Risk Management: Changing the Internal Auditor's Paradigm

With technology and globalization creating opportunity and peril in the blink of an eye, risk has replaced the old blue-chip standard of control as the means by which organizations navigate the new information economy. That's the assertion of this in-depth study on risk management past, present, and future. Examining the entire business process through the lens of risk, authors Selim and McNamee depict risk-based auditing as a crossroads for the profession. "Focusing on controls over transactions buried the internal auditor in details of the past, limiting the value of any information derived," they write. "By focusing on risks to present and future transactions, the auditor is working at a level above details and dealing with the obstacles for organizational success." The research report looks at the various impacts risk management has had on the profession and some of the strategies now in use, such as macro- and micro-risk assessment and scenario planning for fraud and deception, employee theft, burglary, and unlawful duplication. The report also examines the future impact of risk management on the structure of internal auditing as it links with managerial and strategic elements in achieving goals. If you (and key managers within your organization) are seeking to better understand risk management and the role internal auditors play in it, make a place for this important report in your resource library.