Review of the Internal Audit Ambition Model


Norman Marks, CRMA, CPA, was a CAE and Chief Risk Officer at major global corporations for more than 20 years.

He reviews the Dutch Internal Audit Ambition Model on the website of Internal Auditor Magazine:

  • I like the fact that they mention continuous risk assessment (and presumably continuous updating of the audit plan).
  • However, I dislike the reference to annual and, especially, multi-year plans.
  • I also have reservations about their focus on the bureaucratic aspect of internal auditing: not so much the charter as the formalization of audit procedures. We need to empower people to take innovative approaches in this dynamic environment.
  • I am nervous about the idea of providing an opinion on "the overall adequacy of governance, risk management, and control". I prefer to provide an opinion whether there is reasonable assurance that the more significant risks will be managed as desired. The sources of those risks may lie in failures in internal control or in governance processes. But providing an opinion on the overall adequacy of governance is one step too far. It is not our job to assess the performance of the board. We have to be careful in our language as we assess governance processes where the risk to corporate objectives may be high.


Terug naar het nieuwsoverzicht

IIA Nederland

Burgemeester Stramanweg 105F
1101 AA Amsterdam
Contact opnemen

Audit Magazine

Audit Magazine


IIA is dé toonaangevende beroepsorganisatie voor internal auditors. Een lidmaatschap laat u delen in de collectieve kennis van alle vakgenoten in de wereld.
Meer informatie