A new publication from the Center for Audit Quality aims to provide public company board members with guidance for addressing cyberrisk management. The CAQ offers four categories of questions that board members can ask to examine such issues as the strategies that management and the financial-statement auditor use to deal with cyberrisk.
Whitepaper: Improve your working papers process. Working papers are fundamental to the audit management process, despite many auditors traditionally considering them separate from that of audit project management. This whitepaper explores common misconceptions with traditional working papers and how technology can help you overcome them. Get access now >>
Companies need to be proactive about staying in compliance with anti-money-laundering regulations by creating a comprehensive plan to recognize, audit and report violations, writes Deanna Murray of Digital Intelligence Systems. Murray outlines the need for internal control reviews and five other key components of a strong anti-money-laundering plan.
Many organizations are not prepared for the upcoming General Data Protection Regulation, as many fail to understand the broad scope of the new rules. Consent processes alone will not be enough to meet the EU regulation.
Starbucks will shutter more than 8,000 US stores during the afternoon of May 29 to hold racial-bias training for almost 175,000 employees. "Closing our stores for racial-bias training is just one step in a journey that requires dedication from every level of our company and partnerships in our local communities," CEO Kevin Johnson says.
The 11th Circuit Court of Appeals has ruled that the Occupational Health and Safety Administration's willful safety violation citation against an HVAC contractor was justified. The contractor unsuccessfully argued that since the site foreman on duty was ignorant of fall protection rules when a worker fell to his death in 2015, a willful safety violation was inappropriate.
"It's not hard to spot signs of toxic cultures," writes IIA President and CEO Richard Chambers. "They generally have poor communications, as well as distracted and unproductive employees, and there tends to be a lot of finger-pointing and blame games when things go wrong," he writes.
Fewer fraud cases are being referred to law enforcement, according to the Association of Certified Fraud Examiners. From January 2016 to October 2017, 58% of cases were given to law enforcement, down from 69% in 2008, ACFE said, noting that a typical employee fraud case results in a $130,000 loss.
Early Registration Is Open - Save $200! Save $200 by registering today for GRC 2018 being held in Nashville, TN at The Omni Hotel. Open keynote speaker, Luke Williams will address "Disruptive Thinking: How to Prepare for What's Coming Next" along with sessions on GRC, cyber risk, resilience and mitigations and much more. GRC-Register Today!
Supply chain hacks pose threats to organizations, regardless of how strong internal strategies may be, states the Cyber Threat to UK Business Industry 2017-2018 report. Because there is no guarantee that third-party suppliers and vendors follow the same cybersecurity standards as other organizations, hackers could attack vulnerable areas of the supply chain, the report notes.
Executives may think their culture fosters innovation, but many employees disagree, according to an EY survey. "This should be a concern for managers, as 69% of employees said that being empowered to innovate was hugely important for them," writes Adi Gaskell.
Strengthen Your Core As The IIA's premier designation for more than 40 years, the CIA sets the standard for excellence within the profession. Establish your foundational core for career growth and opportunity.
Annual IIA business meeting
The 78th Annual Business Meeting of The IIA will be held at 2:30 p.m. Gulf Standard Time on Wednesday, May 9, at the JW Marriott Marquis Hotel Dubai, United Arab Emirates, following The IIA's 2018 International Conference. Learn more.
New public-sector virtual symposium
The IIA's American Center for Government Auditing is hosting a virtual symposium, Preparing Public Sector Auditors for Tomorrow's Terrain, from 10 a.m. to 2 p.m. Eastern on Tuesday, July 24. Learn more.
The sea does not reward those who are too anxious, too greedy or too impatient. ... One should lie empty, open, choiceless as a beach -- waiting for a gift from the sea.
Anne Morrow Lindbergh, author and aviator
About The Institute of Internal Auditors
The Institute of Internal Auditors (IIA) is the internal audit profession’s most widely recognized advocate,
educator, and provider of standards, guidance, and certifications. Established in 1941, The IIA today
serves more than 190,000 members from more than 170 countries and territories. The association’s global
headquarters are in Lake Mary, Fla. For more information, visit