Continuous auditing and continuous risk assessment: the need for dynamic thinking
September 13, 2012
1 Comment
Richard Chambers, President and CEO of the Institute of Internal Auditors recently blogged “There is no question that technology is making continuous auditing a powerful tool for both internal auditors and managers, alike. However, despite the growing popularity of continuous auditing
Continue Reading →7 Steps to Unwanted Notoriety
July 30, 2012
I never like to hear about cases of egregious wrong-doing or organizations failing to act on known deficiencies and areas of non-compliance. I find it especially disappointing when the ways and means of identifying these compliance faux-pas are well known and readily available. But un
Continue Reading →Using Data Analysis in Risk Assessment
July 26, 2012
We all know – or should know – that Internal Audit is charged with providing assurance to their organization on risk management. Many audit departments are providing those assurance services with the traditional, top-down look at risk. That’s a necessary and proper
Continue Reading →Be Careful What You Wish For
October 03, 2011
It sounds obvious doesn’t it? If I want to analyze data as part of a continuous monitoring program, I need to ask IT to let me have direct access to my company’s databases and I’m off to the races. Well, I have touched on this in previous blogs, but I’m going to bring it up again. The
Continue Reading →BusinessFinance Excerpt: Auditors Don’t Just do Audits
June 07, 2011
Lately, there has been a significant resurgence in the topic of Continuous Auditing and Continuous Monitoring (CA/CM) in operational and financial circles. The main focus of this talk has been with a view toward leveraging these approaches and technologies to better manage business ri
Continue Reading →Continuous Auditing has a Beginning, Middle and End
March 22, 2011
I was speaking with Dave Coderre ( http://www.caats.ca/ ) the other week about a number of things, one of which was the new ACL Audit Analytic Capability Model (AACM). Dave was quite complimentary and provided his opinion of it here, http://bit.ly/eUtEyA As part of our discussion, we
Continue Reading →Is the “Next Big Thing” Data Governance?
December 08, 2010
It’s funny how topics converge from time to time. For me it was one of those cases of things happening in 3’s. Just last week, I attended the MIS GRC conference in New York. As with all of the events that Joel Kramer puts on, it was full of value to all who were in attendance. I sat
Continue Reading →Auditing Across the Continuum with Help from ACL
November 23, 2010
Just the other week I had the pleasure of attending the Business Assurance Seminar in Seattle, Washington. We heard from Ross Wescott – Portand General Electric, Elizabeth Neumann – Boeing Corporation and Matt Marshall – Costco. Each of these ACL leaders shared with us case study exam
Continue Reading →Conventional Risk Management be Dammed
September 16, 2010
Wise words from Henry Ristuccia and Rick Funston of Deloitte. I read this article on Directorship.com and it really stuck with me. http://bit.ly/d3wKBq The notion that conventional risk management is flawed is an interesting one. Ristuccia and Funston contend that conventional risk
Continue Reading →