Small business takeaways. Risk management is more than buying insurance, as I am sure everyone is now aware. Auditors, whether internal or external, need to increase their role in assisting business with the missing and the required — as well as the why.
Excerpt: As stakeholders inside companies seek more cross-functional coordination on risk, internal audit also has to improve its communications to executive management and other departments. The E&Y survey found that 46% of respondents perform only annual updates or no updates at all to their risk-related audit plans. That can leave a company unprepared for events that arise throughout the year, like new product launches or retirements, new market entry, and litigation.
While audit plans used to be “set in stone,” the trend now is to take periodic “fresh looks” at them, says Schwartz. “Risk profiles change as companies make acquisitions or move into emerging markets,” he points out.
Read full article ernst & young risk management internal audit erm brian schwartz. via CFO.com