Risk and Control: Ideas for a better tomorrow
A contrarian view on Risk and Control to make tinkle curiosity leading to creative and critical thinking.
I was reading an article in Risk Management Magzine “An Increased Remote Workforce Calls for Increased Cybersecurity Protection”. Though article was offering right advice the approach was not proper. Let me explain. It states “..employees can help protect company confidentiality by: connecting to a corporate network through a VPN (virtual private network); using strong, unique passwords […]
Continue Reading
Recently a Chief Audit Executive had asked me about what are the Internal Audit Standards (IPPF) which are applicable for fraud. Since it was coming from a person whom I respect, I decided to do research before a response can be given. Here is my commentary. 1210 – Proficiency Internal auditors must possess the knowledge, […]
Continue Reading
Tips for organisation want to implementing a whistle blower system
Continue Reading
IIA has revised standards on internal auditing. The revised standards become effective from January 2017. One of the new year resolution of Internal auditor should be to update their internal audit practices and procedures, including internal audit charter to reflect the changes done in in the IPPF. See here 1130.A3 – The internal audit activity may […]
Continue Reading
IIA Inc has revised standards on internal auditing. The revised standards become effective from January 2017. One of the new year resolution of Internal auditor should be to update their internal audit practices and procedures, including internal audit charter to reflect the changes done in in the IPPF. Revised IPPF can be downloaded from IIA. One […]
Continue Reading
Recently I participated in a Conference on Internal Audit. One of the recurrent theme across session was “Culture”. How culture of an organisation impacts Internal audit and how an internal auditor can make impacts on the organisation culture to have a right culture. This is my point of view on some of the questions raised. […]
Continue Reading
Companies are required to create internal control framework to ensure that things are working. Company while creating internal control framework want to have number of control as less as possible to ensure that they don’t get red flagged in reviews. Auditors are required to certify that internal controls are working. Auditors while reviewing controls want to have […]
Continue Reading
Note: This is an extract from another article to focus on eCommerce Companies. Indian companies act 2013 has mandated that CEO and CFO to certify that “internal financial Controls are adequate and operating effectively”. This is also required to be confirmed by external auditors. In my opinion this is what companies / auditors should do: […]
Continue Reading
Background: I got the opportunity to attend a meeting organised by ISACA and ICAI. The meeting was for launching “Guidance note on Corporate Governance, ERM and Assurance for COBIT 5”. Indian companies act 2013 has mandated that CEO and CFO to certify that “internal financial Controls are adequate and operating effectively”. This is also required to be confirmed […]
Continue Reading
As part of Risk Management, organisation are becoming more forceful to have the Right of Audit Clause incorporated into their agreements with Customers, vendors, partners. Why it is important for organization to have the clause incorporated? A. Organization wants vendor to ensure that: No harm is being done to environment while providing goods and services […]
Continue Reading