Trust ,but don't be naive !

Today, I have attended IIA's Ottawa training session which focused on Asset Protection and Security( AP & S). Two mantras stuck on my head by the time we were done :

The first is:" AP & S is largely based on trust!"
The second:" Being compliant does not mean being secure "

While I agree with the second, I have trouble with the first!

The examples of trust provided during the session made me more skeptical ( i.e I trust you because A trusts you and I trust A )!

 Trust is good, but it is not enough and certainly does not provide security.

Trust, but verify!
Trust.but monitor!
Trust, but don't be naive!

 In God we trust, others will be audited!

What do you think?

Complimentary high level review of IA Departments !

Does industry specialization limit internal auditors' careers?

Industry specialization is a good thing! This is at least what employers and hiring managers are telling us because it improves audit quality! Not everyone agrees with this, a recent study by the University of Miami published in June 2013 concluded that there is no evidence to support such a claim!

But, is specialization good for internal auditors? Does it limit our career path to certain industries because the perception is, as an example, if you are a bank auditor you can't effectively audit a manufacturing company?

The golden rule is that " you can't audit what you don't understand "! The question here is: does "understanding the operations " of an organization means that you need to be an industry expert? I am personally not sure if this is the case! Understanding the business is the key to a successful audit and this understanding nowadays can be achieved in a relatively short period of time for a willing auditor!

These are my thoughts, please share your thoughts and experience.

The Head of Internal Audit !!!!

 

 

Source : Careers In Audit website .