According to the IIA Audit Executive Center's Fall 2012 Pulse of the Profession Study , the CAE's identified their top risk coverage priorities for 2013 as follows:
24% Operational
14% Compliance
13% General Financial
12% SOX Compliance
12% IT
5% Risk Management Effectiveness
4% Fraud
4% Strategic Business Risk
12% Other
How do your priorities compare to the above ?
Would you feel comfortable spending 14% of your resources on compliance and only 5% on risk management effectiveness and 4% on strategic business risks?Is compliance risk really that important ?
Are internal auditors still spending significant time on SOX compliance ?
Please share your thoughts .
24% Operational
14% Compliance
13% General Financial
12% SOX Compliance
12% IT
5% Risk Management Effectiveness
4% Fraud
4% Strategic Business Risk
12% Other
How do your priorities compare to the above ?
Would you feel comfortable spending 14% of your resources on compliance and only 5% on risk management effectiveness and 4% on strategic business risks?Is compliance risk really that important ?
Are internal auditors still spending significant time on SOX compliance ?
Please share your thoughts .
.png)
While SOX and compliance are important, I disagree with this prognosis. It is exposure to risk that determines the necessity and depth of compliance and controls required.Besides, a competitive 'glocal' business world makes good and deployable strategies imperative. Hence Overall risk management and primarily strategic risk management must get the top 2 ranks followed by Fraud deterrence and then compliance and IT.
ReplyDelete