About John Verver

John Verver is currently an advisor to ACL. Previously, John spent two decades as a vice president with ACL, with overall responsibility for product and services strategy, as well as leadership and growth of ACL’s professional services organization, including customer success services, training, and technical support. John is acknowledged as an expert authority and domain thought leader on the use of enterprise governance technology, particularly data analytics and data automation for audit, risk management, and compliance. He speaks regularly at global conferences and is a frequent contributor of articles in professional and business publications. John is a Chartered Professional Accountant, Certified Management Consultant, and Certified Information System Auditor.

GRC professionals and spreadsheets … time for a “new car”?

There are plenty of reasons why many GRC professionals still use spreadsheets, often along with MS Word Docs and SharePoint, to run their risk management and compliance processes. The problem is that the reasons are usually not very good ones.

By | April 24th, 2017|Blog|0 Comments

Finally, a breakthrough in understanding what it takes to successfully implement audit analytics!

John Verver discusses the 2017 North America Pulse of Internal Audit report from the Institute of Internal Audit’s (IIA) Audit Executive Center, and how it addresses the need for data analytics in organizations.

By | April 4th, 2017|Blog|0 Comments

3 ways internal audit can really annoy executives and business managers (and how to avoid them!)

Nobody wants to cause business leaders to roll their eyes and consider audit processes and reports as just one more challenge to endure. Let’s also look at some best practices that can help auditors add the most value and be seen in a whole new light.

By | March 3rd, 2017|Blog|0 Comments

Why you really need to pay attention to money laundering risks (even if you’re not a bank)

If your organization is in the financial sector, the chances are high that you’re aware of the regulatory requirements and risks around money laundering. In the U.S. alone, penalties for failure to comply have been levied in terms of millions and sometimes billions of dollars. But what about other industries? What sort of risks are there and what measures are needed to address them?

By | February 8th, 2017|Blog|0 Comments

What’s trending in risk management for 2017: Enterprise risk management…or “list” management?

John Verver gives 5 predictions of what will trend in the world of ERM this coming year.

By | December 16th, 2016|Blog|0 Comments

How good is the quality of your internal audit process—really? (And what you need to know about the impact of technology on QAR and QAIP)

John Verver discusses how internal audit teams can drive change and best practices through the guidance of the Institute of Internal Audit’s Quality Assessment Reviews and Quality Assurance and Improvement Program.

By | December 7th, 2016|Blog|0 Comments

COSO’s new Fraud Risk Management Guide and the rise of data analytics

It was great to see the most recent publication from the Committee of Sponsoring Organizations of the Treadway Commission (COSO) on managing fraud risk and its specific call-out to the role of data analytics. The new COSO Fraud Risk Management Guide establishes five principles for managing the risks of fraud and links them to the five components of the 2013 Framework for Internal Controls, as well as the 17 Internal Control Principles. The five principles include guidance on establishing a fraud risk management program.

By | November 18th, 2016|Blog|0 Comments

Internal fraud: To flag or not to flag, that’s always the question…

In this post, John Verver takes a closer look at how employees most often take advantage of internal systems for their own personal gain, and what organizations can do to reduce their exposure to these risks of fraud.

By | November 14th, 2016|Blog|0 Comments

Reducing the costs and burden of Sarbanes-Oxley compliance

In the years since the Sarbanes-Oxley (SOX) Act was first implemented the general consensus is that, overall, it has produced positive net benefits. However, the costs of achieving SOX compliance are significant. Data analysis can reduce costs and make a difference—so why do many companies still not use it?

By | October 3rd, 2016|Blog|0 Comments

Supply Chain Risk Management: Delving into the detail of purchase-to-pay risk analytics

In this post, John Verver delves into the details of specific types of analysis that can be performed to address risks in the purchase-to-pay process.

By | September 9th, 2016|Blog|0 Comments