Internal Audit Insights

2020-08-04 12:18:03

Cybersecurity Risks Exacerbated By the COVID-19 Pandemic

By Reciprocity

August 04, 2020

Just like every other crisis, the COVID-19 pandemic has rocked the boats of most businesses. The fact that it has discouraged physical interactions has forced enterprises to embrace work from home initiatives. Most companies have had to increase their reliance on collaborative technology to keep their business operations afloat.

2020-07-06 09:49:04

WHITE PAPER: Internal Audit Has an Innovation Problem. Data Analytics Can Help.

By Kit Shields

July 06, 2020

In today’s economy, success is synonymous with technological innovation. Technology is driving rapid change in every sector of business. Machine learning, artificial intelligence, the Internet of Things, cloud computing, drones, bots, and blockchain are transforming not only the nature of work but the means of survival.

2020-06-18 06:00:00

MIS Training Institute (MISTI) & LeaderQuest Combine to Form ACI Learning

By Boathouse Capital, Philadelphia, PA

June 18, 2020

Leading brands with 50+ years of combined audit, cybersecurity, and information technology authority will deliver new modalities, expanded training portfolios, and B2B segment growth.

2020-06-10 09:57:07

LeaderQuest - MISTI Names Its First Chief Sales Officer

By Boathouse Capital, Philadelphia, PA

June 10, 2020

Thomas Katsahnias to lead sales expansion for the global Audit, Cyber, and IT Learning entity

2020-06-09 09:55:52

Is Your Audit Agile Enough?

By David Duke, PsyD

June 09, 2020

Across all industries, COVID-19 has tested our capacity to respond quickly and effectively to seismic changes in economic, social, and professional life. But while the cause of these challenges is unprecedented, the need for a nimble response is not new.

2020-04-27 15:00:38

With Fraud Risks Elevated, Internal Audit Has Bigger Role to Play

By Joseph McCafferty

April 27, 2020

The Coronavirus Crisis has precipitated a dramatic downturn in economic activity, which has the potential to increase the risk of fraud and wrongdoing. A new report on fraud highlights the important role that internal audit can play in detecting and deterring fraud.

2020-04-26 05:00:00

Five Elements of an Effective Audit Planning Process

By Wade Brylow

April 26, 2020

After 25 years in internal audit, I have come to the conclusion that excellent audit planning is essential to ensuring an effective audit. What is a successful audit? A good measure is whether both audit management and the auditee feel good about the end results.

2020-04-20 13:22:29

The Role of Audit in Sarbanes-Oxley Compliance

By Mert Özbilgin

April 20, 2020

Ever since Congress passed the Sarbanes-Oxley Act in 2002—a response to major accounting scandals at such companies as Enron, WorldCom, Adelphia, Tyco, and others—internal auditors have been wringing their hands over their role in assuring compliance with the complex law.

2020-04-13 10:07:10

How the Internal Audit Function Can Help Improve Financial Management

By Joseph McCafferty and Jonathan Ngah

April 13, 2020

Here are eight primary steps internal audit teams can apply to assist management and stakeholders throughout the organization to continuously improve accounting, financial reporting, audit, and governance initiatives.

2020-04-06 11:44:22

How Internal Audit Leaders Are Responding to the Coronavirus Crisis

By Joseph McCafferty

April 06, 2020

Internal auditors maybe sitting in their home offices in pajamas, but that doesn’t mean they aren’t hard at work on helping their organizations’ respond to the coronavirus crisis. Instead, they are shifting into high gear to deal with the onslaught of issues the pandemic has wrought.

2020-04-06 09:57:07

LeaderQuest - MISTI Names Its First Chief Product Officer

By Boathouse Capital, Philadelphia, PA

April 06, 2020

Dr. David Duke to lead portfolio innovation and product expansion for the global Audit, Cyber and IT Learning entity

2020-03-30 09:52:20

How to Resolve Conflicts During Audit Engagements

By Kennedy Njoroge

March 30, 2020

In the course of their work internal auditors often encounter resistance that can create friction with business units and other entities in the organization. The keys to eliminating hostilities can be found in the people, processes, communication, and relationships with audit clients.

2020-03-23 16:17:19

Conducting Risk Assessments the Total Quality Auditing Way

By Amanda “Jo” Erven

March 23, 2020

Smart companies and total quality auditors focus on inherent conflicts of interest during risk assessments, before a crisis occurs. They are not auditors who walk right by a high-risk environment on the way to audit a low-risk situation.

2020-03-16 11:14:06

Five Internal Audit Imperatives for Handling the Coronavirus Pandemic

By Joseph McCafferty

March 16, 2020

As the situation regarding the coronavirus continues to deteriorate, organizations face supply chain disruptions, the challenge of employees working from home, and plunging demand for many products and services. Internal audit can position itself as part of the solution by tackling these five critical to-dos.

2020-03-09 10:08:24

Avoiding Bias in Your Internal Audit Program

By Kevin M. Alvero

March 09, 2020

In the typical internal audit department, it’s hopefully rare that an auditor would purposefully turn a blind eye toward material weaknesses. There are, however, other, more subtle ways that bias can creep into the audit process. Knowing them can help you avoid them.

2020-03-02 10:17:33

Should Audit Reports Include Ratings within Findings?

By Joseph McCafferty

March 02, 2020

Ratings in audit reports can help focus stakeholder attention where it is needed. But some worry that they oversimplify findings or paint audited units in an unfair light.

2020-02-24 15:36:47

Internal Audit’s Role in Assuring Whistleblower Hotlines Are Effective

By Kevin Alvero

February 24, 2020

An anonymous whistleblower hotline should be a critical piece of any organization’s anti-fraud efforts. Likewise, since the effectiveness of anti-fraud controls is a key area of concern for internal audit, auditors can and should be looking into company hotlines to ensure they are operating effectively.

2020-02-17 13:51:35

Responding to Rapidly Changing Risks

By Joseph McCafferty

February 17, 2020

A more agile internal audit function that can shift focus as risks evolve and organizational needs change isn’t just the audit function of the future; it’s what is needed right now.

2020-02-10 13:16:04

Ten Things Every New Internal Auditor Should Know

By Iffa Munir

February 10, 2020

As a newly appointed internal auditor, you might find yourself a bit lost. It’s not an easy job, and working with experienced colleagues might be a little intimidating. There is so much to learn. Here are ten basic things that as a new auditor you should expect to follow when that first assignment comes your way.

2020-02-03 11:07:25

Embracing Change: New Strategies for New Challenges

By Joseph McCafferty

February 03, 2020

It’s becoming clear to most internal auditors that the profession is changing very rapidly. The strategies that have worked in the past will no longer be enough to carry out internal audit’s new mandate. To meet these challenges, internal audit must improve on three major fronts: innovation, new technology, and talent management.

2020-01-27 14:02:47

Eight Common Internal Audit Hiring and Retention Errors

By Joseph McCafferty and Jonathan Ngah

January 27, 2020

It’s more important than ever to have a robust recruiting and retention program for internal audit to hire the right candidates with the right set of skills and to keep star performers from leaving for other jobs.

2020-01-20 11:05:45

Five Internal Audit Focus Areas for 2020

By Joseph McCafferty

January 20, 2020

It’s mid-January and the holidays are behind us, winter is in full swing, and, for many of us, our New Year’s resolutions to get to the gym more often or do a better job saving money have fallen by the wayside. It’s not too late, however, to set some goals for internal audit to reach in 2020.

2020-01-13 13:04:08

How Internal Audit Can Help Remove Inefficiencies from Tech-based Processes

By Mark Abrams

January 13, 2020

Tech-based processes can often seem like black boxes that are too complex for process improvement. It doesn’t have to be that way. In fact, there’s a lot of waste and inefficiency that gets built-in along the way, and internal audit can play a big role in identifying and eliminating it.

2020-01-06 15:16:00

When Internal Auditors Have Other Roles to Play

By Joseph McCafferty

January 06, 2020

Is it possible to combine the role of chief audit executive with other jobs, such as the head of corporate compliance or risk management, without sacrificing the independence that’s a cornerstone of the audit function? Opinions are divided.

2019-12-16 14:39:23

Setting Priorities During Internal Audit Engagement Planning

By Eleftherios Tsintzas

December 16, 2019

A risk assessment should be conducted during the planning phase of an audit engagement in order to identify and analyze all the risks towards the achievement of the objectives of an activity.

2019-12-12 10:00:51

Boathouse Capital Names Brett Shively as Chief Executive Officer of MISTI and LeaderQuest

By Boathouse Capital, Philadelphia, PA

December 12, 2019

Boathouse Capital, a Philadelphia-based Private Equity firm, today announced that its Board of Directors has appointed Brett Shively as Chief Executive Officer for the MIS Training Institute (MISTI) and its partner company, LeaderQuest.

2019-12-09 09:30:26

Auditing the Anti-bribery and Corruption Program

By Joseph McCafferty

December 09, 2019

Internal audit departments that want to ensure their companies stay out of trouble with regulatory agencies over bribery and corruption laws will want to ensure that they have solid programs in place with the proper and functioning internal controls.

2019-12-02 10:58:13

Does Your Internal Audit Team Need a Behavioral Scientist?

By Joseph McCafferty

December 02, 2019

Given the intense focus on corporate culture in the last few years as an important component in risk management, more companies are looking to behavioral science to get a better understanding of what drives human behaviors, both good and bad.

2019-11-25 13:12:42

What Internal Auditors Need to Know About Blockchain

By Joseph McCafferty

November 25, 2019

Companies are rapidly finding applications for blockchain technology, meaning internal auditors will need to assess those applications. To do so will require some foundational knowledge of how blockchain works and the risks associated with its use.

2019-11-18 12:30:21

Demystifying Risk Culture Assurance

By Justin Greenstein & Gavin Freeman

November 18, 2019

Risk culture is no longer perceived to be a compliance box to be ticked. Companies are lifting the lid on cultural and behavioral issues that affect the way people make decisions and manage risks as part of their day-to-day work.

2019-11-11 13:13:25

How to Take Your Data Analytics Program to the Next Level

By Joseph McCafferty

November 11, 2019

Internal audit departments that pursue data analytics without fear will soon be expanding their capabilities and unlocking the powerful potential of what it can do.

2019-11-04 14:47:17

Cybersecurity, Data Governance Continue to Challenge IT Audit

By Joseph McCafferty

November 04, 2019

A slew of new studies and reports find that companies still struggle mightily to get a handle on IT-related risks, such as cybersecurity, data governance, and digital privacy.

2019-10-28 10:18:48

The Evolution of HR Audits

By Ronald Adler

October 28, 2019

HR audits have evolved from a simple checklist of dos and don’ts or periodic affirmative action plans to a comprehensive, sustainable process that is an integral part of the organization’s internal controls, due diligence, and risk management function.

2019-10-21 09:09:05

How Internal Audit Can Work with Compliance to Increase Value

By Sean Chen

October 21, 2019

Ten things that internal audit can do when working with compliance to leverage the qualities of both functions and create value for the organization.

2019-10-14 11:26:42

How Internal Audit Can Leverage Resources to Gain Needed Skills

By Joseph McCafferty

October 14, 2019

Internal audit leaders must be more resourceful in acquiring needed skills and capabilities to conduct audits in areas of emerging risk and new technologies.

2019-10-07 09:38:59

Applying Agile Principles to Internal Audit

By Imtiaz Hussain

October 07, 2019

Many internal audit shops are adopting Agile principles in an attempt to create a more flexible and customer-oriented audit function. And while the results have been promising, expect a few bumps along the way.

2019-09-30 14:55:09

How Internal Audit Can Cultivate a Culture of Innovation

By Joseph McCafferty

September 30, 2019

Many internal audit departments are struggling to keep up with fast-moving technologies and widespread change in the profession. Staying on track will require more than adopting new technology, it will involve adopting a new mindset.

2019-09-23 13:10:30

How Total Quality Auditing Can Help Internal Audit Achieve Excellence

By Amanda “Jo” Erven

September 23, 2019

Could a decades-old management strategy that helped U.S. and European companies respond to the gains in quality made by Japanese manufacturers in the 1980s somehow help internal audit shops improve their game?

2019-09-16 08:21:53

Drawing the Lines: What’s Wrong with the 3LoD Model?

By Joseph McCafferty

September 16, 2019

Where, exactly, does responsibility lie in a modern corporation for ensuring that risks are being identified and managed?

2019-09-10 05:45:58

How Internal Audit Can Better Convey Risks Using a Heat Map

By Joseph McCafferty

September 10, 2019

A definitive guide to producing, using, and improving a risk heat map at your organization.

2019-09-03 05:45:58

A Discussion on the Three Lines of Defense Model

By Marcos Colon

September 03, 2019

In this Internal Audit Insights interview, MISTI's Dr. Hernan Murdock discusses how the internal audit function can benefit from the Three Lines of Defense Model.

2019-08-27 14:43:27

Cybersecurity Progress: Where Does Internal Audit Stand Today?

By Marcos Colon

August 27, 2019

In the full video interview below, MISTI's Director of Instructional Technologies and Innovation, Shawna Flanders, discusses where internal audit stands today as it relates to cybersecurity, and offers up some tips on increasing collaboration between the audit and information security functions.

2019-08-20 05:02:16

Stop Telling Audit Professionals How to Do Their Jobs

By Hernan Murdock

August 20, 2019

In this video interview with MISTI's Dr. Hernan Murdock, he explains why micro-managing is a big problem in internal audit and offers up advice on how audit leaders can overcome it.

2019-08-13 05:51:21

Regulations That Beef Up Security in 2019

By Marcos Colon

August 13, 2019

It's not only the information security department that needs to stay on top of cybersecurity regulations. Internal audit also plays a big role. In this interview with MISTI's Shawna Flanders, she discusses the regulations internal audit should keep top of mind.

2019-08-05 05:03:19

Five Reasons that Explain Why Internal Audit Matters

By Hernan Murdock

August 05, 2019

People choose a line of work for a variety of reasons. Sometimes it is because it pays very well, or it is what our parents steered us towards. It could be because it is the only job in town or because it is glamorous. Regardless of the circumstances and career path that brought you to internal audit, an important question begging for an answer is: Why do you stay?

2019-07-30 05:47:50

Adding Value by Using a More Proactive Approach to Internal Auditing

By Hernan Murdock

July 30, 2019

Traditionally, internal auditing was done retroactively. While our methodology has relied on this practice and it has been used widely for a long time, one of the issues with this after-the-event approach is that the actions have already occurred. It is based on auditors focusing on issue detection.

2019-07-23 05:10:57

How Internal Auditors Can Give and Receive Feedback

By Hernan Murdock

July 23, 2019

Receiving feedback is an essential element in every internal auditors’ development. In this feature article, MISTI's Dr. Hernan Murdock provides seven key practices that should be part of this process to make it most effective.

2019-07-09 05:34:49

Nine Essential Skills for Internal Audit Success

By Hernan Murdock

July 02, 2019

Those entering the internal audit and compliance professions often wonder what they need to do to succeed in their new careers. There is a lot to learn. In fact, the general advice is to become lifelong learners. But there is also the constant pressure from within the department. Here, MISTI's Dr. Hernan Murdock lists nine skills and actions essential for success.

2019-07-02 05:47:18

Seven Key Internal Audit Actions for Success

By Hernan Murdock

July 02, 2019

The work of internal auditors and compliance professionals is filled with frameworks, regulations, and policies and procedures documents that define the path for operational effectiveness. Follow those guidelines, manage risk effectively and the likelihood of success increases. But what about our own success?

