No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Risk

Risk Assessment: A Natural Partnership for Internal Auditors and CCOs

by Michael Volkov
May 26, 2015
in Risk
Risk Assessment: A Natural Partnership for Internal Auditors and CCOs

This article was republished with permission from Michael Volkov’s blog, Corruption, Crime & Compliance.

We all know our favorite things and people who fit together well – milk and cookies, peanut butter and jelly, chips and salsa, Tracy and Hepburn, Martin and Lewis, Abbott and Costello and many other great combinations.

In the corporate compliance world, Chief Compliance Officers and Internal Auditors are natural allies. They often report to the same Board committee, share a common perspective on corporate operations and are aimed at identifying and preventing misconduct.

They often coordinate with each other to monitor and audit corporate operations with a slightly different perspective – financial controls for the auditor and overall ethics and compliance program requirements for the CCO.

In this process, there is one area where CCOs and Internal Auditors should coordinate and build a strong working relationship: risk assessments. I am often surprised when I learn that a CCO and an Internal Auditor do not work together on this issue. While they may use the information collected for different purposes, there is a significant economy to having one risk assessment process conducted for use by both the CCO and the Internal Auditor.

The Internal Auditor uses the risk assessment information for a very specific purpose: developing an audit plan for the upcoming years. In addition, the risk assessment data helps an Internal Auditor not only to identify where to conduct audits in the company, but also provides important information for the Internal Auditor to determine the type and focus of an audit.

For example, if the risk assessment identifies extravagant gifts, meals and entertainment as a high risk in China, the Internal Auditor may focus the audit of the China operations on such expenditures and surrounding internal controls. On the other hand, if the risk assessment identifies tendering procedures in the Middle East as a high-risk activity, the Internal Auditor may focus the audit on such activities and surrounding controls.

The CCO uses a risk assessment not only for identifying and prioritizing risks for design and implementation of compliance controls, but also for conducting compliance audits for specific company operations, depending on location, product line or other risk factors associated with individual operations.

A CCO can use risk assessment information to decide on training activities for the next few years, as well as when considering new or enhanced controls to mitigate relevant risks.

A CCO and an Internal Auditor need to coordinate their own joint plans for conducting audits of company operations, focused on compliance and financial issues. This is a critical joint activity that requires CCOs and Internal Auditors to rank risks, allocate resources to different types and levels of audits and design a plan relying on both audit and compliance staff to carry out the projected audits.

Internal auditors frequently rely on survey information to develop their risk assessments. CCOs should piggyback on this same procedure and build in appropriate questions and data needed to assess risks for compliance purposes. Working together, they should conduct this assessment each year, coordinate the results and analysis and use the risk assessment information as foundation for their respective and joint activities.

Internal auditors often have the same complaints as CCOs about the lack of resources and staff. This is one area where they can reduce their respective costs and facilitate coordination with each other.


Previous Post

Organizational Culture in Corrupt Companies

Next Post

The Importance of Risk Culture

Michael Volkov

Michael Volkov

Michael-Volkov-leclairryan Michael Volkov is the CEO of The Volkov Law Group LLC, where he provides compliance, internal investigation and white collar defense services.  He can be reached at mvolkov@volkovlaw.com. Michael has extensive experience representing clients on matters involving the Foreign Corrupt Practices Act, the UK Bribery Act, money laundering, Office of Foreign Asset Control (OFAC), export controls, sanctions and International Traffic in Arms, False Claims Act, Congressional investigations, online gambling and regulatory enforcement issues. Michael served for more than 17 years as a federal prosecutor in the U.S. Attorney’s Office in the District of Columbia; for five years as the Chief Crime and Terrorism Counsel for the Senate Judiciary Committee, and Chief Crime, Terrorism and Homeland Security Counsel for the Senate and House Judiciary Committees; and as a Trial Attorney in the Antitrust Division of the U.S. Department of Justice. Michael also maintains a well-known blog: Corruption Crime & Compliance, which is frequently cited by anti-corruption professionals and professionals in the compliance industry.

Related Posts

business person diving for answers

Diving Into the Deep End of ESG Reporting? Do You Even Know How to Get to the Pool?

by FTI Consulting
June 24, 2022

Companies are eager to establish their ESG programs, and it’s not hard to understand why. But as a trio of...

Stericycle FCPA Enforcement Action

Stericycle FCPA Enforcement Action

by Corporate Compliance Insights
June 23, 2022

Tom Fox dives into the details of Stericycle’s multinational bribery scheme in Latin America that landed the company millions of...

Ethisphere Launches The Sphere to Provide On-Demand Ethics and Compliance Benchmark Analysis

Ethisphere Launches The Sphere to Provide On-Demand Ethics and Compliance Benchmark Analysis

by Corporate Compliance Insights
June 23, 2022

Business ethics think-tank Ethisphere has launched a new product that aims to enable ethics and compliance leaders to efficiently benchmark...

Never the Same: 5 Ways Russia’s Invasion of Ukraine Will Impact Business Forever

Never the Same: 5 Ways Russia’s Invasion of Ukraine Will Impact Business Forever

by Thomas Fox
June 23, 2022

Tom Fox’s musings on the war following a recent chat with Exiger CEO Brandon Daniels; the pair discuss the ways...

Next Post
The Importance of Risk Culture

The Importance of Risk Culture

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance Decision-Making DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring Ransomware RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT