internal audit
December 9, 2019 Norman D. Marks, CPA, CRMA Budgeting and Auditing, Business and Legal Issues, Corporate Governance, Finance and Accounting, Leadership and Management,
When I became a CAE, I started by benchmarking against firms that had a great reputation, either for their business practices or internal audit departments. That is still a good idea and I recommend it.
IIA, internal audit, maturity model, quality assurance review
November 19, 2019 Norman D. Marks, CPA, CRMA Budgeting and Auditing, Business and Legal Issues, Corporate Governance, Finance and Accounting, IT, Privacy and Security, Leadership and Management, Privacy Compliance and Management,
What we should all note from the news is that a failure to perform an appropriate investigation is a serious source of risk to any organization.
fear of retaliation, internal audit, investigations, sexual harassment in the workplace, suspected wrongdoing, whistleblower, workplace investigations
September 3, 2019 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Budgeting and Auditing, Business and Legal Issues, Finance and Accounting, IT, Privacy and Security, Leadership and Management, Sales, Marketing and Operations,
I want to congratulate Workiva and Jose Tabuena for Internal Audit’s Guide to Planning, Managing and Addressing Risks. I want to focus on the first piece in that publication, Planning to Do the Right Audits: An Effective Internal Audit Risk Assessment. Here are some excerpts, with comments by me:
audit plan, internal audit, internal auditing, risk assessment, risk management, risk to objectives
August 26, 2019 Norman D. Marks, CPA, CRMA Accounting Systems and Controls, Budgeting and Auditing, Business and Legal Issues, Corporate Administration, Corporate Governance, Finance and Accounting, Fraud and Corruption, IT, Privacy and Security, Leadership and Management,
For many years, PwC has shared with us their view of the State of the Internal Audit Profession. They have some useful words, but it is mixed in with an agenda with which I don’t totally agree. I will come to that later. But first, the good stuff:
internal audit, Internal Controls, monitoring controls, risk assessment, technology risks and controls
July 22, 2019 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Business and Legal Issues, Corporate Administration, IT, Privacy and Security, Network, Systems and Data Security, Privacy Compliance and Management, Sales, Marketing and Operations, Social Media/Social Networking,
Facebook Data Exposure Offers Critical Lesson for Internal Auditors makes some good points, including:
data collection, data integrity, data management, data managment best practices, data mining, data sharing, internal audit, strategic risk management
July 3, 2019 Apolone Gentles, JD, CPA,CGA, FCCA, Bsc (Hons) Accounting Systems and Controls, Business and Legal Issues, Corporate Governance, Finance and Accounting, Leadership and Management,
If the most serious internal control violation is a failure to implement internal controls in the first place, the failure to monitor existing internal controls is a close contender. Identify where in the organization effective monitoring occurs and leverage those successes.
Committee of Sponsoring Organization of the Treadway Commission, COSO, Exception Reports, IIA, internal audit, Internal Control Monitoring, Internal Control Override, Internal Controls, Lines of Defense, monitoring, Ongoing Evaluations, Process Deficiencies, Separate Evaluations
May 13, 2019 Norman D. Marks, CPA, CRMA Accounting Systems and Controls, Budgeting and Auditing, Business and Legal Issues, Finance and Accounting, IT, Privacy and Security, Leadership and Management, Systems and Data Management,
In PwC 2019 State of the Internal Audit Profession Study, they are advising internal auditors to adopt approaches and practices with which I disagree.
analytical auditing, analytics, audit technology, internal audit, IT auditor, technology risks and controls
April 15, 2019 Norman D. Marks, CPA, CRMA Budgeting and Auditing, Business and Legal Issues, Corporate Governance, Finance and Accounting, Financial Compliance / Planning / Management, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security, Software Acquisition, Implementation and Maintenance,
The Open Compliance and Ethics Group (OCEG) recently published the 2019 OCEG GRC Technology Strategy Report.
compliance, governance, internal audit, objectives, policy management systems, risk to objectives, software for GRC, strategy
March 18, 2019 Norman D. Marks, CPA, CRMA Business and Legal Issues, Corporate Administration, Finance and Accounting, Leadership and Management, Payroll and Personnel Management,
Rather than trying to make sure themselves that everything is right, the board should focus its limited time on gaining comfort that it has the right management team in place, a team capable of getting things right.
board of directors, internal audit, management team, staffing and management, training and development
January 14, 2019 Norman D. Marks, CPA, CRMA Accounting Systems and Controls, Backup and Disaster Planning, Business and Legal Issues, Corporate Governance, Finance and Accounting, IT, Privacy and Security, Leadership and Management, Sales, Marketing and Operations,
One of the findings in a new report by Deloitte, their 2018 Global Chief Audit Executive research survey, is that only 33% of CAEs believe their function is seen positively.
compliance, internal audit, risk
October 31, 2018 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Business and Legal Issues, Corporate Administration, Corporate Governance, Finance and Accounting, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security, Systems and Data Management
Earlier this year, Deloitte published Internal Audit 3.0, The future of Internal Audit is now. It’s great that they are encouraging internal audit departments to change so they can meet modern demands, but their presentation that they are offering something novel and disruptive is way off the mark.
cyber risk, internal audit, Internal Audit 3.0, IT auditing
October 3, 2018 Norman D. Marks, CPA, CRMA Accounting Systems and Controls, Budgeting and Auditing, Business and Legal Issues, Corporate Administration, Corporate Governance, Finance and Accounting, Financial Compliance / Planning / Management, IT, Privacy and Security, Leadership and Management, Privacy Compliance and Management
From a recent survey by Protiviti, the information on how many organizations had to issue a cyber-security disclosure is interesting. Apparently, this generally resulted in an increase on SOX compliance hours – although the reason for a significant increase is not clear.
Cybersecurity, external audit, internal audit, Internal Controls, Sarbanes-Oxley, SOX compliance
September 26, 2018 Norman D. Marks, CPA, CRMA Budgeting and Auditing, Business and Legal Issues, Competition, Corporate Governance, Finance and Accounting, Leadership and Management
Are organizations unnecessarily risk averse? That can be crippling in many ways, including slowing agility and decision-making as well as failing to take advantage of opportunities.
addressing risks, business risk, inherent and residual risk, internal audit
August 29, 2018 Norman D. Marks, CPA, CRMA Business and Legal Issues, Corporate Governance, Leadership and Management
If we are stressing that risk management is really all about effective, informed and intelligent decision-making, shouldn’t internal audit start focusing on the quality of decision-making processes?
enterprise risk management, internal audit, risk, risk management