The latest Internal audit news and information
January 2010
FROM THE BLOGS
MARKS ON GOVERNANCE
Let's Talk About Governance
I have been blogging about GRC (in my personal blog), and it has been interesting to see how many views there are on what governance, risk management, and compliance (GRC) is all about. But according to new guidance paper, “There is no comprehensive, universally accepted definition of organizational governance.” How can auditors assess governance processes and practices, when the term governance is not defined?
An "Executive Session" Does Not Mean Every Executive Is Invited!
One of the most significant developments of the internal audit profession in the past decade has been its rise in stature relative to audit committees. A decade ago, a chief audit executive (CAE) with a functional reporting relationship to the audit committee was considered a “leading practice.” Today, it’s the norm.
How Do You Know if Risk Management Processes Are "Effective"?
Standard 2120 of the IIA’s IPPF states: "The internal audit activity must evaluate the effectiveness and contribute to the improvement of risk management processes." Ignoring for now the part about “contribute to the improvement,” a key question is what criteria can auditors use to help them decide if their organization’s risk management processes are, or are not, “effective”?
FEATURE ARTICLES
Beyond Continuous Auditing
The turbulent economic events of the past months have demonstrated the need for internal auditing to provide peace of mind that business risk is managed effectively. The value of assurance that helps boards of directors and chief executives sleep during the storm is immense. While there is a need for risk and control assurance, the optimal model for the future is one of continuous risk and control assurance. Internal auditing will provide its customers — the board of directors and executive management — assurance that the organization’s risks are subject to appropriate and effective processes, including related systems of internal control. The assurance will be enabled primarily through continuous risk and control monitoring and auditing, with a much-reduced set of traditional audit projects.


Ready to Work
A lack of work-ready skills can be especially problematic in internal audit careers. Audit departments often consist of small groups of one to four individuals, limiting the ability of organizations to permit on-the-job training. Moreover, departments frequently must hire experienced individuals, trading the cost of on-the-job training for higher entry salaries. This problem could be abated, however, if academic curricula included activities that better prepare students for actual workplace experiences.
In Control
The lingering financial crisis has significantly tested companies and their boards, forcing them to examine and, in some cases, change their approach to running the organization. As organizations move from assigning blame toward a forward-looking, “lessons learned” era, they must take steps to make sure a breakdown of this magnitude doesn’t happen again. David Landsittel, recently appointed chairman of The Committee of Sponsoring Organizations of the Treadway Commission (COSO), recently spoke with Internal Auditor about the financial crisis, COSO’s frameworks, and his agenda as chairman.
IN THE INDUSTRY
GAMING
Assess Your Organization's Code of Ethics It is the auditor’s job to pull apart, test, and challenge an organization’s code of ethics.

The Importance of Financial Controls
Is the financial information your property distributes reliable?
Fighting Employee Fraud in a Sluggish Economy With unemployment rates and personal financial trouble at an all-time high, internal auditors must remain vigilant in monitoring their organizations for employee fraud.
Marketing Is Not Exempt From Casino Fraud Business development functions are not commonly known for fraudulent activity, but these typical low-risk areas should not be overlooked.
Hitting the High Points Internal auditors can hit the jackpot with awareness of key risks in a casino's slot club function.

Internal Auditor Online E-blast Sponsored by:

FREE TeamMate Test Drive!
Tired of the roadblocks caused by paper-filled binders and disconnected electronic files?  TeamMate’s finely-tuned, paperless system can help!  Find out how you can drive efficiency and streamline all aspects of the audit process—Test Drive TeamMate’s world-leading audit management system today! It’s FREE and there’s absolutely no obligation.
Click Here!




Demonstrated leadership in internal controls
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) selected Grant Thornton to develop new guidance designed to help organizations effectively monitor the quality of their internal control systems, as well as comply with the U.S. Sarbanes-Oxley Act of 2002 (SOX).  Learn more about the COSO monitoring guidance - Click Here!



HITECH Drives New Standards
A recent study reported that healthcare entities are far behind their program requirements for The HITECH Act’s expanded privacy and security compliance standards. Crowe Horwath LLP developed a step-by-step process and management checklist to help your organization prepare for significant changes in its operations. Click Here!


IIA
The Institute of Internal Auditors  •  247 Maitland Avenue  •  Altamonte Springs, Florida 32701-4201
1-407-937-1100 •  Fax +1-407-937-1101 •  www.theiia.org
To stop receiving selected electronic mailings from The IIA, click below and indicate the items you no longer wish to receive. Please note, a request to stop receiving all electronic mailings will prevent you from receiving IIA communications that are transmitted by e-mail, including those that are benefits of membership or subscription.
https://ams.theiia.org/eweb/dynamicpage.aspx?webcode=iiaoptout&key=A8394F4C-9078-424A-9C42-E23D09DF0F63