2021

May 16, 2021

Creating Awareness About Internal Audit’s Value Takes More Than a Month

It is May again, and as many internal auditors know, that means International Internal Audit Awareness Month is upon us. The IIA, along with its affiliated institutes and partners and sponsors around the world are vigorously promoting the value that internal audit brings to fostering stronger internal risk management, internal controls, and corporate governance. Awareness month has long provided an opportunity for practitioners to plan events, gather proclamations, and do other outreach. There is no doubt this positive and coordinated effort helps to build awareness and appreciation of the profession.

As I have expressed before, however, I fear that much more needs to be done to build and sustain an enduring awareness of the profession’s value.…

Do you like it?
Read more
May 11, 2021

The 7 C’s That Should Be on the Risk Radars of Boards (and Auditors) in 2021

In 2019, I authored a blog titled “The 5 C’s That Should be Keeping Boards (and Auditors) Awake at Night.” I first shared the list at an Institute of Directors (IOD) event in Johannesburg, South Africa. The ensuing blog was very popular, and was shared widely among the internal audit and corporate director communities at the time.  

In the blog I noted that the question I dread most in the wake of a high-profile corporate failure is: “Where were the internal auditors?” I also noted a companion question: “Where was the board?” As we all know, there is never a shortage of risks that can come to fruition and create substantial damage to shareholder/stakeholder value in our organizations.…

Do you like it?
Read more
May 5, 2021

Why I Chose AuditBoard as the Next Step on My New Journey

After I left The IIA earlier this spring, I shared five goals for my next chapter on the audit trail. Among those goals were to (1) partner with like-minded organizations and individuals to elevate internal auditing, (2) be a timely and vocal champion for the internal audit profession, and (3) to encourage others by imparting wisdom gained from my 4+ decade journey on the audit trail.

As I considered my options earlier this year, I made a decision to set up my own firm through which I could be an advocate and illuminate opportunities for internal auditors around the world.…

Do you like it?
Read more
April 27, 2021

Should Internal Audit Change its Name?

Over the four decades that I have been part of the internal audit profession, I have been struck by how often I have heard the refrain – “Internal audit should change its name.” The idea is typically suggested as a way to avoid what some view as a negative stigma associated with internal audit. During my years at The IIA, I quickly shot down such ideas as unnecessary and counterproductive. After all, I headed “The Institute of Internal Auditors!” However; as I noted in my recent blog on personal goals for myself, I need to be more open to alternative views and be courageous enough to reexamine long held personal preferences or beliefs.…

Do you like it?
Read more
April 18, 2021

Internal Auditors Can’t be Change Agents if They’re Secret Agents

For almost two years, I have been encouraging internal auditors to become more assertive and adept in “telling their story.” Telling our story is simply another way of creating awareness among those of our stakeholders who may not appreciate the value we create, or our potential. As I noted in a January 2020 blog:

Successfully showing our value is more than what we say. Indeed, it is all about delivering on that promised value. I’ve written extensively on how internal audit adds value, including dedicating chapters in two of my books to the subject. In my first book, Lessons Learned on the Audit Trail, I included a “Life Lesson” that provides particular insight on this subject:

“Your key stakeholders have the last word on whether you are doing your job well.

Do you like it?
Read more
April 11, 2021

Six Questions Boards (and Internal Audit) Should Ask About Cybersecurity

For more than a decade, cyber-related risks have been at or near the top of all risks faced by organizations around the world. Too often, cybersecurity breaches of devastating proportions have wreaked havoc operationally, financially and reputationally for organizations, often destroying value and catching management, boards and internal auditors by complete surprise.

In this day and age, how anyone can be surprised by a cyberattack is beyond me. Yet, according to IIA research, corporate board members often maintain a misplaced level of confidence in the effectiveness of cybersecurity risk management. From my experience, internal auditors are often not much help because they struggle with adequate resources and a lack of expertise to assess the effectiveness of this critical risk.…

Do you like it?
Read more
April 5, 2021

Five Goals for My Next Chapter on The Audit Trail

As the old saying goes, “when one chapter closes, another one opens.” For me, I recently closed the longest and most extraordinary chapter in my career when I stepped down as President and CEO of The IIA. As I have noted, it was not an easy decision, but it was the right decision for both me and The IIA. The IIA will benefit from new ideas and fresh leadership, and I am now free to pursue life as a “private citizen” again after more than 12 years of leading a complex global organization under the glare that came with being a spokesman for the internal audit profession.…

Do you like it?
Read more
March 28, 2021

My 500th Blog Post: Final Reflections from The IIA

When I assumed the role of President and CEO of The IIA on Jan. 5, 2009, little did I know that I was embarking on what would become the longest and most rewarding professional assignment of my life. The world was in a dark place that winter as economies had plunged into the most severe crisis in seven decades.

As the saying goes, when the economy catches a cold, not-for-profit organizations like The IIA catch the flu. So, with the world suffering pneumonia, my entire focus in those early months was squarely on the challenges we faced as an organization – not the amazing journey that would lie ahead.…

Do you like it?
Read more
March 22, 2021

​How Agents of Change Can Shape Internal Audit’s Future

As most of my readers are aware, I will be stepping down as president and CEO of The IIA in a few days. While I am looking forward to beginning a new chapter in my nearly 50-year career in internal auditing, I am happy to have completed a significant goal before my final day on the job at The Institute.

Last week, my latest book, Agents of Change: Internal Auditors in an Era of Disruption, debuted at The IIA’s annual General Audit Management virtual conference. The book is being described as the third in a trilogy. When I put pen to paper on my first book, Lessons Learned on the Audit Trail in 2014, it was not my intent to create a series.…

Do you like it?
Read more
March 17, 2021

When You Spot Fraud, Don’t Break the Eggs

The International Standards for the Professional Practice of Internal Auditing are clear: Internal auditors must possess the knowledge, skills, and competencies needed to carry out their responsibilities. Some internal auditors also have the knowledge and skills to carry out a fraud examination effectively, but most do not. And in an upcoming position paper, The IIA emphasizes that internal auditors should not be expected to have the expertise of those professionals whose primary responsibility is to investigate fraud. The IIA believes fraud investigations are best carried out by those experienced to undertake such assignments.

Hopefully, your organization has a fraud response plan that assigns specific duties and responsibilities.…

Do you like it?
Read more
123456