2019-06-25 05:04:28

Building the Internal Audit Function of 2020

By Dawn Papandrea

June 25, 2019

Your organization has decided to take the important step of creating an internal audit function, and you’ve been tasked to build it. Building out teams from scratch is always a challenge, but internal audit departments have an especially important role.

2019-06-18 05:04:48

Audit Writer’s Hub: Mentoring Better Writers

By Sarah Swanson

June 18, 2019

Here’s the truth about editing: editing is vital to producing a good audit report. It’s also tricky and time-consuming. Editing includes content changes, proofreading, grammar, wording, format, structure, and multiple revisions.

2019-06-11 05:31:16

2019 Internal Audit Priorities: Cybersecurity (Part 4)

By Marcos Colon

June 11, 2019

In part four of this four-part series on internal audit priorities in 2019, Internal Audit Insights caught up with Todd Shaffer, senior vice president and chief risk officer at Johnson Financial Group, who discussed how internal audit leaders are approaching cybersecurity issues today.

2019-06-04 03:50:30

2019 Internal Audit Priorities: Skills & Competencies (Part 3)

By Marcos Colon

June 04, 2019

In part three of this four-part series on internal audit priorities in 2019, Internal Audit Insights caught up with Patti Puccinelli, vice president of audit advisory services at ManpowerGroup, who discussed why it’s so important for internal audit leaders to continually keep pace with the latest skills and competencies required for the function to achieve its objectives.

2019-05-28 05:42:41

2019 Internal Audit Priorities: Resources (Part 2)

By Marcos Colon

May 28, 2019

In part two of this four-part series on internal audit priorities in 2019, Internal Audit Insights caught up with David Holland, director of internal audit at Modine Manufacturing, who shared his thoughts on the state of resources for the modern-day internal auditor.

2019-05-21 05:53:18

2019 Internal Audit Priorities: Workforce Development (Part 1)

By Marcos Colon

May 21, 2019

In part one of this four-part series on internal audit priorities in 2019, Internal Audit Insights caught up with David Cook, managing director of internal audit at Robert W. Baird, who shared his thoughts and advice on how audit leaders today can realign their resources effectively.

2019-05-07 05:20:10

Three Steps for More Confident Communication in All Aspects of the IA Role

By Jill Schiefelbein

May 07, 2019

In this feature article, communications expert Jill Schiefelbein provides internal auditors with three simple, important rules to help you communicate in a way that will position you as a more confident communicator within the business.

2019-04-30 05:10:14

Audit Writer’s Hub: 5 Editing Mistakes You Can Fix Right Now

By Sarah Swanson

April 30, 2019

It’s easy to overlook your own grammar errors. But you’ll be a better writer if you become mindful of your writing and correct your own editing mistakes. Here are five common editing mistakes we all make or might have questions about. Maybe a couple will resonate with you.

2019-04-23 05:15:30

How to Beat Robots When Performing COSO-Based Reviews

By Hernan Murdock

April 23, 2019

Robots are having a growing influence on organizational practices and this dynamic is of great interest to internal auditors and compliance professionals who examine the impact of these technologies on organizational objectives, risks and controls. But they also present a growing concern as the work performed by internal auditors may be replaced by machines.

2019-04-16 05:55:43

Micro-Managing in Internal Audit: Stop Telling Professionals How to do Their Jobs

By Hernan Murdock

April 16, 2019

The work of internal auditors and compliance professionals is complex, challenging and often, unfortunately, under-appreciated by their clients. What makes matters even more stressful for these professionals is that their managers sometimes micro-manage them.

2019-04-09 05:54:38

9 Critical InfoSec Tips That Every Internal Auditor Should Master

By Karen Kroll

April 09, 2019

Cybersecurity is top of mind for most executives and board members, as well as to internal audit. While the information security team may be in charge of measurably reducing cyber risk within the business, internal audit has an important role to play too.

2019-04-04 05:34:28

Using High-Quality Evidence to Provide Reasonable Assurance

By Hernan Murdock

April 04, 2019

Evidence is something that provides proof and it proves or disproves something. It is presented as verification of the facts at issue and generally includes the testimony of witnesses, and the examination of records, documents, and objects. This feature by MISTI's Dr. Hernan Murdock, examines the qualitative elements to consider when it comes to leveraging high-quality evidence.

2019-04-02 05:25:29

An Expanded View of the Performance Audit Scope

By Hernan Murdock

April 02, 2019

Performance auditing is the review of a program or process, and the systems supporting it, to determine whether it is achieving the primary goals of efficiency, effectiveness, and economy in its use of available resources. These reviews are often done in government and non-profit entities, but they are equally important in the for-profit sector.

2019-03-28 05:58:43

How to Quantify the Economic Costs and Benefits of Controls

By Hernan Murdock

March 28, 2019

To become trusted advisors to management it would help if we spoke the same language they do. While auditors and compliance professionals often talk in terms of controls, and increasingly in terms of risk, managers and business leaders often talk in terms of costs, benefits, revenue, reputation, and market share.

2019-03-26 05:50:22

Boosting Your Internal Audit Career Through Coaching and Mentoring Programs

By Hernan Murdock

March 26, 2019

Internal auditing is a complex field of work that is undergoing significant changes. Today's internal auditors are tasked with managing their careers, so they remain relevant in the short and longer terms. Given this complex environment, it is not surprising that mentoring and coaching have emerged as essential tools to help auditors grow professionally.

2019-03-21 05:33:40

Give your Readers a Boost: 5 Tips to Using the Right Transition

By Sarah Swanson

March 21, 2019

Transitions are those juicy, bite-size gourmet words that connect ideas, sentences, paragraphs, and even sections. Too often, we can misuse, overuse, or omit transitions. This article covers how to use transitions to improve clarity in your reports.

2019-03-19 05:18:02

Strategic Messaging and Influencing Skills: A Framework for Internal Auditors

By Jill Schiefelbein

March 19, 2019

Last month in an article about setting the stage for better decision-making we learned about four elements that you should be considering before you even form the words you want to say. This month it’s all about the messaging.

2019-03-14 05:29:14

Co-Establishing the Need: Internal Audit’s Role in Getting Buy-in at the Client Level

By Jill Schiefelbein

March 14, 2019

One of the most overlooked, but essential, elements of the persuasive process is establishing a definite need in your to-be-persuaded-audience’s mind. In other words, how does the client know that they need what you have to offer? Here, we explore the topic.

2019-03-12 05:19:54

The Many Benefits of Rotation Programs

By Hernan Murdock

March 12, 2019

As business processes become more complex, information more widely dispersed, and the risk environment more complicated, the need for internal auditors to adapt to this new environment becomes imperative. This is where rotation programs can really save the day.

2019-03-07 05:08:38

How to Approach Internal Audit Recruitment

By Karen Kroll

March 07, 2019

The search for qualified, competent internal auditors remains a challenge for many audit departments. As internal audit leaders continue to struggle qualified additions to their teams, what areas should they be focusing on and what steps can they take? This feature story answers those questions.

2019-03-05 05:26:55

Why Symposiums Promote Collaborative Learning in Internal Audit

By Hernan Murdock

March 05, 2019

Internal auditors must engage in lifelong learning. They are increasingly participating in webinars, consuming online content, and listening to podcasts. While all of these actions are conducive to learning, there is another learning opportunity that many internal auditors and compliance professionals may not be familiar with: Symposiums.

2019-02-28 05:53:38

Interested in Becoming an IT Auditor? Here’s What to Know and Do

By Heather Dean Bennington

February 28, 2019

So, what exactly does an IT auditor do? In this article, we provide a broad breakdown of an IT auditor's responsibilities, the necessary skills to become one, how an IT auditor interacts with other roles throughout their organization, and more.

2019-02-26 05:45:45

Communication Skills for Junior Auditors: What to Know and Why

By Jill Schiefelbein

February 26, 2019

There are some common communication mistakes that junior auditors make. Lucky for you, this article is going to point these foibles out and show you how you can change the trajectory of your communication to show confidence, not self-consciousness.

2019-02-21 05:37:39

7 Things to Know About IT GRC in the Cloud

By Heather Bennington

February 21, 2019

In migrating to the cloud, many challenges are present, and perhaps one of the largest challenges is updating an organization’s overall GRC program. Here, we've gathered a number of things that IT auditors should know about IT GRC in the cloud.

2019-02-19 05:42:19

Auditing The Supply Chain in 2019: What to Know and Why

By Karen Kroll

February 19, 2019

Much internal audit work has focused on financial transactions and controls. Now, many auditors are adding supply chain audits to their responsibilities. In this feature article, we've broken down some of the common risks associated with supply chains.

2019-02-14 05:27:48

5 Translation Tips to Help Any Audit Report Writer

By Sarah Swanson

February 14, 2019

If you work for a global company, chances are your documents are undergoing some sort of language translation – from English to other languages or vice versa. But even if your company doesn’t do any translations, learning how to write for translation can improve your skills as a writer and create sharper audit reports.

2019-02-12 05:29:25

How Internal Audit Can Benefit From the Three Lines of Defense Model

By Hernan Murdock

February 12, 2019

The Three Lines of Defense Model provides a framework to clarify the involvement and alignment of multiple assurance providers acting on behalf of their client organizations. It has become increasingly common to have various risk and control professionals working side by side to help their organizations manage risk and increase the likelihood of achieving strategic and operational goals.

2019-02-07 05:43:42

Cybersecurity and Regulatory Changes in 2019

By Heather Bennington

February 07, 2019

As we work toward the thick of the year, we've compiled a list of which cybersecurity regulations could be impactful this year, some of the challenges that they could present, and the reasons behind some of the changes we've highlighted below.

2019-02-05 05:03:02

Fraud Investigation Reports vs. Audit Reports: What’s the difference?

By Sarah Swanson

February 05, 2019

As fraud investigations get folded into the internal audit department, some audit shops are tempted to frame a fraud report in the same format and tone as the audit report. The idea couldn’t be more wrong. Read on for ways to present a full and succinct fraud investigation report using report design, content, and tone.

2019-01-31 05:40:39

How Internal Audit Can Get Innovative

By Hernan Murdock

January 31, 2019

In internal audit, the methodologies of the past may have made the organization successful, but there is no guarantee that those same procedures will lead to success in the future. In this featured article, MISTI's Dr. Hernan Murdock highlights some examples of ways that innovation can help internal auditors, but most importantly, outlines how they can get started.

2019-01-29 05:41:51

Audit Writer’s Hub: Does Your Report Format Fit Your Needs?

By Sarah Swanson

January 29, 2019

Every company has a different way to communicate and a different report format to use. Well, there is no best way – each format has its pros and cons and you have to weigh the benefits of each format for your audience.

2019-01-24 05:58:14

How People Decide: Setting the Stage for Optimal Decision Making

By Jill Schiefelbein

January 24, 2019

Most advice people have regarding decision making is along the line of, “weigh your options”, “get outside advice from a trusted source”, or “look at the cost-benefit or ROI”. That advice is fine and dandy, but it ignores one key fact: If the stage on which the decision is made isn’t set appropriately, the decision may not be the best. Here are four steps to set the stage for productive conversations and more efficient decisions.

2019-01-22 05:54:01

Privacy in the Age of Big Brother: What It Means for IT Audit

By Marcos Colón

January 22, 2019

Technology has impacted quite a lot, but privacy is likely what hits closest to home for everyone. Internal Audit Insights catches up with IHS Markit Internal Audit Director Tony Redlinger, who discusses what the state of privacy is today, and more importantly, what impact it has on the modern-day IT auditor.

2019-01-17 05:36:18

Integrating Fraud Testing Into Your Audit Program: A Guide for the Chief Auditor

By Leonard Vona

January 17, 2019

Fraud costs organizations millions of dollars each year. Simply Google the phrase “fraud scheme,” and you will discover more news stories than you have time to read. If auditors do not detect and stop a fraud scheme, they have cost their organization real money. So, another question for you: Do you want to explain to your audit committee why your department did not detect a $63 million fraud?

2019-01-15 05:54:28

Becoming a Risk Assessment Unicorn

By Steve DeSantis

January 15, 2019

You’ve read a bazillion articles on data analytics theory (ho-hum) in auditing. And we'll be the first to say that we've written a variety on this site. But this time around, let’s focus on how to actually use those data analytics in a single audit area: risk assessments.

2019-01-10 05:32:49

Women in Internal Audit: Opportunities, Challenges, and More in 2019

By Marcos Colón

January 10, 2019

Internal Audit Insights catches up with Nancy Luquette, senior vice president and chief risk and audit executive at S&P Global, who shares her take on the state of women in internal audit in 2019 and the challenges many female practitioners face, but more importantly, how they can overcome them.

2019-01-08 05:57:36

How Your Organization Can Benefit From Internal Audit Rotation Programs

By Hernan Murdock

January 08, 2019

As business processes become more complex, information more widely dispersed, and the risk environment more complicated, the need for internal auditors to adapt to this new environment becomes imperative.

2019-01-03 05:43:44

How Non-Technical Auditors Can Tackle IT Risks

By Marcos Colón

January 03, 2019

Internal Audit Insights caught up with Jami Shine, corporate and IT audit manager at Quiktrip Corp, who shared some proven advice on how non-technical auditors can overcome some of the challenges associated with IT risks.

2018-12-27 11:08:49

Internal Audit Insights Top 10 in 2018

By Marcos Colón

December 27, 2018

And just like that, another year has gone by. We've had a blast providing you with insights all throughout the year, covering audit report writing, project management, and coverage on emerging technology. Here we've compiled a list of the most read articles.

2018-12-25 05:09:07

The Three-Part Approach to Closing the Audit Plan

By Ernest Anunciacion

December 25, 2018

Effectively closing the audit plan and landing on specific action items to pursue can be a challenge. In this contributed article, Workiva's Ernest Anunciacion provides three steps to close this year's audit plan and prepare for next year.

2018-12-20 09:38:43

The Dos and Dont’s of Navigating Touchy Audit Interviews Through Language

By Marcos Colón

December 20, 2018

Communication's expert Jill Schiefelbein chats with Internal Audit Insights and offers up her take on what makes audit interviews so difficult for the modern-day internal auditor, and also offers up specific advise you can use during your next audit interview to ensure you're navigating those encounters effectively.

2018-12-18 05:51:26

How Internal Audit Can Improve the Organization's Tone and Culture

By Hernan Murdock

December 18, 2018

The concept of “tone” plays a key role in the control environment of the organization. While it is set at the top, it should cascade without distortion or gaps throughout the entire organization.

2018-12-13 05:18:05

Implementing Your Audit Department’s Top Technological Audit Practices

By Marcos Colón

December 13, 2018

Data analytics is being leveraged more than ever by internal audit departments, but for those that haven't jumped on the bandwagon yet, this interview with CVS Health's head of data analytics explains the benefits, challenges, and misconceptions tied to the technology.

2018-12-11 05:29:35

Audit Writer’s Hub: Delete the Nothings and Get to Something

By Sarah Swanson

December 11, 2018

In this edition of the Audit Writer's Hub, we specifically tackle some of the pesky nothings – unimportant sentences, filler phrases, and negative phrasing – that creep into our writing and how to get rid of them.

2018-12-06 05:19:51

High-Impact Skills for Developing and Leading Your Audit Team

By Marcos Colón

December 06, 2018

MISTI’s Dr. Murdock shares what the status of the internal auditor is today, in addition providing some key audit leadership techniques that many up-and-coming audit leaders are commonly unaware of.

2018-12-04 05:19:50

The Three Key Elements of Professional Skepticism

By Hernan Murdock

December 04, 2018

Professional skepticism is a critical component of an internal auditor's duty of care that applies throughout any engagement. It's an attitude that includes a questioning mind and a critical assessment of the appropriateness and sufficiency of audit evidence. Here are the three key elements of skepticism you should know.

2018-11-29 05:18:16

The Low Down on Integrated Auditing

By Marcos Colón

November 29, 2018

In this video interview with Internal Audit Insights, Constance Snelling, director of IT risk at Jackson National Life, offers up the essential skills that are needed to be a successful IT auditor today and how this ties into performing an integrated audit.

2018-11-27 05:48:42

Preparing for Robotic Process Automation: What Internal Auditors Need to Know

By Ed Williams & Venkatesh Krishnamoorthy

November 27, 2018

RPA, robotics, robots, bots … as internal auditors you have undoubtedly been hearing this terminology tossed around more and more. What exactly is it? Why is it such a hot topic? Here we answer those questions.

2018-11-22 05:27:11

GRC at the Speed of Business

By Marcos Colón

November 22, 2018

Internal Audit Insights catches up with Ford Winslow, CEO of ICE Cybersecurity, to discuss what the “speed of business” has had on GRC controls, and what IT auditors should prepare for.

2018-11-20 05:23:27

How to Use Balanced Scorecards to Measure the Performance of Internal Audit Departments

By Hernan Murdock

November 20, 2018

The balanced scorecard is a system used to make sure business operations are aligned with the organization’s mission, vision, and strategy. Since it uses several measures to determine success, it helps those involved to balance what is achieved with how it is achieved. Here's how.

2018-11-15 05:50:31

How to Create a Fraud Risk Statement for Your Fraud Audit Program

By Leonard Vona

November 15, 2018

There tends to be a fair amount of confusion when it comes to a fraud risk identification approach versus an experience-based approach but here we set out to create a list of universal definitions intended to clarify how and why you might use this approach.

2018-11-13 05:18:04

4 Strategies to Head up Risk Management in your Company

By Sarah Swanson

November 13, 2018

As auditors, we all know that internal audit is uniquely positioned to understand where risks lay within an organization. But sometimes audit doesn’t get the opportunity to communicate the company’s risks to a broader audience. Here, we share a few ideas to help internal audit build bridges between knowing, communicating, and fixing risk in a company.

2018-11-08 05:51:37

Do DevOps and Compliance Go Hand in Hand?

By Marcos Colón

November 08, 2018

IT audit is only beginning to familiarize itself with DevOps as more organizations begin to deploy successful programs. But is it fair to say that DevOps and compliance go hand in hand? In this video interview with Atlassian Risk Futurist Guy Herbert, he gives his take on the topic.

2018-11-06 05:51:12

Leveraging Virtual Team Meetings as Part of the Internal Audit Process

By Jill Schiefelbein

November 06, 2018

Many internal audit teams are not using video conferencing and virtual meetings to their advantage. When they're set up for success, research shows that virtual teams can be more effective in solving quick, simple problems than face-to-face teams.

2018-11-06 05:45:05

Leveraging Virtual Team Meetings as Part of the Internal Audit Process

By Jill Schiefelbein

November 06, 2018

With increased access to cost-effective and user-efficient digital communication technologies that allow people to intentionally or spontaneously connect from any place, at any time, we have opportunities to collaborate like never before.

2018-11-01 05:44:49

What Internal Auditors Should Know About Dirty Money Centers

By Veronica Morino, Asia Chernova, and Nigel Iyer

November 01, 2018

As Dirty Money Constellations continue to move from the “Islands of Shame” to the re-emerging epicenters of power, should we just be passive observers or is there something we can do?

2018-10-30 05:04:50

Balancing the Risks of Today with an Eye on the Risks of Tomorrow

By Alec Arons

October 30, 2018

A great deal has changed over the years when it comes to risk, including the willingness and interest of CAE’s, Audit Committees and Boards to talk about risk. As part of the increase in dialogue relating to risk and risks on the horizon much has been written and discussed. Here, Experis's Alec Arons consolidates that information.

2018-10-25 05:21:36

Common Visual Cues that Could Send Your Audit Client the Wrong Message

By Jill Schiefelbein

October 25, 2018

As an internal auditor, it’s not just your words, it’s the absence of words or untimely words that could still convey a message to an audit client. It’s not only your actions, but it’s also the lack of action. All of these aspects result in communication. Communications expert Jill Schiefelbein explains more.

2018-10-23 05:53:55

Using Histograms to Better Understand Data

By Hernan Murdock

October 23, 2018

Histograms are a very powerful tool to analyze data because they show the distribution of a continuous variable in a diagram and their appearance is similar to bar graphs. In this feature article, MISTI's Dr. Hernan Murdock explains how internal auditors can leverage them.

2018-10-18 05:39:10

The IT Audit Checklist for Emerging Risks

By Sarah Swanson

October 18, 2018

Many organizations are still failing to effectively audit areas such as cloud security or even social media. So what areas should you be covering and why? This article answers questions tied to that topic. Here you'll find the top IT risks that consistently vex companies and protect your assets.

2018-10-16 05:27:49

How to Make Findings and Recommendations More Persuasive

By Hernan Murdock

October 16, 2018

Persuasion is an important aspect of internal auditing that doesn’t receive enough attention or coverage. Internal audit's job is to verify that conditions and practices are as expected, and to identify opportunities for improvement within organizations. But how does persuasion play into this?

2018-10-11 05:21:08

Can Internal Auditors Perform Advisory Reviews While Remaining Independent?

By Nancy Luquette

October 11, 2018

Is serving as an advisor and maintaining internal audit’s essential responsibility of objectivity, free of management influence, possible? Spoiler alert: Yes. And it’s both necessary and crucial to the internal audit profession’s standing in any organization.

2018-10-09 05:51:36

How Internal Auditors Can Change How Audit Clients Listen to Them

By Jill Schiefelbein

October 09, 2018

In a perfect world, the client is receptive, understands each recommendation, and takes immediate corrective action. But we all know that perfect world doesn’t exist. In this informative feature, communications expert Jill Schiefelbein explains what internal auditors can do to make audit clients more receptive to their communication.

2018-10-04 04:34:01

Complex Fraud Scheme: Vendor Overbilling Part 2

By Leonard Vona

October 04, 2018

In this second installment of our two-part series on vendor overbilling, we look at how to use fraud data analytics designed to uncover a complex fraud scheme and the fraud audit procedures designed to provide credible evidence.

2018-10-02 05:47:23

Complex Fraud Scheme: Vendor Overbilling Part 1

By Leonard Vona

October 02, 2018

Fraud expert and MISTI instructor, Leonard Vona, selected a complex corruption scheme and a complex overbilling scheme to illustrate how fraud auditing can detect even the most complex schemes.

2018-09-27 05:40:36

Common Audit Committee Questions on Cybersecurity

By Marcos Colón

September 27, 2018

Internal Audit Insights catches up with Yulia Gurman, Director of Internal Audit and Corporate Security at the Packaging Corporation of America on the common questions that audit committee members have tied to cybersecurity, and what IT auditors should prepare for.

2018-09-25 05:07:21

Assessing Cyber Risk: What You Don’t Know Can Hurt You

By Stephen Head

September 25, 2018

Measurably reducing cyber risk in the business is an obstacle nearly all organizations face today. Needless to say, it's critical for businesses to conduct cyber risk assessments. In this contributed article by Experis' Stephen Head, he dives into the topic.

2018-09-18 05:25:43

Audit Writer’s Hub: 3 Tips for using Criteria

By Sarah Swanson

September 18, 2018

In audit report writing, we’re all pretty well tethered to writing the 5C’s of an audit issue, namely the criteria, condition, cause, consequence, and corrective action. In this edition of the Audit Writer's Hub, MISTI instructor Sarah Swanson focuses on criteria.

2018-09-13 05:27:15

Using Cause and Effect Diagrams to Find the Root Cause of Issues

By Hernan Murdock

September 13, 2018

One of the challenges internal auditors encounter when analyzing a finding is identifying the root cause of the problem. This is where the Cause and Effect Diagram can help. In this featured post, MISTI's Dr. Hernan Murdock explains how and why.

2018-09-11 05:30:09

A Call to Internal Audit: Don't Just Write, Tell a Story!

By Ross E. Wescott MA CISA CIA CCP CUERME

September 11, 2018

Internal auditors do not always come into the profession knowing how to write well. That's why there's so much material available on writing clearly. Internal auditors do not always come into the profession knowing how to write well. But what if there was a way to transform an internal auditor's written and spoken communication?

2018-09-06 05:56:49

Adapting to the New Normal of Internal Audit

By Imran Zia

September 06, 2018

Rapidly accelerating pressures are fueling the need for the internal audit profession to transform its thinking from being financial controls-centric to shareholder value-centric. Here's how internal auditors can adapt to this "new normal."

2018-08-30 05:08:40

The Pareto Diagram: A Tool for Internal Audit to Focus on What Matters Most

By Hernan Murdock

August 30, 2018

As internal auditors increase their use of data analytics to better understand process characteristics, isolate issues and perform more accurate root cause analysis, the Pareto Diagram continues to grow as a useful tool for them.

2018-08-28 05:21:45

Visual Cues to Make Your Audit Interviews More Manageable

By Jill Schiefelbein

August 28, 2018

We’ve provided tips on how internal auditors can become better presenters, but in this feature article communication’s expert Jill Schiefelbein highlights some visual cues internal auditors should take note of; from physical gestures to furniture placement.

2018-08-23 05:45:28

The Dos and Don'ts of IT GRC in the Cloud

By Marcos Colón

August 23, 2018

IT audit expert Mark Thomas, president of Escoute Consulting, chats with Internal Audit Insights on the impact that cloud migration has had on the business, and shares the major Dos and Don'ts that IT auditors should know about GRC in the cloud.

2018-08-21 05:26:30

How Internal Auditors Can Leverage the Balanced Scorecard

By Hernan Murdock

August 21, 2018

The balanced scorecard is a system used for planning and management to make sure business operations are aligned with the organization’s mission, vision, and strategy. In this featured article, MISTI's Dr. Hernan Murdock explains how you can use it to your advantage.

2018-08-16 05:58:29

Training the Internal Auditors of Tomorrow

By Karen Kroll

August 16, 2018

As the business world changes at an accelerating rate, auditors need to keep up or risk becoming irrelevant and unable to provide the insight that will allow their organizations to succeed. That means they’ll need to continually add to their skills and knowledge.

2018-08-14 05:57:34

Innovation: The New Imperative for Internal Audit

By Terry Hatherell, Deloitte Global Internal Audit Leader

August 14, 2018

As organizations continue to evolve and innovate, new risks arise. Meanwhile, the larger business environment continues to change, often rapidly and in unexpected ways. This places new demands on the internal audit function.

2018-08-09 05:32:43

Internal Audit Data Analysis Using Benford’s Law

By Hernan Murdock

August 09, 2018

Organizations are accumulating large amounts of data and internal auditors are rapidly increasing their mining for, and use of, these sizable data sets. This proliferation of data raises the question of how to extract meaning from it all.

2018-08-07 05:01:58

Leveraging Virtual Team Meetings: Four Tips for Success

By Jill Schiefelbein

August 07, 2018

With distributed workforces and flexible workstyles, virtual team meetings are becoming commonplace in the internal audit function. Many times, though, virtual meetings aren’t taken with the same level of seriousness as in-person meetings are.

2018-08-02 05:55:30

What Risks Do Blockchain Present the Enterprise?

By Karen Kroll

August 02, 2018

As the number of blockchain implementations continues to grow, internal auditors will need to learn about both the promise and risk this technology offers. So what exactly is blockchain technology and what does it mean to you as an internal auditor? This article answers that question.

2018-07-31 05:24:57

Audit Writer’s Hub: 3 Steps to Improve Risk Statements

By Sarah Swanson

July 31, 2018

If you’ve ever read or written a sentence along the lines of “Financial misstatement could lead to financial loss,” or “Non-compliance with policies” (what does that even mean anyway?), then read on for some tips to improve the risk statement.

2018-07-26 05:33:03

How to Develop a Strong 'Tone at the Top'

By Karen Kroll

July 26, 2018

The value of a strong "tone at the top" cannot be underestimated as it can improve a company's performance. The benefits of a strong tone at the top should be of interest to leaders in all departments within every organization. Here's what you can do to evaluate it.

2018-07-24 05:01:58

Using Scatter Diagrams to Understand Numerical Relationships

By Hernan Murdock

July 24, 2018

Scatter diagrams can help find the answer to many questions. Internal auditors can leverage them to analyze pairs of numerical data and show the relationship between two variables. In this feature write-up, MISTI's Dr. Hernan Murdock highlights their benefits.

2018-07-19 05:00:50

Privacy in 2023: What Internal Audit Can Expect

By Heather Dean Bennington

July 19, 2018

The European Union’s GDPR is officially in effect, but that’s likely not the last regulation that will be implemented that has an impact on the internal audit function. Here’s what you should consider five years from now.

2018-07-17 05:53:14

Being Creative While Conducting Internal Audits

By Hernan Murdock

July 17, 2018

Creativity is the use of imagination or original ideas, but it's not that important for internal auditing. Given that reporting rules and regulations are non-negotiable, there is little room for creativity and original ideas, right? Wrong! Here's what you can do to be creative while conducting audits.

2018-07-12 05:48:01

The Internal Auditor’s Guide to Masterfully Speaking to Boards and Committees

By Jill Schiefelbein

July 12, 2018

The presentation skills that you were likely taught in high school and college in no way prepared you for the reality of delivering reports in front of boards and audit committees. This article is your crash-course in small group presentations and gives you two key areas to consider.

2018-07-10 05:52:26

Rotational Auditing and Fishing

By Sarah Swanson

July 10, 2018

Rotational auditing has been a fishing hole for years. The pros and cons have been fished around too. And then fished around some more. Auditors have a way of fishing. But paddling deeper into audit's consulting water, rotational auditing could provide a venue for teaching risk awareness.

2018-07-05 05:51:17

IT Audit Should Consider These Third-Party Risk Traps

By Marcos Colón

July 05, 2018

TalaTek’s Baan Alsinawi provides an update on the state of third-party risk management as it relates to IT auditors and sheds light on the hidden traps they should look out for as it relates to trusted business partners.

2018-06-28 05:44:33

How IT Audit Can Break Down Communication Silos

By Marcos Colón

June 28, 2018

Escoute Consulting President Mark Thomas dives into the topic of communication challenges within the enterprise, why they exist among IT audit and cybersecurity, and the steps you can take to ensure those silos are broken down.

2018-06-26 05:26:47

Using Key Performance and Key Risk Indicators to Provide Timely Assurance

By Hernan Murdock

June 26, 2018

Information drives modern organizations, so it is imperative that metrics be used that give management objective information. In this instructive article by MISTI's Dr. Hernan Murdock, he advises on how internal auditors can do just that.

2018-06-21 05:30:06

Who Owns Risk at the End of the Day?

By Marcos Colón

June 21, 2018

Fastpath’s Keith Goldschmidt discusses who the real owners of risk are within the enterprise, but also offers up insight on what IT audit can do to help streamline communication and do their part in creating a “risk culture” within the business.

2018-06-19 05:46:33

Developing Continuous Control Monitoring Procedures Without Losing Independence

By Hernan Murdock

June 19, 2018

When designing continuous auditing procedures, auditors and management must think through what the metrics are, and what thresholds would trigger the auditors’ desire to gain a better understanding of operational issues.

2018-06-14 05:15:21

DevOps: What IT Audit Needs to Know

By Marcos Colón

June 14, 2018

XebiaLabs’ Robert Stroud highlights what it is that IT audit needs to know about DevOps, why they should care, and offers up ways in which they can approach DevOps in a constructive manner that ultimately reduces risk in the organization.

