September 2017

Let’s face it. We all hit the wall occasionally when it comes to generating the energy and enthusiasm that make us great internal auditors. Maybe we have just been assigned our third audit of the same business unit; it may be because we have been traveling for three weeks straight, or simply because it is Monday!

In most cases, the lull is short-lived, and we soon find the motivation and energy to deliver another great audit. But, what if we find ourselves in career doldrums that are more prolonged or severe? What should we do if we dread the thought of going to work day after day, week after week?…

The iconic American humorist Will Rogers once said, “If you find yourself in a hole, stop digging.” It is a timeless expression that is as applicable today as it would have been decades ago when Rogers first uttered those words. In the age of social media and endless news cycles, politicians, other public figures, and well-known companies can find themselves in a hole without warning. Too often, their instincts are to just keep digging.

The latest company that’s failing to heed Will Rogers’ sage advice is Equifax. At a time when announcements about a new cyberattack have become almost routine, Equifax’s disclosure of a breach that compromised information relating to about 143 million of its customers was shocking.…

My blog post is a bit delayed this week because of the unwelcome​ visit to Central Florida by Hurricane Irma. Like the thousands of people in Texas affected recently by Hurricane Harvey, families in several areas of South Florida, particularly the Florida Keys, face weeks and months of rebuilding. And, sadly, there were losses of life, though thankfully it was limited.

I am relieved that, despite widespread power outages, flooding, and property damage, our IIA Headquarters staff emerged safely from the storm and our offices reopened today to serve our global members.

It is often said that we manage risks every day in our personal lives.…

Internal auditors around the world should take note of an important development this week – the release of the updated COSO enterprise risk management framework.

Several of my blog posts in the past year have focused on the growing demands being placed on internal auditing by its stakeholders and the importance of practitioners being able to rise up to meet new tasks we are being asked to perform.

This new reality reflects the growing complexity of governance, risk, and control in a fast-moving world where powerful technological, socioeconomic, and geopolitical forces can quickly morph the risk landscape. As such, all those who help manage and assess risk across the enterprise must have the best tools and processes available to them.…