Well into the 21st century, businesses worldwide are focusing more and more on managing risks, be they internal or external, financial, operational, strategic, involve technology or regulations, or related to reputation.
While organizations are raising the bar on effective risk management, executives face extraordinary headwinds spawned by a turbulent environment in which risks materialize virtually overnight. Just this year, global financial and business markets have been rocked by spectacular cybersecurity breaches, geopolitical instability in the Middle East and Eastern Europe, refugee crises, and more.
Internal auditors working from risk-based annual plans developed before March are increasingly finding themselves addressing yesterday’s challenges.
All of this reinforces my long-held belief that internal audit must take a more continuous approach to risk assessment.…