2018-06-12 05:19:17

Audit Writer’s Hub: Spicing Up Mumbling Dump Trucks

By Sarah Swanson

June 12, 2018

In the last Audit Writer’s Hub, we talked about crafting gourmet audit issues, instead of mass-produced, dollar-menu issues. This week, we focus on mumbling words and long-winded sentences.

2018-06-07 05:24:21

How Technology Impacts the Internal Auditor of Today

By Marcos Colón

June 07, 2018

Onspring’s Jason Rohlf discusses how technology has impacted the internal auditor of today, but also offers tips on how auditors can stay ahead of the curve, rather than play catchup.

2018-06-05 04:01:26

Closing the Internal Audit Talent Gap

By Karen Kroll

June 05, 2018

The internal audit function is not immune to the challenges that come with acquiring and retaining talented individuals in the department. In this article, we identify several strategies that can help you recruit talented internal audit candidates.

2018-05-31 05:29:21

Finding IT Help for your Business

By Sarah Swanson

May 31, 2018

According to MISTI’s annual Internal Audit Priorities Report, internal audit leaders are in need of hiring outside assistance for challenges they face surrounding IT security. Here, we share a few tips to help you find the best IT consultant for your needs.

2018-05-29 05:45:39

Why Words, Not Numbers, Are the Internal Auditor’s Most Valuable Currency

By Jill Schiefelbein

May 29, 2018

Numbers and fancy charts are only able to tell part of the story for internal auditors. If you want your reports and your data to come alive for your clients, you need to make your words matter. Words, when it comes to driving action, are your most valuable currency. Here's why.

2018-05-24 05:23:26

From Corporate Cop to Trusted Advisor

By Hernan Murdock

May 24, 2018

Internal auditors have been working toward shedding the "corporate cop" label given to them within the enterprise. But what is a trusted advisor? What do they do and what behaviors are necessary to become a trusted advisor?

2018-05-22 05:18:09

How to Audit Whistleblower Programs

By Hernan Murdock

May 22, 2018

The Sarbanes-Oxley Act of 2002 Section 301 requires publicly-traded companies to have a whistleblowing program. But, how do we know if the program is effective? This article should help get you on your way.

2018-05-17 05:35:18

How to Keep Millennials in Internal Audit

By Sarah Swanson

May 17, 2018

When salary is fixed and the perks are what a Gen Xer would like but maybe not a millennial (i.e., catered lunches, unlimited paid time off, yoga hour), how does an audit shop change their philosophy to cater to the younger crew? Below we explore different ways to motivate a millennial auditor.

2018-05-15 05:35:12

Looking to Improve Your Audit Cycle? Try This

By Karen Kroll

May 15, 2018

To continually operate more efficiently and add greater value to the business, internal audit has to boost its performance throughout each stage of the audit cycle. The guidelines below can help you improve the risk assessment, planning, execution, and reporting stages of the audit cycle.

2018-05-10 05:26:02

How Internal Auditors Can Strategize for the Mundane, Part 2

By Sarah Swanson

May 10, 2018

We recently discussed the intersection of emotional intelligence and strategic intelligence. Here are some more common strategic areas to look at. One of these may be similar to your company, or maybe you have some additional strategic areas too. We’d love to hear about them.

2018-05-08 05:09:36

When Emotional Intelligence Meets Strategic Intelligence for Internal Auditors, Part 1

By Sarah Swanson

May 08, 2018

Infusing an audit with strategic intelligence can be a little uncomfortable. But a little stretch does an auditor (and the company) good. Here, we've provided a few tips to articulate the big picture to your team and your auditee.

2018-05-03 08:41:40

5 Ways to Continuously Audit Without Data Analytics

By Sarah Swanson

May 03, 2018

If continuous auditing doesn’t strictly mean automated data analytics or fancy software, then it means a larger group of internal audit shops can employ continuous auditing. This article highlights five ways you can continuously audit your business without all the software and by just using your brain.

2018-05-01 05:05:39

Why Internal Auditors Should Lead With Their Relevancy and Value, Not Their Title

By Jill Schiefelbein

May 01, 2018

As an Internal Auditor what you do is NOT your title. It's NOT your longevity in the field. It's NOT a credential. However, as an internal auditor the question "What do you do?" typically doesn't receive a straightforward answer. Here we provide you with an activity that will get you thinking about what you DO, and help you communicate it effectively.

2018-04-26 10:56:18

How to Develop a Stronger Relationship with the Second Line of Defense

By Karen Kroll

April 26, 2018

In this feature article, we caught up with some top subject matter experts that shared their best advice on how internal auditors can develop stronger relationships with their colleagues in the functions that make up the second line of defense.

2018-04-24 11:40:42

Audit Writer’s Hub: Dollar-Menu Burgers and Grammar Passive Voice and 3 Steps to Fix Your Sentence

By Sarah Swanson

April 24, 2018

Even if you’re a dollar-menu writer now, that does not mean you always will be. Anyone can become a gourmet audit report writer. Over the next few weeks, Audit Writer’s Hub articles will focus on specific writing tips to help you begin crafting your gourmet issues. This week, we look at passive voice.

2018-04-19 16:15:21

7 Areas to Focus on to Improve Your Relationship with Audit Clients

By Karen Kroll

April 19, 2018

Developing a strong working relationship with audit clients goes a long way, but that can be a lot easier said than done. In this post, we examine 7 areas that internal auditors can focus on that will help them improve their relationships with audit clients.

2018-04-17 05:56:27

Essential Steps to Tackling Vendor Risk Management

By Sarah Swanson

April 17, 2018

Internal audit is positioned to help evaluate risk that arises from working with vendors. Here we outline steps for determining which vendors to audit and what to focus on during the audit.

2018-04-12 05:02:57

Audit Writer’s Hub: Tone and the Chicken Little Dilemma

By Sarah Swanson

April 12, 2018

By improving the tone of the audit report, auditors maintained – if not, increased – the integrity of findings and developed better relationships with their clients. Rather than brutal honesty, auditors became humanely honest. Here are four strategies to improve tone in your audit reports.

2018-04-09 06:14:32

How Internal Audit Can Streamline Processes Through RACI Charts

By Hernan Murdock

April 09, 2018

Effective communication, teamwork, and accountability are key ingredients of efficient programs, processes, and projects. Unfortunately, many organizations suffer due to a misunderstanding of who’s responsible for what. Here, Dr. Hernan Murdock details how RACI Charts can help internal auditors overcome these challenges.

2018-04-05 06:13:48

How Internal Audit Can Benefit From Force Field Analysis

By Hernan Murdock

April 05, 2018

Auditors in search of a great decision-making tool to identify the forces for and against a course of action should look no further than Force Field Analysis. In this feature by MISTI's own Dr. Hernan Murdock, he details how internal audit can leverage this technique.

2018-04-03 06:19:33

5 Skills Internal Auditors Can Use to Refine Their Emotional Intelligence

By Sarah Swanson

April 03, 2018

If internal auditors are auditing people, then they need to have a humane approach. And to audit humanely, they need to show a degree of emotional intelligence. Here are five skills that can get you on your way.

2018-03-29 06:30:00

The Problem With Most Audit Reports

By Norman Marks

March 29, 2018

How do our stakeholders on the board and in top management assess the value of internal audit? What do we give them? What do they have on which to base their assessment?

2018-03-27 06:05:23

5 Tips That Make Your Audit Budget Go Further

By Sarah Swanson

March 27, 2018

Small internal audit team, small budget. Large internal audit team, still small budget. What do you do to make sure you get the most out of your internal audit dollars? Here are some ideas to consider when making every dollar count.

2018-03-22 06:36:53

The Fundamental Components of Evaluating Your Audit Team

By Jill Schiefelbein

March 22, 2018

Performance reviews are often viewed as arduous, time-consuming tasks. But they don’t have to be. Business communication expert Jill Schiefelbein dissects the two different aspects of evaluating one's audit team.

2018-03-20 06:14:18

Audit Writer's Hub: 9 Ways to Take Pride in Your Email

By Sarah Swanson

March 20, 2018

A quick ask on social media about pet peeves in email etiquette unleashed a tirade of email annoyances from friends and acquaintances. The list of email frustrations is enough to make anyone self-conscious, because we’ve all committed email blunders of our own. This week, we review email etiquette for auditors.

2018-03-15 06:12:26

8 Areas of Waste for Internal Auditors

By Hernan Murdock

March 15, 2018

Dr. Hernan Murdock highlights eight areas of waste for internal auditors, and how they can add value to their clients by identifying waste and inefficiency.

2018-03-13 10:31:02

Are You Committing Blunders With Your Audit Committee?

By Sarah Swanson

March 13, 2018

If you're an internal auditor and are in the midst of creating a quarterly summary right now, we have people here who have created and delivered plenty of quarterly summaries to audit committees. Here are some of the ideas they shared that you should follow.

2018-03-08 06:05:03

Why Auditing Social Media is Becoming Increasingly Important

By Marcos Colón

March 08, 2018

In this recent video shot at MISTI’s ITAC Conference, INARMA's Jason Claycomb gives his take on the state of auditing social media in the enterprise, and what steps internal auditors can take to monitor the risks associated with the technology.

2018-03-06 06:12:38

5 Signs You Have a World-Class Audit Team

By Sarah Swanson

March 06, 2018

In this feature article, we catch up with one subject matter expert that discusses the qualities that world-class audit teams possess. Perhaps all these qualities are alive and spinning on your team right now. Or maybe the following will touch upon qualities worth recommitting to on your audit team.

2018-03-01 18:25:18

How to Leverage Surveys in Internal Audit

By Hernan Murdock

March 01, 2018

Surveys can benefit internal audit when it comes to reviewing intangible topics such as corporate culture, entity-level controls, and an ethical environment. In this feature article, we highlight the critical stages of conducting and designing effective surveys.

2018-02-27 06:05:22

How Audit Can Support the Incident Response Plan

By Sarah Swanson

February 27, 2018

Response plans vary somewhat. But here we'll focus on giving you the best insight on how the internal audit function can provide support for the business's incident response plan. Here's a look at some proven tips that can help you get started.

2018-02-22 06:21:37

Preparing for the Future Class of Internal Auditors

By Marcos Colón

February 22, 2018

In this video interview with Glenn Sumners, Director of LSU's Center for Internal Auditing, he discusses what attracts his students to the internal audit program at LSU, what you can expect from the next crop of internal auditors, and how you can help them adjust to the internal audit department of today.

2018-02-20 06:23:28

Why Speaking Cybersecurity Goes a Long Way for Internal Audit

By Sarah Swanson

February 20, 2018

Since the cards might feel a little stacked against the auditor at the cybersecurity table, let’s define a few Aces in the hand that you can use when you’re auditing cybersecurity and communicate helpful root causes and risks.

2018-02-15 06:17:22

Audit Writer's Hub: 7 Steps to Writing Better Root Causes Part 2

By Sarah Swanson

February 15, 2018

Picking up where we left off in part one of this two-part series, here we discuss strategies to determine if findings really need RCA and tips for discussing RCA with the audit client.

2018-02-13 06:27:47

Audit Writer's Hub: 7 Steps to Writing Better Root Causes Part 1

By Sarah Swanson

February 13, 2018

If done well and communicated properly, reporting the root cause can be the glue your report needs to tie findings to the overall health of the company and create significant change for the business. This article provides some strategies to use in writing and communicating root cause in audit findings.

2018-02-08 06:08:52

How Internal Audit Can Get More Information From Flowcharts

By Hernan Murdock

February 08, 2018

Drawing flowcharts can be time-consuming, but internal auditors can gain a wealth of information during and after preparing them. By following these suggestions the benefits will far exceed the costs.

2018-02-06 06:11:49

What COSO’s Revised ERM Framework Means for Internal Audit

By Marcos Colón

February 06, 2018

In this interview featuring Bob Hirth, Chairman at COSO, he sheds light on the recent updates made to the COSO ERM framework, discusses what those changes mean for internal auditors, and advises on how to best leverage the framework.

2018-02-01 06:01:25

Effective Audit Committee Communication: Keys to Success for Internal Auditors

By Ed Williams

February 01, 2018

Few things can derail the audit committee’s perception, confidence, and trust of internal audit faster and more profoundly than ineffective communications to and from the internal audit function.

2018-01-30 06:36:11

Speed up Your Audit Team's Performance with Data Analytics

By Sarah Swanson

January 30, 2018

Given the talents and skills that auditors possess (analyzing data, spotting trends, forming conclusions), auditors are in a perfect position in a company to be part of data analytic innovation. This article proposes a plan to fill in the gaps and implement data analytics in the business.

2018-01-26 06:26:47

An Internal Auditor's Guide to Social Media

By Sarah Swanson

January 26, 2018

Within a communications group, chances are that someone is performing a level of auditing of weekly or monthly online analytics already. But it doesn’t hurt to talk to these people and fill in any gaps you discover. How effective is your social media presence and how do you audit it? This article should get you started on auditing social media within a larger audit.

2018-01-25 06:09:50

The Benefits of Leveraging the CIS Critical Security Controls

By Marcos Colón

January 25, 2018

Technology continues to flood organizations and IT auditors are facing increasing challenges. The Center for Internet Security's Critical Security Controls are intended to help the cause. In this exclusive video interview with Internal Audit Insights, subject matter experts define the controls and discuss their benefits for IT auditors.

2018-01-18 06:01:21

Effective Inclusion: 3 Strategies for Seeking Talented Auditors

By Sarah Swanson

January 18, 2018

Historically, the Internal Audit profession has not been a leader on the topics of diversity and inclusion. Internal Audit Insights recently caught up with Adam Rutan of Cardinal Health who shared his audit team's experience of how they redefined diversity and improved their audit function along the way.

2018-01-16 05:20:53

The Secret to Driving Value Through Artificial Intelligence

By Sarah Swanson

January 16, 2018

Rather than robotic humanoids or machines who have become “self-aware,” artificial intelligence might be better described as computer systems that can predict human behavior. For internal audit, it can be a handy tool for specific processes within audit and analyzing overall sets of data with greater accuracy and even predict risk.

2018-01-11 10:53:21

Beyond Root-Cause Analysis: Helping Internal Audit Clients Prevent Mistakes

By Hernan Murdock

January 11, 2018

At times, internal auditors don't explain to their clients that processes should be built to operate error-free. Even when controls detect errors, customers report gaffes, or sheer luck saves the day, these events often cause re-work. Here's what you can do to help your clients prevent mistakes.

2018-01-09 06:51:55

What to Expect from the next Crop of Internal Auditors

By Sarah Swanson

January 09, 2018

Because of technology and godlike accessibility, the new crop of auditors has a completely different paradigm, and previous generations must learn to connect with this generation to accomplish audit goals. With a widening skills gap between the top and the bottom students, we’ve compiled some ways to look for the worthwhile candidates for your company.

2018-01-04 15:57:22

Audit Writer's Hub: 7 Steps to Overhaul Your Audit Report

By Sarah Swanson

January 04, 2018

This article won’t show you exactly how the report should look, but will you give you some of the basics to expunge elements of the old audit report so you can make room for the new audit report.

2017-12-28 07:47:48

How to Make Sure Every Audit Focuses on What Matters Most

By Hernan Murdock

December 28, 2017

An audit is a complex undertaking that requires internal auditors to examine documents, speak with employees, observe business practices, and evaluate controls in business programs and processes.

2017-12-26 06:12:00

Readers Choice: Top 10 Internal Audit Insights of 2017

By Marcos Colón

December 26, 2017

You picked them! Here's a look at the most read articles published on Internal Audit Insights in 2018. From building great audit teams to writing an audit report that gets results, you'll find a unique mix of some engaging content that answers some of your pressing questions.

