A conversation with Alec Arons, national practice leader of advisory services at Experis Finance

Podcast developed in partnership with Experis Finance

Interview by Joseph McCafferty

January 30, 2017

Increasingly, fraud experts consider many high-profile cases of corporate wrongdoing—like the phony accounts scandal that plagued Wells Fargo last year—not just to be a breakdown in the control structure of the organization that should have prevented the ability to commit such fraud, but also a failing of the company's culture, which should have prevented the motivation to commit such fraud.

Many companies are now taking a harder look at the culture of the organization and how such elements as "tone at the top," incentives and rewards, the communication of values, and other factors combine to influence executives and employees to do the right thing or to stray from the path. A logical step in this focus is conducting a culture audit.

Keep reading...

A brief look at this week's news insights that impact internal auditors

January 27, 2017

A CFA Institute study examines the trade-offs in non-GAAP financial measures, Western Union admits to having a flawed corporate culture, and a trio of whistleblowers is awarded more than $7 million by the SEC. 

Read more ...

A risk management audit may spur new ideas and prompt improvement in how risks are managed

By Joe Underwood

January 27, 2017

Whether an organization's risk management function is focused on traditional insurable risks or broader enterprise-wide risk management, an audit of the risk management function should be among the first priorities for a chief audit executive.

If a separate risk management department does not exist, the role of internal audit in risk management is even more important as fewer resources are dedicated to the process of identifying and evaluating risks and ensuring appropriate risk responses are intact. With this in mind, here are five ways organizations can benefit from having internal audit evaluate the risk management function.

Read more ...

Seven things you should do today to help protect your privacy and seven more for the office

By Shawna Flanders

January 25, 2017

We love our national holidays and, with a little help from Twitter, those lesser known, quirky commemoratives like national doughnut day, national left-handers day, and national roller-coaster day are making their way into our collective awareness.

This Saturday, January 28, is Data Privacy Day, which is intended as a day to raise awareness and promote good data privacy practices. While those in positions related to risk, technology, audit, and security, should be preaching and promoting good data privacy habits every day of the year, Data Privacy Day offers a unique opportunity to drive home the best practices message.

Read more ...

January 25, 2017

MIS Training Institute has launched a survey to gather the views of internal auditors on what areas they are auditing and what their priorities are in 2017. The survey is currently open and we are inviting North American internal auditors to complete it.

The survey, which is being conducted in partnership with Experis, explores what areas internal auditors are planning to audit, what skills and competencies they value most, and what incentives are most effective at recruiting and retaining top talent in their internal audit departments.

Keep reading...

Internal auditors are often put in positions where they must make difficult and uncomfortable inquiries. A strong ethical environment can help.

By Lynn Fountain

January 24, 2017

In these turbulent times, ethics continues to be a frequent topic of corporate, shareholder, stakeholder, and regulatory conversations.

Meanwhile, companies continue to look for ways to emphasize the importance of strong ethics, integrity, and proper conduct and seek strategies to embed processes within their organizational structure. Yet, as we know, incidents of bad behavior still occur. It is an ever-evolving phenomenon. Once we find the answer to address a specific issue, another question or problem arises.

Read more ...

A methodology for using data analytics and other techniques to detect shell entities

By Leonard W. Vona

January 24, 2017

Boards of directors, stockholders, management teams, and professional standards all expect internal auditors to respond to the risk of fraud in core business systems. Within a company's accounts payable file, shell companies are being used to steal millions of dollars from companies or to conceal bribery payments which violate anti-bribery and corruption laws. The purpose of this article is to explain our methodology and experiences in detecting shell companies without a lead or clue as where to look in a company's database.

Read more ...

A brief look at this week's news insights that impact internal auditors

By Marcos Colón

January 20, 2017

A new report sheds light on the proactive tactics companies are using to reduce and mitigate audit fees, the SEC continues its crack down on the use of non-GAAP figures, and deficient internal accounting controls result in a $1 million penalty for General Motors.

Read more ...

IoT devices are making their way into the office and onto corporate networks. Are you ready to audit them?

By Shawna Flanders

January 18, 2017

As IT auditors, we've audited mainframes, servers, applications, and many other IT devices and systems for years and have become proficient in determining the reasonable effectiveness of a company's suite of controls to safeguard them. Today, a new breed of interconnected devices, affectionately called the Internet of Things or IoT, is presenting new auditing opportunities along with a few challenges.

These devices, which include smart TVs and lots of other devices that can now be found in many coporate offices, do not follow the typical rules of those we've historically attached to our networks. They have firmware instead of operating systems, for example, and many can be used on both home and personal area networks (HAN/PAN), as well as in our corporate networks. They also use a different communications protocol which focuses far more on customer satisfaction than on security.

Read more ...

New survey puts risk management atop the list of audit committee concerns

By Joseph McCafferty

January 18, 2017

More than eight years removed from the start of the financial crisis that caused a full-on risk management freak-out across Corporate America, it appears that risk management programs are still not up to snuff despite the intense focus on them, at least not from the audit committee's perspective.

Audit committees, which are responsible for overseeing the risk-management apparatus at many companies, generally say they aren't satisfied with how those systems are functioning. According to a new survey by KPMG's Audit Committee Institute, the effectiveness of the risk management program topped the list of issues that survey participants view as "posing the greatest challenges to their companies."

Keep reading...

January 11, 2017

Planning for the upcoming SuperStrategies and AuditWorld 2017 conferences is in full swing with the opening of the Call for Speakers period and announcement of the dates and venue.

SuperStrategies and AuditWorld 2017 will take place November 14-16, 2017 at Planet Hollywood Las Vegas Resort & Casino. The events will be held together under one roof, offering sessions, workshops, and summits on a range of topics for internal auditors of all levels.

