Internal Audit

The use of AI is projected to grow exponentially in the near future. James Bone discusses what this means for internal audit and outlines the key elements of an AI audit framework. Artificial intelligence has become a national strategic imperative for countries as diverse as China, Russia, the U.K., France, Canada and 13 other nations.,,, In February 2019, President Trump signed an Executive Order (EO 13859) to ensure the U.S. maintains leadership in artificial intelligence and importantly addresses gaps in...

Jim Nortz details the development and implementation of a highly successful Compliance Assistance and Monitoring Program (CAMP) used to evaluate internal controls – while enabling compliance to make friends along the way. A Monster That Had to Be Tamed Several months after we launched the sales and marketing codes and completed our initial live training sessions at Bausch & Lomb, our internal audit team supplemented their routine, countrywide anti-corruption audits with an examination of the existence and adequacy of internal...

There are similarities between the GDPR and the CCPA, but there are some key departures as well. Nielsen’s Kevin Alvero and Michael Velasco detail the differences internal auditors should be aware of to ensure compliance. On May 25, 2018, the General Data Protection Regulation (GDPR) was implemented, providing European Union citizens unprecedented protection and privacy regarding organizational use of their personal information. For California businesses and those that serve California residents, the GDPR turned out to be a harbinger of...

Mariette Cutler, Managing Director of The Risk Navigation Group, discusses how relative inexperience in the audit profession can be a real asset – salve to the souls of those still gaining a footing in the GRC space. Early morning paired with the brisk fall air to set the tone for a third-quarter audit committee meeting. Most of us have been there: dry commentary interspersed with the occasional cold remark and a generous sprinkling of buzzwords. Audit committee meetings can be...

Nielsen’s Kevin Alvero and Randy Pierson explore the fundamental elements that should be included in any approach to doing internal audit of artificial intelligence. Many internal audit departments are in the process of developing approaches to auditing their company’s artificial intelligence (AI) activities. There is no single, definitive framework yet for auditing artificial intelligence, although organizations such as the Institute of Internal Auditors and ISACA have issued guidance on the matter. Regardless of what approach internal audit departments choose to...

Ron Kral espouses the benefits of a well-designed system for financial reporting controls and provides five ways organizations can improve the effectiveness of their ICFR process. When Congress first mandated SOX for public companies, requiring them to document and assess internal controls over financial reporting (ICFR), many executives viewed the requirement simply as a compliance exercise. While some may continue to feel this way, the more successful companies have recognized that a well-designed control system can deliver greater efficiencies to...

Internal audit must know how to respond when business process owners want to go faster and document less (such as in Agile environments). Nielsen’s Kevin Alvero and Wade Cassels discuss what IA can do to meet these seemingly contradictory goals. In the five months between the crashes of the Boeing 737 Max 8 airplanes in Indonesia and Ethiopia that resulted in the deaths of 189 people and 157 people respectively, Boeing received multiple complaints from pilots about the Max 8’s...

Experts at Nielsen discuss how the internal audit profession is evolving to best suit board and senior leadership needs, as well as where IA is lagging.

Firms are increasingly leveraging transcription technologies to gain data insights, but they need to understand these applications to make informed choices.

The Fourth Industrial Revolution is coming, and organizations must bolster their internal audit and compliance functions now to keep pace and minimize risk.

The audit profession is facing unprecedented demands, but there are a host of tools available to help. James Bone outlines the benefits to automating audit tasks.

An organizations’ weakest link is most often human, not technological. Moss Adams’ Francis Tam explains why, when it comes to cybersecurity, anomalies like daily logins, users and infrastructure changes should be an organization’s main concerns.