2017-12-21 05:57:00

How to Manage Outside Audits Performed on Your Organization

By Marcos Colón

December 21, 2017

Raytheon's Thomas Sanglier discusses the positive impact that the internal audit function can make when it comes to handling outside audits, the challenges this task can present, and how to overcome them.

2017-12-19 06:16:36

Stayin’ Alive with Integrated Auditing

By Sarah Swanson

December 19, 2017

For those that do integrated audits, the concept is a no-brainer. Integrated audits are an efficient, holistic approach to the business. But, if the idea of integrated auditing is untapped, then it’s a brave new world to check out. Below are some points to get the conversation started in your company.

2017-12-14 04:16:12

The IT Auditor's Role in Today’s Complex, Evolving Enterprise

By Marcos Colón

December 14, 2017

Forrester Research's Robert Stroud discusses the current state of the enterprise as it relates to IT auditors and why it’s important to bridge the gaps between audit, IT audit, compliance, and security within organizations.

2017-12-12 06:16:01

Audit Writer’s Hub: The Art of Tidying Up Narratives

By Sarah Swanson

December 12, 2017

Today, we’ll be cleaning out the metaphorical “auditor’s closet.” The auditor’s closet comes stashed with a variety of documents that identify, document, record, and communicate specific controls for both you and whoever needs to review these controls in the future.

2017-12-07 06:01:44

Remain Relevant as an Internal Auditor by Doing This

By Marcos Colón

December 07, 2017

In this exclusive video interview with Internal Audit Insights, MISTI's Dr. Murdock offers up key steps that internal auditors should take to remain relevant and continue to add value to the business.

2017-12-05 05:56:00

5 Critical Social Media Tips for Internal Auditors

By Sarah Swanson

December 05, 2017

If you’re going to audit social media, then develop a method. Kate Mullin, a social engineering expert, shares a formulaic approach to begin thinking like a hacker and doing the reconnaissance a hacker would do so that you can protect your organization.

2017-11-30 06:18:00

Knocking Your SOX off with COSO

By Sarah Swanson

November 30, 2017

Just like each area of a jungle gym needs solid attention (lest there be risks), so do the right areas of an audit require attention to maintain the health of a company.

2017-11-28 06:15:25

What Every Audit Customer is Thinking, But Won't Ever Say

By Sarah Swanson

November 28, 2017

Change is hard no matter what. We’re more apt to change when we’ve made the rules. When we’re forced to change – like being subjected to an audit – that’s a large horse pill to swallow. But there are things that auditors can do to make that horse pill go down smoother.

2017-11-23 06:23:10

Investigate, Understand and Forgive: A Realistic Alternative to Zero Tolerance

By Nigel Iyer

November 23, 2017

Fraud and corruption are all around us. As internal auditors, if we're so heavy handed with the few “sinners” we catch, won’t the large majority who didn't get caught breath a huge sigh of relief and just try even harder to stay hidden?

2017-11-21 06:23:48

Audit Writer’s Hub: Is Your Audit Report written to a flock of Wild Turkeys?

By Sarah Swanson

November 21, 2017

Between varied audiences and modern communication standards (dense information in few words), internal auditors must make sure they’re writing to their end audience.

2017-11-16 06:35:38

How SIPOC Diagrams Can Help Improve Audit Planning and Fieldwork

By Hernan Murdock

November 16, 2017

As internal auditors apply risk-based auditing techniques to their reviews and increase their focus on the needs of customers to achieve organizational aims, it is essential to gain a panoramic understanding of the process. The SIPOC diagram can help.

2017-11-14 06:37:11

Do We Understand What a Risk Event Is?

By Norman Marks

November 14, 2017

People talk about a risk event as if it is obvious what it is and what it means. But that's certainly not always the case.

2017-11-07 06:10:47

How to Attract and Retain High-Impact Internal Auditors

By Alec Arons

November 07, 2017

Whether the organization as a whole is onboard or not, corporate audit needs to develop and embrace programs designed to meet the needs of a changing workforce if they are to attract and retain top talent.

2017-11-02 06:36:09

Taking Your Audit Career to the Next Level: How to Separate Passion from Emotion

By Dan Clark

November 02, 2017

As an internal auditor, there's nothing wrong with having passion for what you do. Passion supports the search of truth and ensures objective momentum to a conclusion. But it's important to know that emotion, on the other hand, is not passion.

2017-10-31 06:03:00

Strategies for Building Killer Audit Teams

By Sarah Swanson

October 31, 2017

Whether you are creating an audit team, adding new auditors to your existing team, or flat-out enjoying audit like we do, read on for tips to creating an internal audit team with all the right flavors.

2017-10-26 06:49:17

Auditor Wanted: Must Have Cybersecurity Skills

By Shawna Flanders

October 26, 2017

Seeing as many IT audit positions require candidates to hold information security certificates, how do we as an assurance community prepare tomorrow's security-savvy workforce?

2017-10-24 06:41:32

Taking Your Internal Audit Career to the Next Level: Quick Tips to Express Your Team Support

By Daniel A. Clark

October 24, 2017

Believe it or not, some orchestral tunes offer up important bits of wisdom that can easily apply to the internal audit function. In part one of this two-part series, Dan Clark describes what internal auditors can learn from Joseph-Maurice Revel's "Bolero."

2017-10-19 06:16:09

You Are What the Search Engine Finds!: Tips to Ensure Online Privacy

By Shawna Flanders

October 19, 2017

When is the last time you looked for your name on the internet? Which of the links and images are tied to you? More importantly, where does all this information come from? Here are 13 important tips to leverage at your organization to ensure online privacy.

2017-10-17 06:02:02

5 Tips to Ride the Wave of Rotational Auditing

By Sarah Swanson

October 17, 2017

Where companies may do some variation of a rotational program, perhaps using rotational auditors is an untapped resource in your company. If rotational auditing sounds like something you’d like to try – do it. We put together a few steps to get going in that direction.

2017-10-12 06:07:40

Cybersecurity in the Workplace is Everyone’s Business

By Shawna Flanders

October 12, 2017

The cyber threat landscape is evolving and as an internal auditor it's important to become familiar the risks the organization is facing. Here are 11 helpful tips you can leverage to make sure your company steers clear of known exploits.

2017-10-09 06:10:58

Understand the Objective of Your Audit, Or Fail

By William Nealon

October 09, 2017

To have a successful audit outcome, it’s imperative to understand the objective of your audit. Keeping your focus on the end result is imperative.

2017-10-05 06:00:31

National Cybersecurity Awareness Month: 17 Simple Steps to Online Safety

By Shawna Flanders

October 05, 2017

It's week one of National Cybersecurity Awareness Month, so what better way to kick things off than focusing on protecting yourself with these 17 important tips.

2017-10-03 06:27:00

How Internal Auditors Can Gain Data Analytics Experience

By Joseph McCafferty

October 03, 2017

Internal auditors with data analytics expertise can earn a premium and weild more influence in internal audit departments, but getting started may take some initiative and a little creativity.

2017-09-28 05:16:02

Kick-off Time: How to Crush the Internal Audit Entrance Meeting

By Sarah Swanson

September 28, 2017

As the audit quarterback, you get to work with the entire team to overcome these fears and crush the meeting (in a good way). Here are some points to consider as you huddle up and plan for a successful audit.

2017-09-26 06:27:00

It’s Time to Put a Little More Management in Your Risk Management

By Richard Archer

September 26, 2017

Just because a company has a robust risk management system in place doesn't guarantee that it will actually manage risk well. An ineffective manager will mismanage risks, no matter how strong the risk management system is.

2017-09-21 06:08:23

How to Write an Audit Report That Gets Results

By William Woodington

September 21, 2017

Tips and tools on how to create a robust and useful audit report that gets read.

2017-09-19 06:30:35

Eight Things Every Internal Auditor Should Know About Sarbanes Oxley

By Matt Kelly

September 19, 2017

As SOX turns 15 this fall, let’s widen the lens to capture what SOX is really about: its history, its goals, and the most important points to remember for an effective SOX compliance experience.

2017-09-14 06:00:10

5 Steps to Become a Fieldwork Ninja Warrior

By Sarah Swanson

September 14, 2017

Just like a huge obstacle course requires solid preparation, successful fieldwork requires deliberate planning.

2017-09-12 06:06:16

Internal Audit’s Role in Third Party Data Protection

By Tom O'Reilly

September 12, 2017

Internal audit can provide assurance to their board and executive team whether or not a process is in place to manage risks of third parties maintaining critical data, and that third parties have their data protection controls in place.

2017-09-07 06:00:00

Testing Key Controls

By Peter Yi

September 07, 2017

Auditors who can implement any one of the following strategies should yield both improved control coverage and lower costs.

2017-09-05 06:25:08

To Reward or Not to Reward – The Very Important CAE Question

By Tom O'Reilly

September 05, 2017

The Apprentice, Top Chef, and Project Runway are three of the most successful reality TV competition shows in the United States.

2017-08-31 06:25:58

Why Internal Auditors Should Use the 5 Whys Method for Root Cause Analysis

By Hernan Murdock

August 31, 2017

The Five Whys is one of the simplest tools for cause analysis. It is easy to use, and the approach consists of asking “why” multiple items, each of which probes further into the source of the problem.

2017-08-29 06:26:50

Audit Writer’s Hub: Three Editing Tips to Keep Up the Sentence Flow Mojo

By Sarah Swanson

August 29, 2017

Good content is necessary, but ensuring that good content is written well is another experience on its own. Here, we dive into three areas that improve sentence flow: topic sentences, transitions, and filler phrases.

2017-08-24 09:00:23

Leveraging SOX Risk Assessment Practices for Better ERM

By Matt Kelly

August 24, 2017

15 years into the SOX compliance era, more boards, CEOs, and risk managers want to leverage all that investment and spring into ERM.

2017-08-24 06:30:49

Turning Front-Line Internal Auditors into Customer Service Envoys

By Karen Kroll

August 24, 2017

Leading internal audit departments are empowering their teams to handle auditees with the same care as they would treat customers.

2017-08-22 06:10:44

Are You Missing Something Critical in Your Audit Committee Chair Relationship?

By Derek Foster and Jay R. Taylor

August 22, 2017

In any relationship, there are two sides. Here's a look at the workings of the CAE and audit committee chair relationship from both perspectives.

2017-08-17 07:51:49

Ethics and the Internal Auditor

By Lynn Fountain

August 17, 2017

Internal auditors are often put in positions where they must make difficult and uncomfortable inquiries. A strong ethical environment can help.

2017-08-15 05:19:04

Audit Writer’s Hub: 6 Strategies that Streamline Audit Issue Writing

By Sarah Swanson

August 15, 2017

An audit issue with too much information – was there ever such a thing? Definitely! If you are deviating from these 6 strategies, you might have a long audit issue that says nothing at all.

2017-08-10 06:51:49

Five Reasons to Audit the Risk Management Function

By Joe Underwood

August 10, 2017

An audit of the risk management function should be among the first priorities for a chief audit executive as it may spur new ideas and prompt improvement in how risks are managed.

2017-08-08 07:00:48

Four Communication Tips to Increase Internal Auditor Effectiveness

By Tom O'Reilly

August 08, 2017

Why do some internal auditors effectively prepare workpapers and write audit reports with ease, yet stumble when it comes to most other forms of communication?

2017-07-27 07:38:00

Tell Us How We Did: More Internal Audit Departments Surveying Auditees

By Karen Kroll

July 27, 2017

Customer service oriented internal audit departments are conducting surveys after audits to improve their own processes.

2017-07-25 07:20:07

Seven Keys to a Better CAE

By Tom O'Reilly

July 25, 2017

The following seven CAE best practices may help you both better position your team to improve the performance during each of their projects and better position internal audit as a go-to resource for business leaders.

2017-07-20 07:46:13

Revalidation of In-Scope Reports for Completeness and Accuracy

By Jeffrey T. Hare

July 20, 2017

Organizations that are subject to Sarbanes-Oxley (SOX) compliance use various reports from the source systems to perform the controls defined by management.

2017-07-18 07:39:33

Don’t George Costanza Your Next Internal Audit Meeting

By Michael McShea

July 18, 2017

Internal auditors would fare well-taking inspiration from these iconic Seinfeldisms and keeping the following five ideas in mind to better structure their meetings and help them be more efficient.

2017-07-13 07:20:00

Six IT Audit Hiring Mistakes to Avoid

By Joseph McCafferty

July 13, 2017

Hiring and retaining top IT audit talent has never been harder, but hiring mistakes can only complicate the issue.

2017-07-11 07:30:10

Are You Building a Marketable Internal Audit Career? You Should Be!

By Daniel A. Clark

July 11, 2017

Chief audit executives may have a more established brand, while upwardly mobile internal auditors are likely still working to establish their brands.

2017-07-07 07:51:49

Spotting Potentially Fraudulent Shell Companies During Audits

By Leonard Vona

July 07, 2017

Boards of directors, stockholders, management teams, and professional standards all expect internal auditors to respond to the risk of fraud in core business systems.

2017-07-06 07:51:49

What Internal Auditors Must Do To Remain Relevant

By Hernan Murdock

July 06, 2017

As internal auditors, we work in complex and demanding environments where business, social, and other dynamics challenge us to meet the increasing expectations of upstream management.

2017-06-28 07:02:15

Six Ways Internal Auditors Should Use the 3LOD Model

By Tom O'Reilly

June 28, 2017

The CAE who successfully uses the 3LOD model during important conversations should experience better business relationships and have less resistance to their recommended changes.

2017-06-23 14:30:00

So, Why Are You Still Not Using Data Analytics?

By Dave Coderre

June 23, 2017

Study after study has shown that data analytics is effective and efficient at detecting risk and identifying control weaknesses, non-compliance, and inefficient business processes. So why have some internal audit departments still not embraced it?

2017-06-20 11:30:00

These Internal Auditors Aren’t Afraid to Get a Little Dirty

By Joseph McCafferty

June 20, 2017

When Woodforest National Bank wanted to test whether employees were properly destroying physical data, it hit on an idea that would require internal auditors to roll up their sleeves and get messy.

2017-06-19 17:20:00

Five Common Opportunities for Leveraging an ERM Initiative

By Joseph McCafferty

June 19, 2017

Most companies that have embarked on an enterprise risk management (ERM) initiative are still in the earliest stages or have struggled to demonstrate benefits. Here are five opportunities to enhance ERM and add value.

2017-06-13 08:20:00

Five Signs Your Compliance Department Needs an Overhaul

By Joseph McCafferty

June 13, 2017

Data reveals that compliance modernization seems to be eluding most companies due to a host of reasons, and internal audit can play an important role in identifying areas of improvement. Here are five signs the compliance function needs fixing.

2017-06-09 13:27:00

Internal Auditors Say Their Departments Lack Some Important Skills

By Joseph McCafferty

June 09, 2017

According to a recent MISTI survey, internal auditors say their internal audit seniors and managers most lack data analytic skills, understanding of IT auditing concepts, and ability to influence and persuade.

2017-06-07 15:25:00

A Day in the Life of an IT Auditor

By Joseph McCafferty

June 07, 2017

Internal auditor spotlight with Tony Redlinger of IHS Markit: We recently sat down with Tony to talk about the challenges of being an IT auditor, what's next for cybersecurity, integrated auditing, and more.

2017-06-01 06:27:00

Internal Audit Departments Struggle to Retain High Performers

By Joseph McCafferty

June 01, 2017

Internal audit leaders continue to fret about hanging on to their top talent. In a recent survey, they ranked staffing concerns, including retention, as among their greatest worries.

2017-05-26 06:27:00

What’s on the Audit Plan this Year?

By Joseph McCafferty

May 26, 2017

Cybersecurity is the most frequent area on internal audit's audit plans for 2017, and for good reason. Other IT topics and traditional audit areas are also on many audit plans.

