August 2021

August 29, 2021

“When Management Goes Rogue” – How Should Internal Audit Respond?

When it comes to corporate governance, I believe there is one enduring lesson from the past two decades: When boards of directors fail in their oversight responsibility of risk management, the results can be disastrous.

Managing risks for an organization is a complex and often dynamic undertaking that requires strong coordination among the board, management, the chief risk officer and the internal audit function. Identifying and mitigating risks through a sound risk-based internal audit process benefits all organizations, from mom-and-pop businesses to Fortune 500 corporations.

Failure to do so invites almost guaranteed problems at some level of the organization. It also can present a profound dilemma for the organization’s internal auditors who serve both management and the board.…

August 24, 2021

Four Strategic Risks Internal Audit Faces in the Decade Ahead

Last January, I shared perspectives about a recently released World Economic Forum Report on “The Future of Jobs.” In my blog, I shared that a magazine article from the International Monetary Fund had synthesized the WEF’s report’s findings in a way that shed some light on what the future might look like for internal audit. As I observed at the time:

“Unfortunately, it’s not the kind of news we want to hear. The article, by Saadia Zahidi, a co-author of the WEF report, is titled “The Jobs of Tomorrow.” Zahidi shares four compelling predictions:

  1. The workforce is automating faster than expected, displacing 85 million jobs in the next five years.
August 16, 2021

5 Frequent Sources of Tension Between Management and Internal Audit

In the past year, management and internal audit have stood together in the vast majority of organizations in the face of the unprecedented risks presented by the Covid-19 pandemic. Ideally this alliance will prevail in corporate and public organizations around the world, and it likely will most of the time. Despite being allies, management and internal audit do not always see eye to eye. Disagreements may be easily resolved by simply rewording an audit report, or they may be serious enough to impair internal audit’s ability to carry out its mission.

During my years in the profession I navigated countless disputes with management.…

August 8, 2021

Workpaper Retention Presents Internal Audit With Its Own Compliance Risks

I am often surprised by the engagement my social media posts generate by internal auditors around the world. Ours is a profession where benchmarking and networking are an important path to enhancement of our internal audit functions. So, when a colleague asked me to post a LinkedIn poll to gauge internal audit workpaper retention practices, I naturally agreed. I anticipated it would generate some interest and comments, but I was not expecting the response I received. The poll was viewed more than 25,000 times, and generated more than 2,200 votes. In addition, it generated more than 85 thoughtful comments and responses from practitioners around the world.…