21095The Audit Report
- Mar 28
Click here to view this message in a browser window.How to Make Sure Every Audit Focuses on What Matters Most
An audit is a complex undertaking that requires internal auditors to examine documents, speak with employees, observe business practices, and evaluate controls in business programs and processes. Given these dynamics, is there a document that organizes what needs to be understood and provides a clear roadmap for effective testing? Yes, there is. It's called the Risk and Control Matrix (RCM), and if you aren't taking the time to assemble one, you should.A Day in the Life of an Internal Audit Supervisor
Devin Potter is a Supervisor in the Risk Advisory Services business at RSM, where he has worked since 2014. We recently sat down with Devin to talk about the internal audit profession. During this Q&A, Devin weighs in on the typical day of an internal audit supervisor, some myths about internal audit, and where the profession is heading in the next five-to-ten years.Auditing the Use of Open Source Software Code
If your organization is developing applications, it's likely that some of the code is borrowed from open source software that can be found freely on the Internet. While such code makes developing applications much easier, its use can come with legal hoops to jump through and security vulnerabilities that, if left unmanaged, could pose significant risks to the organization. Conducting an audit of the use of open source software code can help companies get a handle on this emerging risk area.This year’s data revealed that organizations with advanced approaches to third party risk management noted a significant difference in their program’s outcomes –
including accurately scoring third party risk, compliance with laws and regulations, monitoring all third parties and documented processes and controls.Those with automated due diligence systems report even better results, despite major challenges such as increasing legal impacts and lack of resources. Download this whitepaper to get the benchmark data to measure your own third party risk management program’s effectiveness.
- << Previous post in topic Next post in topic >>