2017-05-25 07:13:00

Six Risk Resources You May Not Be Using, But Should

By Tom O'Reilly

May 25, 2017

One telling sign of a maturing internal audit department is when the CAE proposes audit topics that are organizationally-focused around key projects and initiatives.

2017-05-23 16:27:00

Five Preventative Controls for Ransomware Attacks

By Joseph McCafferty

May 23, 2017

The high-publicity WannaCry attack has many companies reviewing their protections against ransomware and other cybersecurity attacks. Here we provide five preventative controls that IT auditors should ensure are functioning properly.

2017-05-17 10:07:00

Top Internal Audit Concerns and Priorities for 2017

By Joseph McCafferty

May 17, 2017

A podcast interview with Ed Williams, senior manager for risk advisory services at Experis Finance, on the 2017 Internal Audit Planning and Staffing Priorities Report.

2017-05-10 06:27:00

While Internal Auditors Expect Budgets to Increase, It May Still Not Be Enough

By Joseph McCafferty

May 10, 2017

After years of belt tightening and cost cutting, companies may finally be starting to increase budgets and staffing for the internal audit department.

2017-05-08 07:49:34

Six Best Practices of World Class CAEs

By Tom O'Reilly

May 08, 2017

Here are six internal audit practices that internal audit departments can use to be more effective and leave audit committees more satisfied with their performance.

2017-05-02 06:27:00

Are You Ready for the New EU Data Privacy Protections?

By Rachel Rose and Joseph McCafferty

May 02, 2017

In a little more than a year, U.S. companies that do business in Europe or have customers or employees there will need to comply with a new set of European Union data protection and privacy laws.

2017-04-25 11:00:49

Four-Part Series: Creating a Customer Service Oriented Internal Audit Department

By Karen Kroll

April 25, 2017

More internal audit departments are calling the functions, units, and subsidiaries they audit by a new name—customers—and treating them as such.

2017-04-19 21:27:00

What Internal Audit Leaders Can Do to Foster a Customer Service Approach

By Karen Kroll

April 19, 2017

Chief audit executives and directors are building teams that are out to change the perception of internal audit.

2017-04-13 21:23:24

Four Internal Audit Lessons from the United Airlines Viral Video Fiasco

By Joseph McCafferty

April 13, 2017

United Airlines is no stranger to viral videos and social media kerfuffles that cast the company in a poor light.

2017-04-10 10:30:00

Is Internal Audit Neglecting Environmental, Health, and Safety Risks?

By Joseph McCafferty

April 10, 2017

A new report from the IIA finds many companies could do more to provide assurance over EHS.

2017-04-04 10:07:00

Auditing the Online Marketing Program

By Joseph McCafferty

April 04, 2017

We recently spoke to Dan Tsang, director of internal audit of Expedia, about why companies should audit the digital marketing program and how to get started on such an audit.

2017-03-30 12:04:01

Eight Things the Board and C-Suite Want from Internal Audit

By Joseph McCafferty

March 30, 2017

Internal auditors realize they must pay closer attention to what their stakeholders—namely boards and executive management—expect of them and whether these expectations are being met.

2017-03-23 10:30:00

A Day in the Life of an Internal Audit Supervisor

By Joseph McCafferty

March 23, 2017

Internal Auditor Spotlight with Devin Potter, a Supervisor in the Risk Advisory Services business at RSM. We recently sat down with Devin to talk about the internal audit profession.

2017-03-22 10:30:00

Auditing the Use of Open Source Software Code

By Joseph McCafferty

March 22, 2017

With as much as 50 percent of some applications based on open source code, companies must ensure they are meeting compliance obligations.

2017-03-17 14:30:05

Lines Blurring Between IT Audit and InfoSec Professionals

By Shawna Flanders

March 17, 2017

Employers are looking for more certifications and a broad work experience, even as they struggle to fill these evolving positions.

2017-03-16 10:30:00

Could Trump’s Regulatory Rollback Include Changes to SOX?

By Joseph McCafferty

March 16, 2017

Less than two weeks after taking the oath of office, President Donald Trump set about fulfilling one of his more tangible and oft-repeated campaign promises: dismantling the Dodd-Frank Act.

2017-03-10 14:30:05

Competition for Candidates Driving Internal Audit Pay Higher

By Joseph McCafferty

March 10, 2017

The competition for internal audit talent remains fierce. Two new salary surveys out from recruiting and staffing companies find that salaries for internal auditors at all levels continue to grow at a brisk pace.

2017-02-27 14:52:18

Lines Blurring Between IT Audit and InfoSec Professionals, Both in High Demand

By Shawna Flanders

February 27, 2017

Employers are looking for more certifications and a broad work experience, even as they struggle to fill these evolving positions.

2017-02-22 22:04:28

A Novella Approach to Internal Audit

By Joseph McCafferty

February 22, 2017

It's safe to say that popular culture hasn't been kind to internal auditors. The few references to the profession in television, movies, and books either confuse them with accountants or portray them as disliked corporate stooges or nerdy paper-pushers.

2017-02-14 14:59:20

Striving for Clear and Precise Language in Report Writing and Business Communications

By Joseph McCafferty

February 14, 2017

We've all seen ambiguous and imprecise language in the business world, whether in standards and regulations, our own policies and requirements, or in everyday reports and memos.

2017-02-14 14:56:59

The Customer Service Oriented Internal Audit Department

By Joseph McCafferty

February 14, 2017

By now, we've probably all heard as much as we care to about the need for internal audit to move from acting as a policing function to that of a trusted business partner. Indeed, many have moved in this direction during the last several years.

2017-02-06 15:30:00

Information Security vs. Cybersecurity: Untangling Misconceptions

By Shawna Flanders

February 06, 2017

Is it historic or historical? Mass or weight? Mean or average? Coke or Pepsi? The items in these pairs are similar to each other and certainly related, but have important distinctions that make them different in how they are defined and applied (or in that last case, enjoyed).

2017-02-06 11:30:00

NIST Publishes Update to Its Cybersecurity Framework

By Joseph McCafferty

February 06, 2017

Last month, the National Institute of Standards and Technology issued a new update to its Framework for Improving Critical Infrastructure Cybersecurity.

2017-02-06 10:30:00

Study Finds Fractured Approach to Risk Management

By Joseph McCafferty

February 06, 2017

A new report from the Ponemon Institute finds that many companies lack a cohesive approach to risk management.

2017-02-01 11:30:00

Is the Backlash Against Non-GAAP Earnings Measures Receding?

By Joseph McCafferty

February 01, 2017

The battle over the use of non-GAAP measures in financial reporting has been simmering for well over a year, but now it may be starting to cool off.

2017-02-01 07:00:00

Going All-In on Internal Audit Training

By Joseph McCafferty

February 01, 2017

Despite the phrase "what happens in Vegas stays in Vegas," there are some events that take place there that you'd be happy to take with you and apply in your professional life.

2017-01-30 14:07:00

Auditing Culture: Taking the Next Steps

By Joe McCafferty

January 30, 2017

Fraud experts consider many high-profile cases of corporate wrongdoing not just to be a breakdown in the control structure of the organization, but also a failing of the company's culture.

2017-01-25 12:51:49

Are You Ready for Data Privacy Day?

By Shawna Flanders

January 25, 2017

We love our national holidays and, with a little help from Twitter, those lesser known, quirky commemoratives like national doughnut day, national left-handers day, and national roller-coaster day are making their way into our collective awareness.

2017-01-18 12:51:49

A Primer on Auditing the Internet of Things

By Shawna Flanders

January 18, 2017

As IT auditors, we've audited mainframes, servers, applications, and many other IT devices and systems for years and have become proficient in determining the reasonable effectiveness of a company's suite of controls to safeguard them.

2017-01-18 11:30:00

Audit Committees Unhappy with Risk Management Programs

By Joseph McCafferty

January 18, 2017

More than eight years removed from the start of the financial crisis that caused a full-on risk management freak-out across Corporate America, it appears risk management programs are still not up to snuff.

2017-01-18 08:00:00

Setting the Stage for SuperStrategies and AuditWorld 2017

By Joseph McCafferty

January 18, 2017

Planning for the upcoming SuperStrategies and AuditWorld 2017 conferences is in full swing with the opening of the Call for Speakers period and announcement of the dates and venue.

2017-01-11 08:00:00

Recapping the ITAC Conference 2016

By Joseph McCafferty

January 11, 2017

Several themes emerged during this year's IT Audit and Controls event, as IT auditors gathered to learn and exchange ideas on successful strategies and to gain insights on major trends.

2017-01-10 21:51:49

Four New Year’s Resolutions for Every Internal Auditor

By Tom O'Reilly

January 10, 2017

As we say goodbye to 2016 and hello to 2017, it’s a good time to reflect on last year’s successes and missteps. The New Year provides a great chance to pause and consider some self-improvement opportunities and goals for the next 12 months.

2017-01-04 11:35:00

Survey Finds Directors Lack Understanding of Cyber-Risks

By Joseph McCafferty

January 04, 2017

In a survey by the National Association of Corporate Directors, many board members admit they need to improve their knowledge of cybersecurity.

2017-01-04 10:00:00

Training Week in the City by the Bay

By Joseph McCafferty

January 04, 2017

A week-long series of internal audit courses provides internal auditors the opportunity to fill gaps in their portfolio of skills.

2017-01-03 11:30:00

Balancing the Risks and Costs of Cybersecurity

By Joseph McCafferty

January 03, 2017

The consequences of a cyber-attack—including a hit to reputation, lost customers, diminished credibility, and the cost of repairing the damage, just to name a few—are such that companies will do everything they can to defend against them.

2016-12-22 11:20:00

The Top 10 MISTI Internal Audit Articles of 2016

By Joseph McCafferty

December 22, 2016

It's been a busy year for internal audit. Below are the top 10, most read articles from MISTI's Internal Audit Insights for 2016.

2016-12-21 12:20:00

SEC Sending a Message to Beef up Whistleblower Protections

By Joseph McCafferty

December 21, 2016

In two separate actions this week, the SEC objected to language in severance agreements that encourage outgoing employees to keep quiet.

2016-12-21 11:00:00

Is It Time to Get in Shape and Take Charge?

By Joseph McCafferty

December 21, 2016

Starting in January expect the gyms to be packed as many people look to make good on their New Year's resolution to get in shape and shed those few extra pounds they may have picked up during the holidays.

2016-12-20 11:35:00

Companies Make Few Changes to Use of Non-GAAP Measures After SEC Warning

By Joseph McCafferty

December 20, 2016

A new report finds no drop in the number of companies using non-GAAP figures, but some minor adjustments in how they use them.

2016-12-19 11:30:00

Elevating Critical IT Risks to the Board and C-Suite

By Joseph McCafferty

December 19, 2016

Communicating top risks to the board and C-suite is always tricky since it's such a critical area of involvement by the highest levels of the organization.

2016-12-14 11:35:00

Who Should Evaluate the Performance of the Internal Audit Leader?

By Joseph McCafferty

December 14, 2016

North American companies lag their international peers when it comes to having the audit committee, rather than the CEO, evaluate the performance of the chief audit executive.

2016-12-14 08:30:00

Keeping Employees from Gaining Unauthorized Access to Inside Information

By Joseph McCafferty

December 14, 2016

A former IT staffer at Expedia was recently charged with trading on non-public information. Could it happen at your company?

2016-12-13 14:08:00

MISTI on Audit: Auditing 'Tone at the Top'

By Joseph McCafferty

December 13, 2016

We all know that the CEO and top senior executives shape the ethical climate for the company, but can you audit those activities?

2016-12-13 12:00:00

Need Help With Your 2017 IT Audit Planning?

By Joseph McCafferty

December 13, 2016

Live webinar will help internal auditors get a handle on where to focus IT assessment type activities for 2017.

2016-12-07 08:30:00

How Much Cyber-Risk Should We Take?

By Joseph McCafferty

December 07, 2016

Where should we be on the spectrum between unlimited spending on cybersecurity and doing nothing at all?

2016-12-07 07:30:00

Six IT Audit Hiring Mistakes Companies Make

By Joseph McCafferty

December 07, 2016

IT auditors are in high demand these days. Recruiters and competitors are looking to snatch high-quality talent with the right set of skills and background.

2016-12-06 11:30:00

Pre-Implementation Audits: Waterfall vs. Agile

By Joseph McCafferty

December 06, 2016

A conversation with Sheryl Austin, a director of information security and risk management at Johnson & Johnson on pre-implementation audits.

2016-11-30 11:35:00

Internal Audit Budgets May Finally Be Getting a Boost

By Joseph McCafferty

November 30, 2016

After years of stagnation, companies may be finally ready to put more funding behind the internal audit function, says a recent study.

2016-11-30 09:08:00

MISTI on Audit: To Whom Should the CAE Report?

By Joseph McCafferty

November 30, 2016

We examine trends in reporting lines for chief audit executives, as more report to CEOs and board directors.

2016-11-30 07:30:00

What Will the SEC Look Like Under Trump?

By Joseph McCafferty

November 30, 2016

Expect the SEC to focus more on rolling back regulation and less on enforcing securities laws under a Trump administration.

2016-11-29 09:00:00

Understanding Risk: Calibrating Your Gambler’s Mindset

By Joseph McCafferty

November 29, 2016

During the Risk Management Summit attendees will use gameplay to gain a better understanding of probability and uncertainty and how they affect risk-taking.

2016-11-23 09:07:00

Finding and Retaining Top Internal Audit Job Candidates

By Joe McCafferty

November 23, 2016

A conversation with Anne DeTraglia, director of internal audit at United Airlines, on staffing the internal audit department.

2016-11-23 07:30:00

Time for a Nepotism Check

By Joseph McCafferty

November 23, 2016

As President-Elect Trump weighs questions about nepotism in his future administration, companies need to take heed on the practice as well.

2016-11-22 09:00:00

Finding Solutions for Filling Cybersecurity Skills and Knowledge Gaps

By Joseph McCafferty

November 22, 2016

A new survey out from the Institute of Internal Auditors finds that many internal audit departments either outsource cybersecurity audits, or worse, they don't do them at all.

2016-11-16 12:30:00

Too Much Data, Coming Too Fast?

By Joseph McCafferty

November 16, 2016

Financial Executives are straining to keep up as the increasing volume and pace of data clouds their ability to provide meaningful insights to boards quickly and accurately.

2016-11-16 09:00:00

Brushing up on Internal Audit Leadership Skills

By Joseph McCafferty

November 16, 2016

Unless you are a department of one, every chief audit executive or senior internal auditor must lead others to accomplish the objectives of the internal audit department.

2016-11-11 09:08:00

MISTI on Audit: The Benefits of Integrated Internal Auditing

By Joseph McCafferty

November 11, 2016

In the latest edition of our video series "MISTI on Audit," Joel F. Kramer, vice president of audit curriculum at MIS Training Institute, talks about the benefits of integrated auditing.

2016-11-09 11:30:00

Who’s the Boss? Chief Audit Executive Reporting Lines Still Blurred

By Joseph McCafferty

November 09, 2016

To whom should the chief audit executive report? That question has perplexed companies for decades. Once an underling of the finance or legal departments, many companies have made the CAE a direct report to the CEO.

2016-11-09 09:00:00

Tech Talks: Keynote Addresses for ITAC to Focus on Emerging Technology and Risks

By Joseph McCafferty

November 09, 2016

IT audit experts from such companies as Dropbox, Juniper Networks, Lockheed Martin, and others to address audit conference.

