First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Author Archive - Norman D. Marks, CPA, CRMA

Norman D. Marks is an Author, Evangelist and Mentor for Better Run Business, as well as an OCEG Fellow and Honorary Fellow of the Institute of Risk Management. Mr. Marks has been a practitioner and thought leader in internal audit, risk management, and governance for a long time. He has led large and small internal audit departments, been a Chief Risk Officer and Chief Compliance Officer, and managed IT Security and governance functions. Read more

A management risk committee

A question from a follower of this blog on the same topic, had me searching for the charter of the risk committee I established, with the strong support of the CEO, at Business Objects.

 

, ,

Focusing board attention on management

Rather than trying to make sure themselves that everything is right, the board should focus its limited time on gaining comfort that it has the right management team in place, a team capable of getting things right.

 

, , , ,

The positive side of risk

So how should we talk about the good stuff if we reserve the word ‘risk’ for the bad?

 

, , ,

Hyperventilating about cyber – Part 2

Is the level of concern about cyber merited? Should organizations and individuals be as worried about the possibility and consequences of a breach as they are advised by the consultants, information security pundits, and in news reports?

 

, , , ,

Hyperventilating about cyber – Part I

It’s hard to see a survey these days that doesn’t include cyber as one of the top risks faced by organizations around the world. But should it be?

 

, , ,

Making intelligent decisions that consider cyber risk

Should the paradigm be changed from managing a list of cyber risks to helping the organization’s leaders take the right level of risk and manage the business for success?

 

, , ,

Excellent advice for all of us involved in managing risk

The International Federation of Accountants (IFAC) has published a first class document, Enabling the accountant’s role in effective enterprise risk management.

 

, , ,

Transforming risk management in 2019 and beyond

The consideration of risk is integrated into the setting and then the execution of strategies through daily decisions.

 

, ,

Advice for audit committees and oversight of external auditor

While it is clear that the role of the external auditor is important and that the audit committee is charged with their oversight, it is unusual to see advice on how that oversight should be discharged.

 

, ,

Stop managing and start taking risk

Success in business is taking the right level of the right risks. It all comes down to helping leaders make informed and intelligent decisions.

 

, , , , ,

Why is internal audit not seen positively?

One of the findings in a new report by Deloitte, their 2018 Global Chief Audit Executive research survey, is that only 33% of CAEs believe their function is seen positively.

 

, ,

People still don’t know how to assess cyber risk!

Why do the consultants keep advising management and the boards to consider cyber risk as if it is separate from all other business risks?

 

, , , , , ,

Internal audit needs to perform in a way that matters to the board and top management

Internal audit can help leaders with assurance that their people, systems, and processes are able to deliver the desired results – and advice and insight on how to improve them further.

 

, , ,

Who takes cyber risk?

Who is taking cyber risk? Is it the board and top management who are deciding how much scarce resource to invest in breach prevention, detection and response? Or is it the business leaders whose initiatives are damaged or worse should there be a security incident?

 

, ,

Costco reports a material weakness in internal control. But is it really?

In an Oct. 4th news release, Costco Wholesale announced its operating results for the 4th quarter and full year expecting to report a material weakness in internal control.

 

, , ,

Previous Posts