The Committee of Sponsoring Organizations of the Treadway Commission has introduced a Compendium of Examples to provide insight into using its Enterprise Risk Management Framework in various scenarios. The examples were developed by PwC with the direction of COSO's board and are based on research, interviews and case studies.
Your guide to increasing audit's value. Internal audit professionals often struggle with how to become more relevant, provide more valuable insights, and gain a better seat at the table. In this eBook, we outline how audit teams can align siloed processes, apply factual data to big picture risks and ultimately, enhance their relevance to the organization and C-Suite. Access the eBook here>>
The chief compliance officer and the internal audit function have many objectives in common and need a close partnership to thrive, Michael Volkov writes. Two major areas of shared interest are financial controls and risk assessments, he writes.
In a digital world, do you know where your risks are? The Transformative Age represents a new frontier filled with opportunity and uncertainty. In a world that is constantly changing and adapting, how is internal audit staying ahead of the curve to face the challenges of tomorrow? Our report outlines key considerations for your internal audit plan to help management navigate in the Transformative Age.
What is internal audit's role when the organization is picking up the pieces of a significant risk management failure? "The circumstances of each debacle dictate the particular role internal audit plays," writes Richard Chambers, IIA president and CEO. Chambers presents a few preventive and reactive roles to consider.
Boards must add preventing and mitigating the risk of sexual harassment on their agendas. There are several steps board members should take to do this, starting with asking the chair to put the topic on the agenda.
The way the Occupational Safety and Health Administration works can be a challenge for companies subjected to its scrutiny. Two former OSHA officers answer 10 basic questions about procedures to clear up misconceptions, beginning with how the agency selects companies for inspection.
Is RegTech the Future of Compliance? The environment in which financial institutions operate is becoming increasingly digital, offering opportunities for institutions to increase intelligence and agility as they serve their customers. In order to keep up, financial institutions are exploring how RegTech can make their compliance function more efficient and effective.
Operation Wire Wire, a multiagency federal effort to catch those involved in an international fraud scheme, has resulted in 74 arrests, the seizure of roughly $2.4 million and the recovery of about $14 million in bogus wire transfers, the FBI said. The scheme involved business email compromise attacks designed to fool recipients into wiring money.
An estimated $9.5 million will have to be added to Atlanta's $35 million technology department budget to help the city fully recover from the cyberattack that occurred in March, said city interim Chief Information Officer Daphne Rackley. At least one-third of the city's software programs remain offline or affected by the breach.
A Colorado bill recently signed into law requires organizations to inform residents of potential breaches and exposure of personal information within 30 days of such an incident being identified. That time frame is the shortest of any US state, and the law is to become effective Sept. 1.
Artificial intelligence has the potential to streamline the hiring process and can help design more efficient organizational structures, says Celonis CEO Alexander Rinke. Christa Manning of Bersin adds that the technology may help us collaborate better in meetings, and it could help us predict more productive ways of working, says Hive CEO John Furneaux.
The first steps to take in a crisis include gathering the facts and committing to telling the truth internally and then externally, writes David Grossman. "No matter how successful the leader, there is one common truth -- communication is a learned skill," he writes.
Assessing and leveraging intelligent automation. This paper is written for executives, board members, and internal audit leaders charged with overseeing and strengthening an organization's overall risk posture. It highlights opportunities for internal audit to assist in intelligent automation initiatives benefiting all three lines of defense.
Webinar: Leading audit committee practices and internal audit reporting
To effectively interact with audit committees, chief audit executives need to know what audit committees expect and what information they need. This IIA Members-only Webinar will outline best practices for reporting to, and communicating with, audit committees and discuss how internal auditors can support committee members in fulfilling their responsibilities. Register now.
Misunderstood risks and constrained auditors
The collapse of Carillion, the United Kingdom's second-largest construction firm, sent shock waves through the corporate governance community. In the latest Tone at the Top, learn more about what went wrong and strategies on how your organization can better prepare to refocus on disruptive risks. Read more.
You won't be happy, whatever you do, unless you're comfortable with your own conscience.
Lucille Ball, entertainer and producer
About The Institute of Internal Auditors
The Institute of Internal Auditors (IIA) is the internal audit profession’s most widely recognized advocate,
educator, and provider of standards, guidance, and certifications. Established in 1941, The IIA today
serves more than 190,000 members from more than 170 countries and territories. The association’s global
headquarters are in Lake Mary, Fla. For more information, visit