2016-11-04 11:30:00

How Silos Can Cause Risk-Management Headaches

By Joseph McCafferty

November 04, 2016

We recently caught up with Michael Gallagher, managing director at CBIZ Risk & Advisory Services, to talk about how risk silos can crop up at companies, the dangers they present, and how organizations can dismantle them and manage risk in a more holistic way.

2016-11-03 11:30:00

Focusing IT Audit on Machine Learning Algorithms

By Andrew T. Clark

November 03, 2016

Machine learning algorithms are becoming more commonplace, but what are the risks they could err? Sounds like a job for IT audit.

2016-11-02 08:00:00

SuperStrategies 2016 Recap and Learnings

By Joseph McCafferty

November 02, 2016

Several themes emerged during this year's SuperStrategies 2016 event, which was held in September in Las Vegas, as internal audit executives gathered to learn and exchange ideas on successful strategies and to gain insights.

2016-11-01 11:30:00

How Much Cybersecurity Is Enough?

By Marius Bosman

November 01, 2016

Most companies struggle with how much is enough when it comes to protecting the company's vital data and information.

2016-10-28 09:08:00

MISTI on Audit: Internal Audit’s Role in Detecting and Preventing Fraud

By Joseph McCafferty

October 28, 2016

In the latest edition of our video series "MISTI on Audit," Joel F. Kramer, vice president of audit curriculum at MIS Training Institute, talks about internal audit's role in detecting and preventing fraud.

2016-10-26 11:30:00

Do Millennials Really Require a Different Management Style?

By Joseph McCafferty

October 26, 2016

Newsflash: Millennials don't stay in their jobs very long. They lack loyalty and focus. And they need oodles and oodles of positive reinforcement.

2016-10-26 09:00:00

Training Week Heads to Orlando

By Joseph McCafferty

October 26, 2016

A week-long series of internal audit courses provides internal auditors the opportunity to fill gaps in their portfolio of skills.

2016-10-24 11:30:00

A Revolution in Risk Management

By Norman Marks

October 24, 2016

The management of risk, whether you call it enterprise risk management, strategic risk management, or something else, is about helping an organization achieve its objectives.

2016-10-21 11:30:00

What the Next Generation of Internal Auditors Will Bring to the Profession

By Joseph McCafferty

October 21, 2016

The internal audit profession is hot right now, as companies are generally looking to hire additional auditors and are willing to pay more for talented individuals.

2016-10-19 09:00:00

Are Pesky, Annoying Risks Getting You Down?

By Joseph McCafferty

October 19, 2016

Some risk managers may feel like they are in the failure portion of a late-night TV infomercial these days. Perhaps they even hear that deep TV announcer voice in their heads: "Is your organization drowning in risks that are becoming harder and harder to quantify?

2016-10-18 11:30:00

Implementing a Risk-Based IT Audit Planning Methodology

By Fred Roth

October 18, 2016

From preventing failures in regulatory compliance to helping avoid devastating harm to the reputation of the organization from headline-making security breaches, IT auditors have an obligation and value-adding opportunities to assess enterprise vulnerabilities.

2016-10-17 11:30:00

How Data Analytics Can Detect Fraud and Transform Internal Audit

By Joseph McCafferty

October 17, 2016

Among the most powerful tools these days to detect and deter fraud is data analytics. While some internal audit departments struggle to use sophisticated analytics tools and continuous monitoring, those that do have a leg up on rooting out fraud and finding it in unlikely places.

2016-10-14 11:30:00

FCPA Enforcement Shifts into High Gear

By Karen Kroll

October 14, 2016

As it nears its fortieth birthday, the Foreign Corrupt Practices Act (FCPA) remains a focus of both the Securities and Exchange Commission and the U.S. Department of Justice.

2016-10-12 11:30:00

Continuous Risk Assessment, Emerging Risks Top Priorities

By Joseph McCafferty

October 12, 2016

As internal auditors begin the process of planning audits for 2017, they are also looking to refine that planning process, which, of course, depends a great deal on risk assessment. With an intense focus on adding value, risk assessment and audit planning are as important as ever.

2016-10-11 14:30:00

Where Bribery and Corruption Still Reign

By Joseph McCafferty

October 11, 2016

Despite vigorous efforts by regulators in the United States and Europe to punish bribery, it still plagues many parts of the world.

2016-10-07 14:30:00

Bridging Internal Audit’s Talent Gap

By Joseph McCafferty

October 07, 2016

Not only are salaries rising for internal auditors, making it more expensive to hire good applicants, but the array of skills needed for today's internal audit departments are incredibly varied.

2016-10-05 12:00:00

Training Week Heads to the Big Apple

By Joseph McCafferty

October 05, 2016

A week-long series of internal audit courses provides New York-area internal auditors the opportunity to fill gaps in their portfolio of skills.

2016-10-04 16:00:00

Four Big Challenges Facing Internal Audit

By Joseph McCafferty

October 04, 2016

FedEx Chief Audit Executive Robert King on what internal audit departments need to do to rise to the occasion.

2016-10-03 16:30:00

How Technology Is Changing the Internal Audit Function

By Joseph McCafferty

October 03, 2016

Whether it's data analytics; governance, risk, and compliance solutions; or planning and collaboration software packages, most internal audit departments are looking to improve their use of technology as they strive to do more with less.

2016-09-30 11:08:00

As FCPA Cases Mount, Justice Department Offers a Path to a Reprieve

By Thomas Fox

September 30, 2016

The Department of Justice’s Pilot Program awards credit and even a pass to companies that go the extra mile after finding evidence of corruption.

2016-09-28 10:00:00

Internal Audit Executives Fret Over Talent Gap

By Joseph McCafferty

September 28, 2016

Difficulties finding job candidates with the right mix of skills among the top challenges for internal audit.

2016-09-28 09:08:00

MISTI on Audit: Top Attributes of a World-Class Internal Audit Department

By Joseph McCafferty

September 28, 2016

A look at some of the habits and characteristics that can take an audit department from good to great.

2016-09-28 08:00:00

SEC Dings Weatherford $140 Million for Accounting Fraud Charge

By Joseph McCafferty

September 28, 2016

Two former company accounting executives also agree to settle charges, including fines and suspensions.

2016-09-26 12:00:00

Upping Your Fraud Detection Game

By Joseph McCafferty

September 26, 2016

With news of several frauds at U.S. companies making headlines, some internal auditors are looking to increase their fraud-finding skills.

2016-09-21 12:00:00

Time for More Reporting on Cybersecurity Efforts

By Joseph McCafferty

September 21, 2016

There's a lot going around these days: viruses, malware, Trojans, ransomware, you name it. And if you're not careful, you could catch a nasty case of any of these inflictions.

2016-09-21 10:08:00

MISTI on Audit: Why the Traditional Internal Audit Staffing Model Is Becoming Archaic

By Joseph McCafferty

September 21, 2016

It's no secret that internal audit departments are doing a wider variety of audits that increasingly take them outside the financial reporting sphere. They are also changing the way they staff the department to keep up with that trend.

2016-09-20 09:07:00

Unpacking the Wells Fargo Phony Accounts Debacle

By Joe McCafferty

September 20, 2016

As the fallout from the Wells Fargo fraud case continues, several questions still linger. Chief among them is if CEO John Stumpf will continue to hang on to his job.

2016-09-16 16:00:00

Some Internal Audit Departments Don’t Bother with Professional Standards

By Joseph McCafferty

September 16, 2016

Among the most important functions of internal audit's leading professional organization, the Institute of Internal Auditors, is to act as keeper and caretaker of the occupation's code of conduct, the International Standards for the Professional Practice of Internal Auditing.

2016-09-14 12:00:00

Bridging Internal Audit’s Gender Gap

By Joseph McCafferty

September 14, 2016

The road to equality for women in the internal audit profession has been a bumpy one. It's led to some higher plateaus, sure, but it also has left plenty of hills still to climb.

2016-09-14 11:00:00

FASB Proposes Changes to Hedge Accounting

By Joseph McCafferty

September 14, 2016

The Financial Accounting Standards Board has issued a new proposal that it says would make "targeted improvements" to the accounting guidance for hedging activities.

2016-09-13 17:00:00

Audit Once, Use Many: The Benefits of a HITRUST Certification

By Joseph McCafferty

September 13, 2016

As you may have heard, healthcare organizations have been under attack during the last three-plus years by various types of malicious hackers. The biggest of those attacks came against a healthcare payer organization which had over 100 million of its healthcare records exposed to a hostile government entity.

2016-09-12 16:00:00

With Wells Fargo, It’s Déjà Vu All Over Again

By Joseph McCafferty

September 12, 2016

It's often said that the regulatory response to a large financial scandal or series of frauds will be swift and sweeping and that it will do absolutely nothing to stop the next series of frauds or scandals.

2016-09-07 11:50:00

Internal Audit Pay Expected to Rise in 2017

By Joseph McCafferty

September 07, 2016

Salaries of internal audit and IT audit professionals are expected to increase by an average of 3.9 percent in 2017, according to the latest annual salary guide from staffing firm Robert Half.

2016-09-07 09:07:00

How Internal Audit Can Be a Force for Good

By Joseph McCafferty

September 07, 2016

It's not often that you hear about auditors and accountants in the same breath as aid workers, healthcare providers, or charity workers. Indeed, you won't find internal audit on Forbes' list of the 25 Most Meaningful Professions.

2016-09-06 10:00:00

Conducting Audits of Marketing and Media Programs

By Angela Saferite

September 06, 2016

Cash rebates, free media inventory rebates, markups from 30 to 90 percent, dual rate cards, and non-transparent business practices are all things that can keep senior audit managers and audit committee members of the board awake at night.

2016-08-31 11:50:00

Add 'Courage' to the List of Needed Internal Auditor Traits

By Joseph McCafferty

August 31, 2016

For the last few years we've been hearing about the skills and traits needed for good internal auditors. The lists generally include things like communication skills, critical thinking, IT savvy, and business acumen. Add one more to the list: "courage."

2016-08-31 10:00:00

Leveraging Diversity of Thought in Internal Audit

By Stefanie Diaz Thibeaul

August 31, 2016

It's hard to justify recruiting great talent, investing in training, and passing on company knowledge, only to find that those recruits eventually leave for competitors because they didn't feel engaged.

2016-08-30 11:50:00

SEC Pays $22 Million to Whistleblower Who Uncovered ‘Well-Hidden’ Fraud

By Joseph McCafferty

August 30, 2016

The Securities and Exchange Commission has awarded more than $22 million to a whistleblower this week, putting the agency over $100 million in total whistleblower bounties awarded since the program was established in February 2011 under the Dodd-Frank Act.

2016-08-24 11:50:00

What Constitutes a Good Risk Culture?

By Joseph McCafferty

August 24, 2016

Everyone knows that culture is set at the highest levels of the organization. We may all be tired of hearing about "tone at the top," but it's never been more important. Apart from influencing the culture of the organization as a whole, executives—especially the CEO—have a big role to play in setting the risk culture.

2016-08-24 10:08:00

Kramer on Audit: Doing More with Less

By Joseph McCafferty

August 24, 2016

In this first installment of our new series, "MISTI on Audit," Joel F. Kramer, vice president of internal audit curriculum at MIS Training Institute, offers some advice for leaders of small audit departments on how to get the most out of a small team and a small budget.

2016-08-20 12:30:00

Making Culture into a Hard Science Tied to Risk Management

By Joseph McCafferty

August 20, 2016

You can have an army of risk managers and all the sophisticated risk-management models and tools you like, but if there is something wrong with the culture of the organization and what we all now call the “tone at the top,” they won’t work.

2016-08-17 13:00:00

The Importance of Board Support to the Success of Internal Audit

By Jami Harris Shine

August 17, 2016

The role of internal audit in organizations is rapidly expanding as auditors move from being rule enforcers and compliance police to trusted advisors.

2016-08-16 16:08:00

Anti-Whistleblower Severance Agreement Lands Insurer in Hot Water

By Joseph McCafferty

August 16, 2016

Companies might want to review their severance agreements and other employment contracts in light of a recent Securities and Exchange Commission ruling. The SEC is taking issue with language that discourages employees or former employees from raising concerns about wrongdoing to its whistleblower office.

2016-08-10 15:08:00

Data Analytics Still in Early Stages

By Joseph McCafferty

August 10, 2016

Data analytics is supposed to be the great savior of the internal audit function. It has been heralded as the set of tools that will give organizations new insights into risk management, fraud, and corruption.

2016-08-10 12:08:00

Positioning Internal Audit for the Future: A Global Perspective

By Joseph McCafferty

August 10, 2016

One of the big themes of the Audit, Risk and Governance Africa conference held by MIS Training Institute in Accra, Ghana last week was how to position internal audit for the future and how to ensure that the function continues to add value in the organization and remain relevant.

2016-08-10 11:08:00

What’s Next for Accounting Rulemaking?

By Joseph McCafferty

August 10, 2016

The top U.S. accounting rule maker is looking for more input on what projects it should tackle over the next few years as it moves into the post-convergence era of accounting rulemaking.

2016-08-03 12:15:00

Big Challenges for Public Auditors in Africa

By Joseph McCafferty

August 03, 2016

It's not easy to be an internal auditor at a public entity in Africa. "It takes a lot of bravery," said Graham Joscelyne, chair of the audit and ethics committee at the Global Fund to Fight Aids.

2016-08-03 09:20:00

Add Internal Audit to Your List of Followers

By Karen Kroll

August 03, 2016

Social media sites are becoming a bigger part of most companies' plans to connect with customers and other stakeholders. Now internal audit departments are taking a closer look at those risks and the controls companies are instituting to manage them.

2016-08-02 06:00:00

Fraud Prevention Insights for Auditors

By H. David Kotz, Managing Director, Berkeley Research Group, LLC

August 02, 2016

In December 2007, I was appointed as the Inpsector General of the Securities and Exchange Commission and served in that capacity until January 2012. An IG is an internal watchdog for a governmental body with its primary purpose being to identity and reduce waste, fraud, and abuse in the agency. IGs supervise both internal audit and investigative units.

2016-07-29 01:15:00

SEC Hits South American Airline With Bribery Charges

By Joseph McCafferty

July 29, 2016

The Securities and Exchange Commission has charged South American-based LAN Airlines with making illegal payments to attempt to settle a labor dispute, in violation of the Foreign Corrupt Practices Act.

2016-07-27 01:20:00

Audit Leaders Uneasy About the Future of Internal Audit

By Joseph McCafferty

July 27, 2016

What keeps internal audit executives up at night? Plenty, according to a recent survey of chief audit executives conducted by Deloitte.

2016-07-27 01:15:00

FASB Wants Better Disclosure of Business Income Tax Information

By Joseph McCafferty

July 27, 2016

The Financial Accounting Standards Board issued a proposed Accounting Standards Update that is intended to enhance disclosure requirements on business income taxes.

2016-07-26 11:07:00

Auditing the Incident Response Plan

By Joseph McCafferty

July 26, 2016

No organization is 100 percent safe from hacks, cybercrime, or boneheaded employee actions that can expose the company to data breaches. Most companies have shifted from a purely prevention mindset to one of a risk-based approach to cybersecurity with a robust incident response plan.

2016-07-23 12:00:00

Auditing Corporate Culture: A New Imperative

By Jose Tabuena

July 23, 2016

The emerging flavor of the month in regulatory circles is the “culture of compliance” with recognition that corporate culture has a profound influence on how an organization conducts its business.

2016-07-22 11:20:00

Help Wanted: Internal Audit Talent Gap Widening

By Karen Kroll

July 22, 2016

For the last few years internal audit executives have fretted over finding the right people to staff a department that is taking on several new roles. Now, it appears those concerns are only deepening. Among the top problems internal audit shops face is finding good people to hire.