Keep reading...

A brief look at this week's news insights that impact internal auditors

By Marcos Colón

January 13, 2017

The Department of Justice signals a shift in their stance regarding FCPA remediation efforts, compliance officer liability concerns increase following the charges Volkswagen arrests, and a new survey indicates risk management is a top concern for audit committees.

Read more ...

Seven priorities that should be on every internal auditor's 'to-do' list

By Hernan Murdock

January 13, 2017

As internal auditors, we work in complex and demanding environments where business, technological, social, and other dynamics challenge us to meet the increasing expectations of the board and senior management. While many internal auditors find it difficult to keep up with the cycle of risk-and-control reviews, there is no alternative. Failure to demonstrate how we add value will eventually result in stakeholders viewing internal audit as irrelevant.

The following actions are crucial to avoid this outcome.

Read more ...

Hiring and retaining top IT audit talent has never been harder, but hiring mistakes can only complicate the issue

By Joseph McCafferty

January 11, 2017

IT auditors are in high demand these days. Recruiters and competitors are looking to snatch high-quality talent with the right set of skills and background.

That means it's more important than ever to have a robust recruiting and retention program for IT audit to keep star performers from leaving for other jobs. It's also important to hire the right candidates and communicate with them well so that the organization and the IT auditors they hire are both on the same page. Johnathan Ngah, a principle at Synergy EnterPrize LLC, a staffing company that specializes in IT auditor recruitment says that a poor recruiting process can leads to problems later on. "If you miss on the front end of the hiring process, you need a lot of luck to make it up on the back end," he said.

Keep reading...

Internal audit reports do the function a great disservice

By Norman Marks

January 11, 2017

How do our stakeholders on the board and in top management assess the value of internal audit? What do we give them? What do they have on which to base their assessment? While they probably rely to a great deal on their direct interaction with the chief audit executive (CAE) and perhaps some of his or her team, the primary internal audit product is the audit report.

Let me state the problem as I see it. The typical audit report is boring. The typical audit report does not provide the reader on the board or in top management with the information they need to run the organization. The typical audit report is documentation of the work performed and results obtained. It conveys what we want to say rather than what the leaders of the organization need to know.

Keep reading...

What we learned at the conference for IT Audit and Controls

January 11, 2017

Several themes emerged during this year's IT Audit and Controls (ITAC) 2016 event, which was held in December in New Orleans, as IT auditors gathered to learn and exchange ideas on successful strategies and to gain insights on major trends and developments in IT audit. From the four keynote talks and panel discussions and 27 breakout sessions, it is clear that IT audit is evolving rapidly and several aspects, including data analytics and cybersecurity, present substantial challenges.

Many speakers referred to some overarching trends in IT audit, including the need to add more value and enable innovation not hinder it, the difficulty IT audit has in communicating to stakeholders, and the challenges of hiring professionals with the right mix of skills for the department. Some speakers cited the opportunity for IT audit to act as a bridge between technologists and business units and management.

Keep reading...

It’s time to reflect on our successes and past missteps and resolve to improve in 2017

By Tom O’Reilly

January 10, 2017

10, 9, 8, 7......Happy New Year! 

As we say goodbye to 2016 and hello to 2017, it’s a good time to reflect on last year’s successes and missteps. The New Year provides a great chance to pause and consider some self-improvement opportunities and goals for the next 12 months.

While it may be hard to believe that any internal auditor has missed opportunities or made mistakes (definitely not you), those who take the time to reflect on their missteps have the opportunity to improve not only themselves but also the service their departments provide. If improving Internal audit’s service is important to you, then the following four New Year’s resolutions should be on the top of your and every internal auditor’s list this year.

Read more ...

A brief look at this week's news insights that impact internal auditors

By Marcos Colón

January 6, 2017

The new head of the SEC is announced, an audit report uncovers misspent funds tied to Colorado's Obamacare exchange, and the PCAOB's revamped auditing standards take effect. This and more in a collection of the top internal audit news items of the week.  


Read more ...

In a survey by the National Association of Corporate Directors many board members admit they need to improve their knowledge of cybersecurity

By Joseph McCafferty

January 4, 2017

As board members look to set their agendas for 2017, many will include getting a better handle on cybersecurity among their top priorities. They will be looking for information security and risk professionals to provide an accurate assessment of the critical cyber-risks the organization faces. IT audit also has a role to play in assessing that a cybersecurity risk management process is in place and functioning properly and communicating that to the board and management.

Keep reading...

A week-long series of internal audit courses provides internal auditors the opportunity to fill gaps in their portfolio of skills

January 4, 2017

If your New Year's resolution includes elevating your audit skills, mark your calendars. Internal auditors will have the opportunity to get up to speed on several topics, including many IT audit options, all in one week as MISTI's Training Week heads to the Bay Area.

The week-long series of seminars will take place from February 6-12 at the MicroTek Computer Lab in San Francisco. Internal auditors can choose from among twelve courses, including such foundational courses as Fundamentals of Internal Auditing, IT Auditing and Controls, and Root Cause Analysis for Internal Auditors.

Keep reading...

Event Search

Download Catalog Dark Blue 300x58

Subscribe to Newsletter LightBlue 2 300x58

Register Cloud Security eSummit 300x58

MIS|TI Tweets

ACL MISTI Grey 300x58

Please choose your region

Submit
Select a Region
United States
United Kingdom/Ireland
Africa
Americas
Asia-Pacific
Europe
Middle East

By continuing to use misti.com you will be agreeing to the website Terms and Conditions, the Privacy Policy, and the Use of cookies while using the website.