Summary: Senior executives should encourage their Internal Audit function to provide a three-dimensional perspective of risk that includes control ratings, inherent risk and management preparedness.
When Gerry Dixon, Ernst & Young’s Global Risk Leader, visited one of his clients recently, he heard a familiar complaint. The CFO knew that his Internal Audit function was doing a good job overall, but it needed to place the information it was giving to members of the C-suite and the Audit Committee in a better context.
“The internal controls information Internal Audit was providing wasn't enough for the CFO to truly gauge the health of the organization,” he said. “He needed to know more than whether a control was passing or failing. He needed to understand how big a risk a failing control was, whether management knew about it and what they’re doing to fix it.”
See full Article.
Posts
