Accounting Controls: A Hollywood Tale

accounting controls

Sometimes the importance of internal accounting controls can be a little hard for compliance professionals to grasp, but fear not! A crazy tale from Hollywood this week gives us a great example of why internal controls matter and what can go wrong when they’re not working properly. The tale comes from Tom Hollander, the fairly…

Read More

SOX Costs Drop; Struggles Don’t

sox compliance

Sarbanes-Oxley compliance costs fell for many companies last year, according to an analysis released this week — although time spent on SOX compliance work actually rose, suggesting that many companies are struggling to implement automation technologies even as demands from their audit firms keep rising.  In other words, as usual, SOX compliance is a bit…

Read More

Another Example of AI’s Issues

AI risk

If you’ve been following news about artificial intelligence lately, then by now you may already have seen this: an Asian-American computer scientist at MIT, who uploaded a picture of herself into an AI tool and asked it to make her look “more professional.” The software turned the woman white. The computer scientist in question, Rona…

Read More

A Closer Look at SOC Audits

auditors

Anyone involved in cybersecurity or privacy compliance knows that one handy tool to assess your vendor risks is a SOC audit. Now, at long last, we have a report that explores an important question: Just what do all those SOC audit reports actually examine, anyway? The report comes from CBiz MHM, a mid-sized accounting and…

Read More

NY DFS Strikes Again on Cyber Fails

SolarWinds

New York state regulators are at it again, serving up yet another enforcement action over poor cybersecurity practices that can serve as a quick case-study for the rest of us trying to figure out a sustainable way forward on cyber compliance issues.  The company in question this time is OneMain Financial Group, a publicly traded…

Read More

IIA Unveils Proposed New Standards

auditors

Calling all internal audit enthusiasts: the Institute of Internal Auditors has released a draft of proposed new standards for the profession and is calling for public comment on the material. So if internal auditing is your career or you deal with internal auditors in some other capacity, put on your thinking cap and download a…

Read More

‘Duty of Oversight’ and Internal Audit

auditors

Today I want to return to the Delaware Chancery Court and its decision that corporate officers have a “duty of oversight,” this time looking at the implications for internal audit executives. You in the audit crowd have both good news and bad news here. The good news is that this ruling turns up the heat…

Read More

Why Internal Auditors Are Annoyed

internal auditors

Today I want to circle back to that proposal from the Public Company Accounting Oversight Board about third-party confirmations in financial audits, a seemingly reasonable idea that in practice has alienated legions of internal auditors. We should take a few minutes to understand why that is. For those who missed our first post on this…

Read More

Confirmations Contretemps in Audit World!

confirmations

The internal auditing world is in an uproar this week over a proposed new auditing standard from the Public Company Accounting Oversight Board — one that throws some notable shade at the internal audit profession, and prompted the Institute of Internal Auditors to declare that it is “deeply concerned” about the idea. The proposed standard…

Read More

Getting a Better Grip on IT Controls

icfr

Today I want to circle back to last week’s collapse of cryptocurrency exchange FTX. One allegation is that FTX’s now-former CEO, Sam Bankman-Fried, engineered a “back door” into the company’s financial systems so that he could execute transactions without review. My question: would an audit of internal controls over financial reporting catch something like that? …

Read More