Summary of the new Coso corporate governance guidlines

 The Committee of Sponsoring Organizations of the Treadway Commission (COSO), in collaboration with PwC, presents a set of 12 guiding principles designed to strengthen board oversight and governance practices across public, private, and not‑for‑profit entities worldwide. The publication emphasizes that governance is not a checklist but a framework for reflection, dialogue, and alignment with an entity’s mission, values, and long‑term strategy.

Purpose of the Publication:
*Provide a common reference point for boards where governance expectations are fragmented.
*Support effective oversight by clarifying roles, accountability, and information flows.
*Complement, not replace, existing laws, regulations, and governance standards.
*Offer illustrative practices for boards and management to adapt to their context.

COSO’s View on Governance: Corporate governance is defined as the structures and processes by which boards steer entities toward strategy execution and long‑term value creation, while ensuring ethical conduct and compliance with legal/regulatory frameworks.


How to Use:
Boards and governance professionals can use the principles to:
*Frame boardroom discussions and committee work.
*Guide assessments, refreshment, and director education.
*Align oversight with strategy, risk appetite, and culture.
*Strengthen stakeholder trust through transparency and accountability.

Guiding Principles (At a Glance):

1. Board Governance Structure: Clear roles, delegations, and oversight alignment.
2. Board Accountability: Fiduciary duties, disclosures, and stakeholder confidence.
3. Board Composition & Leadership :
Skills, independence, succession planning.
4. Board Effectiveness:
Continuous evaluation and adaptation.
5. Purpose, Mission & Values: Alignment with culture and decision‑making.Culture & Tone at the Top.
6. Ethical expectations modeled by leadership.Strategy & Performance 7. Independent perspective, monitoring execution.
8. Technology & Data: Oversight of digital practices and resilience.
9. Stakeholder Engagement: Balanced communication and trust building.
10. Executive Leadership & Succession :
CEO appointment, pipeline, resilience.
11. Executive Performance & Compensation:
Evaluation, incentives, accountability.
12. Risk Management & Internal Control:
Oversight of risk, assurance, and resilience.


Key Takeaway:
Effective governance is dynamic, integrated, and principle‑driven. Boards must continuously adapt structures, accountability mechanisms, and oversight practices to sustain trust, resilience, and long‑term value creation.

Link to full report:Corporate Governance - GuidingPrinciples | COSO

Note: this summary was geneate by AI

Internal Audit Month

 

Fraud Awareness Begins at Home

Fraud is not just a corporate or financial issue; it’s a human one. Every scam, phishing attempt, or deceptive scheme ultimately targets individuals and families. That’s why fraud awareness must start at home.

• Early Education: Teaching children and family members about online safety, suspicious messages, and too-good-to-be-true offers builds lifelong resilience.

• Shared Vigilance: Discussing fraud cases openly at home helps normalize caution. When one person spots a red flag, the whole household learns.

• Digital Habits: Simple practices, such as verifying links, protecting passwords, and questioning unusual requests, are as vital at home as in the workplace.

• Empowerment: Awareness transforms fear into strength. Families who understand fraud tactics are less likely to fall victim and more likely to protect others.

Fraud prevention is not just about compliance or corporate training; it’s about safeguarding trust, dignity, and security in our daily lives. When awareness begins at home, it extends naturally into our communities and organizations.

Is SOC audits a substitute for third‑party risk assessments?

Could SOC audits serve as a practical substitute for third‑party risk management practices, particularly in smaller organizations? We posed the question to AI, and here’s what it had to say:

SOC audits are not a substitute for third‑party risk assessments.

They are a piece of the puzzle, not the whole picture.

A SOC report provides independent assurance that a vendor’s controls have been tested. It’s a valuable trust signal, but it doesn’t tell the full story.

Third‑party risk assessment goes further:

• 🌐 Evaluates financial stability, compliance posture, and resilience

• 🔍 Considers governance, subcontractors, and reputational exposure

• 📊 Provides a holistic view across people, processes, and technology

👉 Best practice: Use SOC reports within your risk assessment program, not instead of it. True resilience requires layered assurance.

What’s your perspective?

Internal Auditors' 2026 Horoscope

 I have asked AI (Copilot) to create a humorous 2026 horoscope for Internal Auditors. Here are the results:

• January: You’ll resolve to “close findings faster.” Stars say… you’ll just open new ones.

• February: Love is in the air, but so are overdue audit reports. Cupid prefers compliance.