2016-07-20 11:20:00

Should Internal Audit Have a Bigger Cybersecurity Role?

By Joseph McCafferty

July 20, 2016

There isn't a company out there, big or small, that doesn't have some concerns about cybersecurity. Some have called it the biggest problem of our time for companies.

2016-07-19 11:20:00

The Factors That Contribute to Internal Audit ‘Maturity’

By Joseph McCafferty

July 19, 2016

A new research report from The Institute of Internal Auditors Research Foundation finds a wide variety of factors influence the maturity levels of internal audit functions around the world.

2016-07-18 14:20:00

Six Steps the Audit Committee Can Take to Empower Internal Audit

By Joseph McCafferty

July 18, 2016

As audit committees work to strengthen how companies approach risk management, corporate reporting, cybersecurity, and other key areas, they are relying on internal audit to provide more value, greater oversight, and better communication about issues of concern.

2016-07-15 14:20:00

Corporate Reporting in Emerging Markets Failing the Transparency Test

By Joseph McCafferty

July 15, 2016

A new report finds that the majority of large, multinational companies based in emerging markets, including China and Brazil, are falling down on their responsibility to provide transparent corporate reporting.

2016-07-13 14:20:00

Pace of Internal Audit Change to Accelerate

By Joseph McCafferty

July 13, 2016

If you thought that the upheaval in the internal audit profession and the rapid pace of change that has recast the internal audit function at many companies is starting to settle down, think again. A new report from Big Four audit firm EY finds that the transformation of internal audit is really just beginning.

2016-07-13 12:30:00

A Changing of the Guard at the SEC’s Whistleblower Office

By Joseph McCafferty

July 13, 2016

The first chief of the Securities and Exchange Commission's whistleblower office, Sean McKessy, announced that he is stepping down later this month. Depending on his successor, the office could become more aggressive in spurring whistleblowers to come forward.

2016-07-12 12:30:00

Navigating the Complex Data Privacy and Security Regulatory Terrain

By Joseph McCafferty

July 12, 2016

A patchwork of laws in the United States and abroad is making it difficult for companies to manage and transmit data across borders.

2016-07-06 12:30:00

Tools to Help Identity Governance Are Becoming More Vital

By Joseph McCafferty

July 06, 2016

What if access to our online bank accounts was managed the same way we manage access to information systems at work? Would we know who can get into our accounts? Who could see how much we have in what accounts? Who could take money out?

2016-07-06 11:07:00

How Internal Audit and Compliance Are Converging

By Joseph McCafferty

July 06, 2016

In this podcast, Joseph McCafferty, head of audit content at MIS Training Institute, talks with Michael Volkov, CEO of law firm The Volkov Law Group and author of the Corruption, Crime, & Compliance blog, about the convergence of internal audit and compliance.

2016-06-29 12:30:00

Five Lessons from Madoff that Should Still Resonate

By Joseph McCafferty

June 29, 2016

Corporate frauds are cyclical, meaning that they tend to come in waves, particularly when the markets perform poorly or a recession hits. (That is, when the scandals themselves aren't the actual cause of the recession as we saw in the financial crisis of 2008.)

2016-06-22 12:30:00

How Internal Auditors Can Provide More Value to the Organization

By Joseph McCafferty

June 22, 2016

MISTI’s Joseph McCafferty sat down with Analog Devices' Tom O’Reilly at Audit World 2016 in Boston to discuss the latest trends impacting internal auditors.

2016-06-21 12:00:00

Taking a ‘Healthy Living’ Approach to Cybersecurity

By Matt Kelly

June 21, 2016

Cybersecurity is unlike any other business risk because it isn't a risk at all. It's simply a new manifestation of all the business risks you already have.

2016-06-07 12:30:00

Companies Woefully Unprepared for New Lease Accounting Standards

By Joseph McCafferty

June 07, 2016

Just 10 percent of companies are prepared to adopt the new Financial Accounting Standards Board (FASB) lease accounting standards, according to a recent report by audit firm Deloitte. And it's not that many companies are just procrastinating.

2016-06-01 12:30:00

Audit Committees Expanding Audit Oversight Role

By Joseph McCafferty

June 01, 2016

U.S. regulators have expanded the role of the audit committee in recent years to oversee the hiring and performance of the external auditor in the hopes of improving audit quality.

2016-05-25 13:30:00

Auditors, Beware the Ebbing Tide

By Joseph McCafferty

May 25, 2016

Warren Buffet, the king of folksy, one-liner investment aphorisms, has one for the problems that a bear market can cause: "It's only when the tide goes out that you can see who has been swimming without their trunks on."

2016-05-25 12:30:00

SEC Issues Guidance on Non-GAAP Reporting

By Joseph McCafferty

May 25, 2016

The fury over the increasing use of non-GAAP accounting measures when companies report earnings is building, and now the Securities and Exchange Commission is weighing in with some guidance on practices that are and aren’t acceptable.

2016-05-18 12:00:00

What We Worry About When We Worry About GRC

By Matt Kelly

May 18, 2016

Risk assurance executives—whether they work in compliance, internal audit, risk management, IT security, or any other related function—ultimately worry about three things as they do their jobs.

2016-05-17 12:30:00

Corruption’s Toll on Companies Takes Many Forms

By Joseph McCafferty

May 17, 2016

Companies are paying a huge price for worldwide corruption and bribery, even if they are adopting practices to fight against it. That's because the cost of corruption takes many forms, including loss of business to less scrupulous companies, and regulatory requirements.

2016-05-11 12:30:00

Is the Non-GAAP Reporting Freak Out Justified?

By Joseph McCafferty

May 11, 2016

There is a growing backlash against the use of measures that don't meet Generally Accepted Accounting Principles (GAAP) when reporting earnings results, and its quickly becoming a frenzy.

2016-05-10 12:30:00

SEC Approves Plan to Identify Engagement Partners

By Joseph McCafferty

May 10, 2016

The Securities and Exchange Commission has approved a plan by the Public Company Accounting Oversight Board to require audit firms to disclose the names of audit engagement partners and to provide more information about other firms that participate in audits.

2016-05-05 08:00:00

What Makes an IT Audit Shop World Class?

By Fred Roth

May 05, 2016

As the use of information technology continues to proliferate so do the associated risks organizations face.

2016-05-04 12:30:00

Wanted: Eloquent Auditors Who Can Think on Their Feet

By Joseph McCafferty

May 04, 2016

A new survey is out about the skills that audit leaders are looking to add to their departments and you may be surprised at what tops the list. Cybersecurity chops? Nope, that ranked twelfth. Financial acumen? Tenth.

2016-04-26 12:30:00

SEC Pushes Along on Disclosure Reform

By Joseph McCafferty

April 26, 2016

Earlier this month the Securities and Exchange Commission took the next step in its year’s-long campaign to reform the vast dump of information we collectively call financial disclosure.

2016-04-20 13:00:00

Ending the Risk Assurance Turf Wars

By Matt Kelly

April 20, 2016

Office politics and turf wars are a fact of corporate life. They are also among the most dangerous forces an organization can face, because they pit employees against each other and lead individuals to put their own or their departments' interests ahead of the business as a whole.

2016-04-20 12:30:00

Class-Action Lawsuits Based on Accounting Woes Rising

By Joseph McCafferty

April 20, 2016

While Valeant Pharmaceuticals continues to battle allegations of bookkeeping misdeeds, it's not the only company dealing with accounting problems.

2016-04-13 12:30:00

The Enforcement Discussion Doesn’t Have to Be a One-Sided Conversation

By Joseph McCafferty

April 13, 2016

During the past several years that I have covered corporate compliance, auditing, accounting, and other functions that intersect with government regulation the executives and company representatives I've talked to have always chosen their words very carefully.

2016-04-06 12:30:00

In Search of a New Data Security Model

By Joseph McCafferty

April 06, 2016

Most information security experts aren't afraid to state bluntly: "We're losing the battle for information security." But then again, we already knew that. Near-daily headlines about the latest cyber-theft or data breach have made that pretty clear to most people.

2016-04-06 12:00:00

Five Steps to Planning an Effective IT Audit Program

By Joseph McCafferty

April 06, 2016

A new report from global IT association ISACA identifies five steps organizations should take to create an effective audit program and reap the benefits of a successful information systems audit.

2016-03-29 11:07:00

What Audit Committees Really Want from Internal Audit

By Joseph McCafferty

March 29, 2016

In this podcast, Joseph McCafferty, head of audit content at the MIS Training Institute, talks with Blythe McGarvie, an author, speaker and director on several corporate boards. She is also chair of the audit committee at Viacom.

2016-03-23 11:00:00

Audit Regulator Continues Push for Better Accounting

By Joseph McCafferty

March 23, 2016

Last week the Securities and Exchange Commission approved a $258 million budget for the Public Company Accounting Oversight Board. The PCAOB acts as a check on accounting firms that conduct audits of public companies.

2016-03-16 14:00:00

Corruption Risks Expected to Increase

By Joseph McCafferty

March 16, 2016

Bad news for internal auditors, compliance executives, and risk managers who were hoping that bribery and corruption risks would start to subside after being on high alert for the last few years: they are actually increasing.

2016-03-16 12:00:00

Internal Auditors Assuming More Strategic Roles

By Joseph McCafferty

March 16, 2016

Internal auditors are making progress at carving out a more strategic role for themselves and are gaining influence with management and the board at their organizations, according to a new report out earlier this month.

2016-03-09 15:00:00

Small Internal Audit Shops Struggle With Quality Reviews

By Joseph McCafferty

March 09, 2016

No one doubts the value of conducting a Quality Assurance Review (QAR) to gauge how well the internal audit program is meeting its goals.

2016-03-09 13:00:00

Four Common Contributors to Vendor-Management Risk

By Joseph McCafferty

March 09, 2016

As Donald Trump is quickly finding out, when you outsource business processes you incur risk. And these days there are few companies, if any, that don’t outsource at least some parts of their business.

2016-03-02 14:00:00

Cybersecurity Becoming a Regular Part of Audit Plan

By Joseph McCafferty

March 02, 2016

A new survey by consulting firm Protiviti finds that more companies are evaluating cyber-security risks as part of their annual audit plans.

2016-03-02 13:30:00

Dusting Off Those Continuous Auditing Plans

By Joseph McCafferty

March 02, 2016

Back in 1980, a popular accounting magazine asked: "Are we ready for continuous auditing?" That publication is no longer in circulation, but decades later, this question remains relevant.

2016-03-02 12:00:00

Protecting the Independence and Objectivity of CAEs

By Joseph McCafferty

March 02, 2016

IIA's proposed standards changes urge internal audit leaders and boards to further safeguard objectivity.

2016-03-01 16:00:00

What Audit Committees Want

By Joseph McCafferty

March 01, 2016

Chief audit executives know the feeling of having to serve many masters. They have several constituencies they must answer to or advise—including management, business lines, regulators, and shareholders—all while retaining their independence to provide clear and objective views.

2016-02-18 08:00:00

Hallmarks of a World-Class IT Audit Shop

By Fred Roth

February 18, 2016

As the use of information technology continues to proliferate so do the associated risks organizations face.

2016-02-17 17:00:00

Survey Suggests Internal Audit Slow to Address Emerging Risks

By Joseph McCafferty

February 17, 2016

A new survey from the Institute of Internal Auditors (IIA) suggests that internal audit departments are not changing fast enough to address emerging risks that lie outside the traditional purview of internal audit.

2016-02-16 17:07:00

Expense Reporting Still a Common Place to Hide Bribery

By Joseph McCafferty

February 16, 2016

This week the Securities and Exchange Commission settled a case with Mass.-based technology company PTC Inc. and its Chinese subsidiaries that could create new imperatives for internal audit practices and assurance of anti-bribery programs.

2016-02-11 16:07:00

High-Speed Growth Shouldn't Mean High Risk

By Joseph McCafferty

February 11, 2016

The San Francisco-based company, which provides online tools to help small businesses manage their human resources and employee benefits functions, forced out its founder and CEO, Parker Conrad.

2016-02-05 11:07:00

Integrating IT into the Internal Audit Process

By Fred Roth

February 05, 2016

Internal audit leaders looking for a way to improve staff skills and increase audit efficiencies would do well to consider integrated auditing, an approach that can help them on both counts.

2016-02-04 16:07:00

Changing Standards for a Changing Profession

By Joseph McCafferty

February 04, 2016

Earlier this week the IIA proposed changes to its International Standards for the Professional Practice of Internal Auditing, which guide effective and acceptable professional practices and behaviors.

2016-02-03 16:07:00

When Controls Do More Harm Than Good

By Joseph McCafferty

February 03, 2016

In this podcast, Joseph McCafferty, head of audit content at the MIS Training Institute, talks with Brian Barnier, a principal at ValueBridge Advisors and an OCEG fellow, about the role of controls in audit and risk management and their limitations.

2016-01-29 12:02:00

Internal Audit to Lean More on Outside Providers

By Joseph McCafferty

January 29, 2016

A new study from the Institute of Internal Auditors finds that 56 percent of the North American executives surveyed said their companies use third parties for some internal audit activity.

2016-01-29 11:02:00

Don’t Lose Sight of the Basics

By Joseph McCafferty

January 29, 2016

Think financial executives are most worried about cyber-security risks or the mounting new regulations they must navigate? Think again.

2016-01-28 14:14:00

Don't Mute the Messenger

By Joseph McCafferty

January 28, 2016

The buzz for the last few years now is that social media represents a unique risk that companies must manage, lest they leave their corporate reputations hanging out there for others to tweet all over them.

2016-01-22 11:07:00

Can You Audit Corporate Culture?

By Joseph McCafferty

January 22, 2016

Jose Tabuena, a former internal auditor and compliance executive at various companies including Orion Health and Texas Health Resources, discusses the role of internal audit in influencing and shaping corporate culture.

2016-01-22 10:14:00

Introducing the Good-Guy Stock Index

By Joseph McCafferty

January 22, 2016

A group of global investors is hoping that convincing companies to adopt good governance standards—and avoid making decisions that provide a quick pop but don’t support long-term goals—can be a lucrative proposition.

2016-01-21 09:14:00

The Hallmarks of a Good (External) Audit

By Joseph McCafferty

January 21, 2016

How can we tell if the external auditors are doing a good job? Often we can’t. Lots of companies have had large accounting and fraud issues blow up shortly after the external auditors issued a clean audit opinion.

2016-01-20 15:14:00

The Whole World is Watching. Are You?

By Joseph McCafferty

January 20, 2016

Last Friday, the Securities and Exchange Commission’s whistleblower office announced an important first: It revealed the only award to date for aiding in the prosecution of securities fraud paid to an individual who had never worked at the company in question.

2016-01-15 11:14:00

Beyond the Usual Suspects

By Joseph McCafferty

January 15, 2016

Having trouble finding talented individuals to fill internal audit roles? Maybe you’re looking in the wrong places.

2016-01-13 03:28:00

Buyers Beware: Supply Chain Risks Intensifying

By Joseph McCafferty

January 13, 2016

It’s every company’s worst nightmare: A call comes into corporate communications from a reporter from 60 Minutes looking for a comment for a damaging piece they are airing in few weeks.

2016-01-12 11:12:00

Safety in Numbers: How Data Analytics Can Enable Internal Audit’s Ambitious Agenda

By Joseph McCafferty

January 12, 2016

It’s no secret that internal audit is being pulled in several different directions these days and that the demands on the function are greater than they have ever been.

2016-01-11 14:53:00

Dispelling the Myth of the Introverted Internal Auditor

By Joseph McCafferty

January 11, 2016

You’ve heard the jokes, I’m sure: “How do you tell an extroverted accountant? He’s the one that looks at your shoes when he’s talking to you.”