Category Archives: Uncategorized

Advancing the Practice of Internal Audit

Posted on by

As I mentioned earlier, I was honored to be a member of the Re-Look Task Force that has proposed changes to the IIA’s standards framework (IPPF).One of the changes is to introduce Core Principles f…

Source: normanmarks.wordpress.com

My comments in response to Norman’s blog post:

Why is internal audit needed?

– If it is required by law – but that doesn’t determine how much internal audit is required.

– If it provides value – but that depends on the amount of value provided and to whom.

I suspect that some management doesn’t find much value from internal audit, and might even find it intrusive. It is the board and its committees that really should benefit from internal audit. And it would help internal audit if regulators and other outside groups or organizations (proxy companies, perhaps?) started focusing some on the resources that companies are providing to internal audit – of course that might also lead to criticisms of internal audit itself.

Initially I did not believe that the new principles were very impressive. Norman, I appreciate your comments above. I see that from internal audit’s viewpoint at least a couple of the principles are improvements and forward looking. This was a step that internal audit apparently thought it needed to make in a formal manner. But this should be just a step – the promotion of internal audit is behind the times and opportunities, and should accelerate.

I have seen that there is a debate about just how far internal audit can go to not only audit but to also provide recommendations and improvements. Benefit added can be much greater with recommendations and improvements. It is for organizations like the IIA to determine how far internal audit can go with consulting, and making and perhaps designing recommendations and improvements, as long as internal audit isn’t auditing itself. For value added purposes internal audit should open up the opportunities for consulting, recommendations and improvements to the maximum extent that is deemed appropriate. Of course, the internal audit budget and personnel also need to be sufficient and qualified.

Thanks Norman for all your work.

Dave Tate, Esq. (San Francisco)
http://tatetalk.com

See on Scoop.itTate – Law, Liability, Risk Management, Governance, D&O and Business

Assessing Audit Control Risk (and Saving Time)

Posted on by

At times, auditors errantly assess control risk at less than high. Why? We have been told–correctly I might add–that “you can’t default to maximum risk.” While we can’t default to maximum (the old pre-risk-assessment-standards term), we can–and in many audits should–assess control risk at high (the risk assessment standards term). First the auditor should determine the […]

Source: cpa-scribo.com

Should the audit committee members ask their auditor about the auditor’s assessment of controls?  Yes. Will the answer mean anything to the audit committee members? That probably depends on the information that the auditor provides in reply and each audit committee member’s knowledge of the topic area.  See also the COSO Internal Control – Integrated Framework 2013, Executive Summary, click here.

See on Scoop.itTate – Law, Liability, Risk Management, Governance, D&O and Business

GAO – Executive Guide, Creating Value Through World-Class [Governmental] Financial Management

Posted on by

Here it is, way back in 2000 the GAO’s executive guide to world-class governmental financial management, are we there yet? – click here.

Enjoy,

Dave Tate, Esq., CPA (inactive), San Francisco/California, http://tatetalk.com

 

Video – Conservatorship of G.H. & Psychological Examinations

Posted on by

 

Video – The Dangers Of Risk Management For All By All

Posted on by

 

 

How Risk Analytics Can Chart Corporate Choices – CFO

Posted on by

Traditional metrics can help CFO get a firmer grasp of past or frequent events. But for future perils, risk modeling may be the way to go.

Source: ww2.cfo.com

See on Scoop.itTate – Law, Liability, Risk Management, Governance, D&O and Business

Reputation: The Hardest Risk to Manage

Posted on by

GlaxoSmithKline’s unfolding bribery scandal is an object lesson in how a direct hit to its reputation can devastate a company’s finances.

Source: ww2.cfo.com

See on Scoop.itTate – Law, Liability, Risk Management, Governance, D&O and Business

Managing Risks Must Include Taking Them – CFO

Posted on by

Enterprise risk management and governance, risk, and compliance are not interchangeable. Why? The reasons lie at the core of the practice of risk management.

Source: ww2.cfo.com

See on Scoop.itTate – Law, Liability, Risk Management, Governance, D&O and Business

How to Map Your Risks – CFO

Posted on by

Traditional risk heat maps focus only on the downside of risk. But CFOs and CROs need to be able to visualize the opportunities for creating value that exist by taking risks.

Source: ww2.cfo.com

See on Scoop.itTate – Law, Liability, Risk Management, Governance, D&O and Business

How Risk Management Can Spawn Competitive Advantage

Posted on by

CFOs should have the notion of competitive advantage on their minds when they consider the values and goals of their companies’ enterprise risk management.

Source: ww2.cfo.com

See on Scoop.itTate – Law, Liability, Risk Management, Governance, D&O and Business