• March: Spring cleaning? More like “control testing.” Dust off that risk matrix.

• April: Beware of April Fools—especially in expense claims. Fraud hides in jokes.

• May: Flowers bloom, and so do audit issues. Document them before they wilt.

• June: Mid‑year reviews reveal… you’re still waiting for management responses.

• July: Independence Day (US) inspires you: you’ll declare independence from Excel macros.

• August: Hot weather, hotter findings. Your audit committee wants ice‑cold assurance.

• September: Back-to-school vibes: you’ll lecture managers on segregation of duties.

• October: Spooky season. Ghost entries haunt the ledger. Boo! Material weakness!

• November: Gratitude month. Be thankful for strong controls… and coffee.

• December: Year‑end close. Stars say: Your gift is 'one more follow‑up.

Is there still a role for thought leaders in the age of AI?

 With AI tools at our fingertips, anyone can now create and publish content on virtually any topic, often with the polish and authority of a seasoned thought leader.

This evolution led us to ask a deeper question: Is thought leadership still relevant in the age of AI? Here is what AI thinks:

Thought leaders remain essential in the age of AI, precisely because they help bridge the gap between technological capability and human insight. Their role is evolving, not disappearing.

Why Thought Leaders Still Matter:
In an AI-driven world, thought leadership is no longer just about expertise; it's about vision, ethics, and strategic foresight. Here’s how their role is being redefined:
1. Navigating Complexity
AI is transforming industries, but many organizations feel unprepared to scale it responsibly.
Thought leaders help interpret the implications of AI, not just what it can do, but what it should do.
2. Human-Centered Strategy
According to Berkeley Executive Education, AI is reshaping the fabric of society. Thought leaders are needed to guide ethical, inclusive, and human-centric adoption.
They ask the hard questions: How do we preserve trust, creativity, and accountability in automated systems?
3. Cross-Domain Integration
Forbes notes that AI thought leadership involves connecting technology, ethics, and creativity.
This means thought leaders must be fluent across disciplines, from data science to governance to public policy.
4. Empowering Others
In the workplace, leaders must now cultivate AI fluency while preserving critical thinking and interpersonal skills.
Thought leaders shape how future professionals engage with AI, not as a shortcut, but as a tool for deeper understanding.
5. Driving Responsible Innovation
AI-first leadership requires reimagining collaboration between humans and machines.

Thought leaders play a key role in ensuring that innovation aligns with long-term societal and organizational goals.

The New Mandate for Thought Leaders:
Rather than being displaced by AI, thought leaders are being called to:
*Curate meaningful dialogue across sectors and cultures.
*Champion ethical frameworks for AI governance.
*Translate complexity into clarity for boards, teams, and the public.

Culture as a Hidden Variable in Internal Audit Quality

 

In the world of internal audit, we often speak of independence, objectivity, and adherence to global standards. But beneath these pillars lies a subtle force that shapes how audit functions operate across borders: national culture.

I believe that transformation begins not just with frameworks, but with cultural fluency. Here’s why:

Culture Isn’t Just Context—It’s Infrastructure

Audit quality is not solely determined by technical rigor or regulatory compliance. It’s also shaped by how leadership is perceived, how risk is tolerated, and how truth is told. These are cultural variables.

• In high power distance cultures, auditors may hesitate to challenge senior executives, even when findings warrant escalation.

• In collectivist societies, preserving harmony may take precedence over whistleblowing or direct confrontation.

• In low uncertainty avoidance cultures, audit planning may be more fluid, with less emphasis on exhaustive documentation.

These aren’t flaws, they’re realities. And they must be acknowledged if internal audit is to evolve meaningfully.

The Strategic Role of Cultural Intelligence

For boards and audit committees operating across geographies, cultural intelligence is no longer optional. It’s a strategic imperative.

• Risk assessments must be calibrated to local norms of transparency and disclosure.

• Audit methodologies should flex to accommodate regional expectations around evidence, formality, and communication.

• Tone at the top must be modeled in culturally resonant ways; what inspires trust in Tokyo may not translate in São Paulo.

 From Compliance to Credibility

Audit transformation isn’t just about automation or analytics. It’s about credibility. And credibility is earned when auditors understand the cultural terrain they’re navigating.

At AdapGility Consulting, we help organizations move beyond checkbox compliance to build audit functions that are globally aware, locally effective, and strategically aligned.