We believe organisations which are purpose-driven and address culture and values as a strategic issue will be more successful in the long term, manage risk better, and have a more positive impact on society.
Sourced through Scoop.it from: www.ey.com
We have to think about this one a bit. What is culture? As the article discusses, boards are already having problems getting a handle on culture oversight. How is internal audit going to do it? Internal audit doesn’t determine, design or implement culture. Internal audit can audit specific criteria or elements of the culture as requested by or discussed with the board, or the more likely the audit committee, and executive management. If internal audit is involved, then aren’t we really saying that at the board level culture oversight goes to the audit committee? And, what does the external auditor say about the culture? Is culture an element of COSO 2013 and/or part of the process for evaluating what testing to do during the audit and how reliable the accounting and reporting processes are? Interesting thoughts. As I am hearing more and more about culture, which of course does relate to unlawful activities and fraud, I believe this is yet another topic that is here to stay. Dave Tate, Esq. (San Francisco / California)