Publications

January 2, 2012
Performance/Risk Integration Management Model: PRIM2 - Maximizing the Value of Competitive Intelligence
When it comes to performance management and risk management, a fundamental question we ask is, “How do companies know what they need to know before it is common knowledge?” The answer lies in maximizing value from a well-defined and focused function within their organization that is charged with the responsibility to monitor what really matters – the competitive intelligence function. In this paper, we continue to focus on the governance layer of our PRIM2 framework by exploring the impact that insightful intelligence about market changes can have on an organization’s competitiveness.
CONTENT AREA: Articles
TOPICS: Corporate Governance, Audit Committee & Board, Enterprise Risk Management, Strategic Risk, Ethics

January 2, 2012
The Need for Leadership in Audit
In today's competitive business climate, in which pressure to hit the numbers drives organizational behavior and priorities, auditors at every level need to display leadership skills within their organization, not just within the audit department, if they are to produce valued results and bring about the desired change within their organization's internal control system and environment.
CONTENT AREA: Articles
TOPICS: Human Resources, Audit Committee & Board, Internal Audit Administration, Training & Development

December 19, 2011
An Overview of the Public Company Readiness Effort
This section of the "Guide to Public Company Readiness – Frequently Asked Questions" focuses on the public company readiness effort. Topics covered include: What are the most common mistakes made or oversights committed during a public company readiness effort? What are the largest risks a company faces if it conducts an incomplete or ineffective preparation process? And, what are the primary elements of PCR related to organizational infrastructure that need to be addressed?
CONTENT AREA: Questions & Answers
TOPICS: Financial Reporting, IT Infrastructure, External Auditor, Change Management, Initial Public Offering

December 19, 2011
Evaluating Cloud Servers and Solutions
One of the value propositions of public cloud services for many people or organizations is the low advertised cost compared to using traditional in-house capabilities. As part of evaluating a cloud service, understand what the advertised fee includes, along with the terms of service.
CONTENT AREA: Articles
TOPICS: Cloud Computing, Information Technology Risk, Physical Security, Privacy, Cost Management

December 19, 2011
Internal Audit Performance Measures
This poll question asks: "Please indicate which of these measures you consider of primary importance for your internal audit organization."
CONTENT AREA: Polls
TOPICS: European Union, Italy, Consumer Products & Retail Industry, Manufacturing & Distribution Industry

December 19, 2011
Luxottica Group – on the road to ERM
Luxottica Group is a global leader in the design, manufacture and distribution of premium eyewear, selling such well-known brands as Ray-Ban®, Oakley®, Persol and more through wholesale and retail channels. In this profile, Luca Fadda, Vice President of Internal Audit at Luxottica, talks about the importance of improving the risk management process, enhancing governance of the process and ensuring management was more embedded in the daily activities of the senior staff. This involved identifying a chief risk and compliance officer to build the risk management and compliance function.
CONTENT AREA: Performer Profiles
TOPICS: Consumer Products & Retail Industry, Enterprise Risk Management, European Union, Italy, Manufacturing & Distribution Industry

December 19, 2011
More Dodd-Frank Compensation Rules Coming in 2012
The SEC says it is gearing up to work on new compensation rules early in 2012, including several new disclosure requirements that are part of the Dodd-Frank Act. The new rules include disclosure of the ratio of CEO pay to employees and the relationship between executive compensation and performance, new clawback provisions and rules on hedging against executive and director company stockholdings.
CONTENT AREA: Articles
TOPICS: Audit Committee & Board, Financial Services Industry, Compliance, Dodd-Frank Act

December 19, 2011
SOX and SOCs: Their Continued Inter-Play – Part 3
By now your company is likely in the Sarbanes-Oxley Section 404 mode. As internal auditors you are once again pondering what to do with what used to be SAS 70 reports, realizing that this year the issues are more complex. This article addresses the question: What are my organization’s responsibilities to review the sufficiency of SOC reports received, as related to the internal Sarbanes-Oxley program or required by my external auditors?
CONTENT AREA: Articles
TOPICS: IT Audit, Sarbanes-Oxley Act, IT Controls, Outsourcing/Co-sourcing/Shared Services, SAS 70

December 19, 2011
“eRM” at Hyatt
In this era of ever-expanding risks for the hospitality industry, Hyatt’s internal audit function has found success by focusing on its most significant risk areas. In this podcast, Jim Werner, Vice President of Internal Audit at Hyatt, discusses his organization's successful efforts to leverage ERM in these efforts.
CONTENT AREA: Podcasts
TOPICS: Enterprise Risk Management, Hospitality/Gaming Industry, Internal Audit

December 12, 2011
‘eRM’ at Hyatt
Hyatt is a global hospitality company, headquartered in Chicago. In this profile, Jim Werner, Vice President of Internal Audit at Hyatt, discusses forming the Risk Council. The purpose of this group is to bring together all assessment efforts needed to develop a robust internal audit plan. The Risk Council formulates eRM itself and drives the process.
CONTENT AREA: Performer Profiles
TOPICS: Enterprise Risk Management, Strategic Risk, Hospitality/Gaming Industry, Internal Audit