As the use of information technology continues to proliferate so do the associated risks organizations face. This article addresses the topic of what, specifically, constitutes a world-class IT audit department. It incorporates feedback from a recent MIS Training Institute IT Audit Management Summit attended by IT audit management and information security management professionals from about 60 organizations in multiple industries across the globe.

Click here to learn more!

Earlier this week, high-flying business software startup Zenefits got its wings clipped.

The San Francisco-based company, which provides online tools to help small businesses manage their human resources and employee benefits functions, forced out its founder and CEO, Parker Conrad. Conrad’s transgression? He neglected to put the proper internal processes, controls, and compliance practices in place. Find out more...

How can we tell if the external auditors are doing a good job? Often we can’t. Lots of companies have had large accounting and fraud issues blow up shortly after the external auditors issued a clean audit opinion.


The security field needs more practitioners. The insanity that is our “always-connected” world necessitates more resources to manage, monitor, and maintain personal and enterprise data – from email accounts to mobile phones to chock-full-of-tech refrigerators. 

Find out more

This week the Securities and Exchange Commission settled a case with Mass.-based technology company PTC Inc. and its Chinese subsidiaries that could create new imperatives for internal audit practices and assurance of anti-bribery programs.

PTC agreed to pay more than $28 million to settle parallel civil and criminal actions involving violations of the Foreign Corrupt Practices Act (FCPA).


Increasingly, companies are looking to third parties to provide internal audit services. A new study from the Institute of Internal Auditors finds that 56 percent of the North American executives surveyed said their companies use third parties for some internal audit activity. That number is expected to climb, especially among large companies. 


Can you be sure that your suppliers are on the up and up? Sounds like a job for internal audit.

It’s every company’s worst nightmare: A call comes in to corporate communications from a reporter from 60 Minutes looking for a comment for a damaging piece they are airing in few weeks.


Chief audit executives know the feeling of having to serve many masters. They have several constituencies they must answer to or advise—including management, business lines, regulators, and shareholders—all while retaining their independence to provide clear and objective views.

Read more

Fast-moving changes in technology have added to the potential risks companies face. It is not always easy for senior management to wrap its arms around information technology risks confronting their organization. However, internal audit departments can help shed light on the issue through risk-based IT audit planning. Read More...

The buzz for the last few years now is that social media represents a unique risk that companies must manage, lest they leave their corporate reputations hanging out there for others to tweet all over them.


When The Institute of Internal Auditors proposed changes to its professional practice standards last month, it included new guidance for chief audit executives on measures they should take to safeguard their independence and objectivity when the job takes them outside the realm of traditional audit...


In this podcast, Joseph McCafferty, head of audit content at the MIS Training Institute, talks with Thomas Fox, an attorney who specializes in the Foreign Corrupt Practices Act and who edits the FCPA Compliance and Ethics blog. According to Fox, the role of internal audit in anti-bribery and anti-corruption programs is changing from one of detecting bribery to also working to prevent such activity from happening. Listen to the Podcast

In this podcast, Joseph McCafferty, head of audit content at the MIS Training Institute, talks with Brian Barnier, a principal at ValueBridge Advisors and an OCEG fellow, about the role of controls in audit and risk management and their limitations. According to Barnier, although controls are the centerpiece of many audit, compliance, governance, and risk-management programs, they are often ineffective.

Listen to the Podcast


Event Search

MIS|TI Tweets

Please choose your region

Select a Region
United States
United Kingdom/Ireland
Middle East

By continuing to use you will be agreeing to the website Terms and Conditions, the Privacy Policy, and the Use of cookies while using the website.