Can Internal Auditors Do More?
SOX, Basel etc. are laws designed to prevent shareholder fraud. These are very good steps taken in the right direction. However, is this enough to prevent shareholder fraud?
I do not believe that shareholder fraud can be prevented till these laws are enforced. Not just enforced but enforced with vigor - put a few of these scum bags in jail so the rest of them know better.
Unfortunately, the Enron debacle that put the spotlight on this crime also showed us the weakness in our system to prevent it. "Kenny boy" did not spend a night in jail thanks to his political connections. He did not get to enjoy his ill-begotten millions either - for now, that will suffice as the best the shareholders could have gotten under the circumstances.
As CIO, you have responsibility to prevent shareholder fraud. Indeed, you may be in the unique position to actually know where the internal controls are weak and causing the problem. Now comes the tough part - what do you do with this knowledge?
While you think through that dilemma, here is one way to solve it - empower the internal auditors with information they need to be more effective. In the wake of SOX, many companies have established independent audit committees and given teeth to the internal audit process. Perhaps, this process might save you the trouble of taking on your boss!
Read the article>>
| This presentation discusses data analytics in the context of internal audit - what is data analytics? how to create sustainable data analytics? what are some advanced data analytics techniques such as visualization? what are the principles of data a...
| This presentation discusses sustainability and green information technology - what is green IT? what is the green IT roadmap? - and the role of the IT auditor in ensuring returns from green it initiatives.
| This presentation provides a definition and discusses the key objectives, structure, challenges, barriers and auditing of Information Technology Governance.
| This is a set of guides to audit various parts of an IT Operation - from management, to systems, and infrastructure. Excellent resource for the CIO to test their IT Shop, identify risks, and devise mitigation strategies. (250 pages)
| This presentation discusses concepts, best practices, business case, and implementation guidelines for continuous auditing. It presents a case study to depict the practical application of these concepts.
| This presentation provides a primer on virtualization, discusses things to know about virtualization from an IT audit perspective - "What IS virtualization? What are the issues? What is a reasonable, “AUDIT-READY” secure Reference Architecture?"
| What is the role of an internal auditor in IT Governance? This presentation addresses this question with case studies and examples.
| This presentation discusses change management - definition, significance, types - change management controls, the impact of weak change management controls and best practices in change management along the software development life cycle (SDLC).
| This excellent presentation provides an overview of information technology audit - for the non-auditor. It starts with the basics - what is an IT audit? - then goes on to establish a baseline of key terms and concepts, automated controls, difference ...
| This case study details the internal audit and IT audit strategy for Novelis - the world's largest manufacturer of rolled aluminum products.
Posted on 05/22/2009 by