First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Budgeting and Auditing

The core principles for effective internal auditing

The IIA has published a new Practice Guide (PG), Demonstrating the Core Principles for the Professional Practice of Internal Auditing.

 

, , , ,

FSRA targets efficient and streamlined regulation for Ontario credit unions, insurers, pension plans, and mortgage brokers

As previously reported, the Ontario government is moving ahead to support financial regulatory reform including by establishing the Financial Services Regulatory Authority (FSRA), the new Ontario provincial regulator for provincially regulated insurers, credit unions, loan and trust corporations, pension plans, mortgage brokers and certain auto insurance service providers.

 

, , , , ,

An ERM horror story

Does it make sense to aggregate risk levels for a variety of risk sources, including cyber, compliance, credit, liquidity, competitor, and internal control over financial reporting?

 

, , , ,

The five essential elements of internal controls within accounting teams

Accounting departments need to implement the five essential elements of internal controls within their teams. Like it or not, organizations hold their accounting departments to higher standards when it comes to internal controls.

 

, , , , , , ,

Cyber and the board

There’s an interesting article in the Harvard Law School Forum on Corporate Governance and Financial Regulation. What the Capital One Hack Means for Boards of Directors has some interesting insights that merit the attention of risk, cyber, audit, and governance practitioners.

 

, , , , , , , , ,

How to assess the effectiveness of risk management

Internal auditors are expected, according to the IIA Standards and some governance codes, to assess the effectiveness of risk management.

 

, , ,

The next generation of internal auditing

I want to congratulate Workiva and Jose Tabuena for Internal Audit’s Guide to Planning, Managing and Addressing Risks. I want to focus on the first piece in that publication, Planning to Do the Right Audits: An Effective Internal Audit Risk Assessment. Here are some excerpts, with comments by me:

 

, , , , ,

Revenue cycle risks and controls: Essential questions you should ask about your company’s sales and receivables

The importance of finance and accounting controls goes far beyond complying with legal requirements. In fact, revenue cycle controls are perhaps the most important component of an organization’s overall internal control framework! Not only are revenue cycle controls an organization’s strongest defense against fraud and loss, they help ensure that decisions are made based on […]

 

Elevating internal audit’s role

For many years, PwC has shared with us their view of the State of the Internal Audit Profession. They have some useful words, but it is mixed in with an agenda with which I don’t totally agree. I will come to that later. But first, the good stuff:

 

, , , ,

CEOs are not idiots when it comes to risk management

If you consider the small number of organizations where risk management is considered as providing a strategic advantage, one of these alternatives must be true:

 

, , , ,

If risk management is the answer, what is the question?

We need to stop coming up with new words and phrases when all we need to address is the effectiveness of management. So stop talking about ERM, IRM, or even objective assurance, and start thinking about how to obtain reasonable assurance that the management of the organization, including how it sets objectives and makes related execution decisions, is effective.

 

, , , , , , ,

Anti-money laundering considerations in cannabis finance

While the right financing structure can be a critical advantage to any cannabis-related business, it is also important to remember that there are legal considerations involved, including in respect of anti-money laundering (AML) matters.

 

, , ,

Time (again and still) for the IIA Standards to be correct

Internal audit can assist management by facilitating a fraud risk assessment. Management should make the decision both on the level of risk and whether it is acceptable. Internal audit can provide their opinion and advice on both.

 

, , , , , , , , ,

Decision-making and the practitioner

McKinsey has shared three articles with insights into effective decision-making.

 

, , ,

How often should you assess risk?

I recently listened to a new video by my friend, Alex Sidorenko. In How often [should] the risk assessments be performed, he makes some solid points, including:

 

, , ,

Previous Posts