import and export compliance.