Actualiteit

Internal control is an important cornerstone for banks’ long-term sound governance. It should be tailored to the business model, risks and organisational structure. As risks are more and more complex, there are several functions involved in the implementation and the evaluation of an internal control system. However, it is important to stress the distinctive contribution of internal audit functions. Indeed, as the third line of defence, reporting to senior management and the board, internal audit gives an overall assurance on internal control effectiveness including an independent review of risk and control functions as well as insights on efficiency.

Managing the Impact of Models Short of a crystal ball, there is no fool-proof way to predict outcomes in the financial services industry. However, models provide a powerful tool to empower organizations to make important decisions using information from a variety of sources. The IIA’s Practice Guide: Auditing Model Risk Management helps ensure that these models are working as effectively as possible for an organization. This practice guide* provides an overview of key areas related to model risk management including business significance, regulatory requirements and expectations, and model components. It is designed to help chief audit executives and their audit teams understand their roles in assessing model risk management and empower them to implement an audit plan coverage approach and program tailored to the size, scale, and risks facing their organization. *Under Review: This practice guide contains some outdated material and references. It remains available while a review is underway.  This is for members only. To access it and other valuable resources, become a member today.

Over the course of just a few years, cybersecurity has grown into one of the most significant risk management challenges facing virtually every type of organization. Is the internal audit function keeping pace with this rapidly changing area of risk? This report examines this question and, based on a survey of internal audit and cybersecurity professionals, offers some observations on how internal audit departments are adapting in order to address cybersecurity risks. A decade ago, the internal audit function evolved and adapted to the increasingly important role that information technology (IT) was playing in all aspects of business operations. Today, internal audit faces the need to adapt once again to address the critical risks associated with cybersecurity. Recognizing this need, the Internal Audit Foundation and Crowe Horwath, in collaboration with The Institute of Internal Auditors’ (IIA’s) Audit Executive Center, conducted a limited survey of IIA members in order to understand how internal audit has begun to adapt to this new risk landscape. This report offers a summary of key findings from that research and provides insights into some current internal audit and cybersecurity policies and practices. In addition, the report’s authors draw on industry experience and observation based on their working relationships with internal audit functions across a broad range of industries.

Special Three-part Series: Artificial Intelligence, Internal Audit’s Role, and Introducing a New Framework This special three-part edition of Global Perspectives and Insights explores internal audit’s role in Artificial Intelligence by discussing associated risks and opportunities. The paper also introduces an AI Auditing Framework comprised of six components, all set within the context of an organization’s AI strategy. Avaiable in multiple languages.  You can find part 1 here. You can find part 2 here.  This is for members only. To access it and other valuable resources, become a member today.

Moral courage bridges the gap between making judgments and acting on them. According to the philosopher Aristotle, courage is the golden mean between cowardice and recklessness, and where that golden mean lies, depends on the specific circumstances. How do you determine that golden mean? How can you act courageously? What does acting courageously look like? And what can help you to do it? In this report we will look for answers to these questions. Our research for this report is based on insights gained in the field of philosophy and from the practice of internal auditors. In addition, we studied literature in the field of internal auditing, including the aforementioned studies conducted by the IIA Research Foundation. We also conducted empirical research in collaboration with IIA Netherlands. As part of our preparations for the IIA Netherlands Conference in June 2017, we also conducted a survey among the members of IIA Netherlands. In this report we present the findings of our research.