An organization can have all the elements of a traditional internal audit function while incorporating modern, agile internal audit features, writes Jason Pett of PwC. "Whether the challenge is financial, digital, or an issue of organizational culture, we have found that more extensive, proactive involvement correlates with more effective management of disruption," he writes.
"Regardless of the size of your audit department, there are valuable lessons that can be learned by examining some of the tried-and-tested strategies routinely employed by outstanding smaller functions," writes IIA President and CEO Richard Chambers. "I believe any internal audit function can make a significant impact if it follows six strategies."
The 2013 Internal Control -- Integrated Framework from the Committee of Sponsoring Organizations of the Treadway Commission is an effective platform for evaluating controls necessary in performance management, says Joseph Howell of Workiva. Having a strong control framework is crucial, but "it's also very important to be able to have an ability to step back and to understand, honestly, where could that go wrong?" Howell said.
The Commodity Futures Trading Commission has joined the Securities and Exchange Commission in creating provisions to protect whistleblowers from employer retaliation. Specifically the rules prohibit companies from forcing employees to sign confidentiality agreements or gag orders prohibiting them from speaking with CFTC officials and allow the agency to take civil anti-retaliation action against firms.
The efforts of construction groups were rewarded last week when the Labor Department suspended a rule that required companies to submit safety labor violations online. The Associated General Contractors of America and others had opposed the rule, saying it could unfairly damage a company's reputation when the records become publicly available.
Some companies affected by cybercrime such as the recent WannaCry ransomware attack are considering whether their kidnap, ransom and extortion insurance policies will cover their losses. These older policies are aimed at guarding employees whose lives are in danger, so "our absolute preference is that people buy specific cover, rather than relying on insurance coverage that is not specific," said Patrick Gage of CNA Hardy.
Cybersecurity experts at last week's Interop ITX conference talked about the changing security landscape and the biggest and newest threats to watch out for. Internet of things threats should be on everyone's radar, machine learning and artificial intelligence may be used in attacks as they become more popular, and nation-state attacks continue to evolve.
Live Webinar: How to move up the risk value chain How relevant are you to your company's strategic risk agenda? Your-CEO's-most-sought-after-employee kind of relevant? Find out how José Alemán, VP of Operations at ACL got his CEO's attention by providing insight into where his company's strategic risks lie and how to mitigate against them. Save your spot now
Confirmation bias means leaders need to actively search for information that challenges their beliefs, writes Shane Parrish. This isn't easy, as we tend to reject evidence that contradicts what we believe.
Study and Save in May! During The IIA's CIA application fee waiver offer in May, take advantage of additional savings on the premier exam self-study tool, The IIA's CIA Learning System®. Use promo code MAY10 at checkout. Learn More.
Guidance: Understanding and Auditing Big Data
Big buzz around big data these days means internal audit must wrap its arms around the topic to aid organizations in its use, security and controls. The IIA's new Global Technology Audit Guide: Understanding and Auditing Big Data helps you understand big data technologies and define the scope and activities an audit should undertake. Download this and other new guidance from The IIA.
Last chance to take the fast route to CIA: Save up to $230
The IIA is waiving the application fee for its flagship credential -- the Certified Internal Auditor (CIA) -- through May 31. Fast-track your understanding of The IIA's Standards and their application in your internal audit practice, and save money on the road to career advancement. Learn how you can save even more on exam preparation resources, too.
Our deepest fear is not that we are inadequate. Our deepest fear is that we are powerful beyond measure. It is our light, not our darkness, that most frightens us.
Marianne Williamson, writer and activist
About The Institute of Internal Auditors
Established in 1941, The Institute of Internal Auditors (The IIA) is the
international professional association serving the Internal Audit profession
globally. As the internal audit profession’s global voice, recognized authority,
acknowledged leader, chief advocate, and principal educator, the IIA’s
International Standards and Code of Ethics unite a global community of over
185,000 internal auditors in 170 countries working in myriad areas including
internal auditing, risk management, governance, internal control, information
technology audit, education, and security. Our mission is to provide dynamic
leadership for the global profession of internal auditing. To learn more,
visit The IIA’s website,