April 11, 2021

Six Questions Boards (and Internal Audit) Should Ask About Cybersecurity

For more than a decade, cyber-related risks have been at or near the top of all risks faced by organizations around the world. Too often, cybersecurity […]
October 11, 2020

​Internal Audit: Do Your Part and #BeCyberSmart

Cybersecurity remains one of the top and most vexing risks facing organizations large and small. Even as many in the global community face existential challenges from […]
January 13, 2020

Internal Audit Alert: The Next Battlefield May Engulf Your Cyber Networks

n the modern risk era, any number of events can accelerate the speed of risks developing or increase the likelihood of their impact on organizations. This […]
December 30, 2019

Final Reflections on Internal Audit’s Decade of Progress

In the past 10 years, many significant events have occurred that have dramatically altered the risk landscape that internal auditors must navigate. From strict new post-financial […]
August 26, 2019

What Happens When Internal Audit Is Ignored? It Happens Too Often

TheNew York Times reported last week on what it called a “summer of crippling ransomware attacks” on Texas cities. Hackers are simultaneously holding hostage computer systems […]
August 19, 2019

​Should Internal Auditors Worry About Digital Spies in Our Midst?

During one of the lighter moments of a recent meeting at IIA Global Headquarters, the following joke was shared: Wife to husband: “Why are you always […]
August 5, 2019

​Are Companies Capitulating on Cybersecurity Risks?

The latest cyber breach is raising awareness about vulnerabilities involving cloud services, insider threats, and third-party risks, reflecting how complex and intertwined cybersecurity risks can be. […]
December 31, 2018

8 Headlines That Defined 2018 for Internal Audit

With the end of the year it’s time to look back at the headlines that should have attracted internal auditors’ close attention. Like recent years, 2018 […]
November 12, 2018

When the SEC Speaks About Cybersecurity, We’d All Better Listen

I often find myself talking with reporters about internal audit’s role regarding risks, particularly cybersecurity. Recently, a rep​orter asked me about a new U.S. Securities and […]