If you're an internal auditor and are in the midst of creating a quarterly summary right now, we have people here who have created and delivered plenty of quarterly summaries to audit committees. Here are some of the ideas they shared that you should follow.
Latest Content From MISTI
In this recent video shot at MISTI’s ITAC Conference, INARMA's Jason Claycomb gives his take on the state of auditing social media in the enterprise, and what steps internal auditors can take to monitor the risks associated with the technology.
In this feature article, we catch up with one subject matter expert that discusses the qualities that world-class audit teams possess. Perhaps all these qualities are alive and spinning on your team right now. Or maybe the following will touch upon qualities worth recommitting to on your audit team.
Surveys can benefit internal audit when it comes to reviewing intangible topics such as corporate culture, entity-level controls, and an ethical environment. In this feature article, we highlight the critical stages of conducting and designing effective surveys.
Response plans vary somewhat. But here we'll focus on giving you the best insight on how the internal audit function can provide support for the business's incident response plan. Here's a look at some proven tips that can help you get started.
In this video interview with Glenn Sumners, Director of LSU's Center for Internal Auditing, he discusses what attracts his students to the internal audit program at LSU, what you can expect from the next crop of internal auditors, and how you can help them adjust to the internal audit department of today.
Most auditors learn about IT but don’t come from IT backgrounds. Whereas auditing financial accounting is pretty straightforward, both IT and finance auditors tend to struggle in this brave new world of auditing cybersecurity.
Picking up where we left off in part one of this two-part series, here we discuss strategies to determine if findings really need RCA and tips for discussing RCA with the audit client.
If done well and communicated properly, reporting the root cause can be the glue your report needs to tie findings to the overall health of the company and create significant change for the business. This article provides some strategies to use in writing and communicating root cause in audit findings.
We hear copious amounts said that “Data is an asset”, “It's got to be managed”, “Few people in the business understand us”, and so on. This article is not trying to cast any doubt on the importance of data as an asset, but rather raise the level of debate from a subliminal nod to a conscious examination of the characteristics of different "assets" and to compare them with the “Data asset".
Drawing flowcharts can be time-consuming, but internal auditors can gain a wealth of information during and after preparing them. By following these suggestions the benefits will far exceed the costs.
In this interview featuring Bob Hirth, Chairman at COSO, he sheds light on the recent updates made to the COSO ERM framework, discusses what those changes mean for internal auditors, and advises on how to best leverage the framework.
Given the talents and skills that auditors possess (analyzing data, spotting trends, forming conclusions), auditors are in a perfect position in a company to be part of data analytic innovation. This article proposes a plan to fill in the gaps and implement data analytics in the business.
Within a communications group, chances are that someone is performing a level of auditing of weekly or monthly online analytics already. But it doesn’t hurt to talk to these people and fill in any gaps you discover. How effective is your social media presence and how do you audit it? This article should get you started on auditing social media within a larger audit.
Historically, the Internal Audit profession has not been a leader on the topics of diversity and inclusion. Internal Audit Insights recently caught up with Adam Rutan of Cardinal Health who shared his audit team's experience of how they redefined diversity and improved their audit function along the way.
Technology continues to flood organizations and IT auditors are facing increasing challenges. The Center for Internet Security's Critical Security Controls are intended to help the cause. In this exclusive video interview with Internal Audit Insights, subject matter experts define the controls and discuss their benefits for IT auditors.
Data reveals that compliance modernization seems to be eluding most companies due to a host of reasons, and internal audit can play an important role in identifying areas of improvement. Here are five signs the compliance function needs fixing.
In this exclusive video interview with Internal Audit Insights, MISTI's Dr. Murdock offers up key steps that internal auditors should take to remain relevant and continue to add value to the business.
Change is hard no matter what. We’re more apt to change when we’ve made the rules. When we’re forced to change – like being subjected to an audit – that’s a large horse pill to swallow. But there are things that auditors can do to make that horse pill go down smoother.
Just because a company has a robust risk management system in place doesn't guarantee that it will actually manage risk well. An ineffective manager will mismanage risks, no matter how strong the risk management system is.