
Norman Marks
But, does internal audit ever consider risks to the achievement of its own objectives?
They should. Whether independently or with the assistance of a corporate risk management function, internal audit should practice what they preach.
For example, the internal audit team should assess these sources of risk:
- Failing to understand, in a timely fashion, a significant business risk and as a result leaving it off the audit plan
- Failing to fully appreciate business needs and recommending change that does not address the real business issue
- Recommending change that addresses only the symptoms of a problem instead of its root cause
- Failing to obtain full value from the audit staff, whether from a lack of training or motivation
- Failing to be heard by management. Again, the causes of this may be many, including an inability to communicate, not demonstrating value that is appreciated by management, acting in a way that disrupts the business, and more
- Performing work that doesn’t really matter
- Inefficiency
- Reporting that is untimely
- An inability to effect change, with recommendations not being implemented. Reasons could include not being persuasive or failing to make the right recommendation
- An inability to recruit the talent needed to be successful
- Insufficient resources
- Poor relationships with the audit committee and/or executive management
It is time to walk the talk. Do you agree?
Norman Marks, CPA, is vice president, governance, risk, and compliance for SAP's BusinessObjects division, and has been a chief audit executive of major global corporations for more than 15 years. He is the contributing editor to Internal Auditor’s “Governance Perspectives” column.
normanmarks.wordpress.com/
They should. Whether independently or with the assistance of a corporate risk management function, internal audit should practice what they preach.
For example, the internal audit team should assess these sources of risk:
- Failing to understand, in a timely fashion, a significant business risk and as a result leaving it off the audit plan
- Failing to fully appreciate business needs and recommending change that does not address the real business issue
- Recommending change that addresses only the symptoms of a problem instead of its root cause
- Failing to obtain full value from the audit staff, whether from a lack of training or motivation
- Failing to be heard by management. Again, the causes of this may be many, including an inability to communicate, not demonstrating value that is appreciated by management, acting in a way that disrupts the business, and more
- Performing work that doesn’t really matter
- Inefficiency
- Reporting that is untimely
- An inability to effect change, with recommendations not being implemented. Reasons could include not being persuasive or failing to make the right recommendation
- An inability to recruit the talent needed to be successful
- Insufficient resources
- Poor relationships with the audit committee and/or executive management
It is time to walk the talk. Do you agree?
Norman Marks, CPA, is vice president, governance, risk, and compliance for SAP's BusinessObjects division, and has been a chief audit executive of major global corporations for more than 15 years. He is the contributing editor to Internal Auditor’s “Governance Perspectives” column.
normanmarks.wordpress.com/
Autres articles
-
TMS Network (TMSN) Powers Up As Cryptocurrency Domain Appears Unstoppable. What Does This Mean For Dogecoin (DOGE) and Solana (SOL)?
-
The Growing Popularity of Crypto Payments: Could TMS Network (TMSN), Alchemy Pay (ACH), and Ripple (XRP) Lead The Way Despite The Whales?
-
DigiFT DEX Raises $10.5M in Pre-Series A Funding Led by Shanda Group
-
Giddy Wallet Announces First-Ever Autogas Feature for Polygon
-
Tezos (XTZ) and Cardano (ADA) Investors Stake Tokens for Passive Income -- Here's Why They Should Invest In TMS Network (TMSN) Instead