Skip to main navigation

Internal Audit: a 3-D look at risk - Ernst & Young - Global

He needed to know more than whether a control was passing or failing. He needed to understand how big a risk a failing control was, whether management knew about it and what they’re doing to fix it.

Summary: Senior executives should encourage their Internal Audit function to provide a three-dimensional perspective of risk that includes control ratings, inherent risk and management preparedness.

When Gerry Dixon, Ernst & Young’s Global Risk Leader, visited one of his clients recently, he heard a familiar complaint. The CFO knew that his Internal Audit function was doing a good job overall, but it needed to place the information it was giving to members of the C-suite and the Audit Committee in a better context.

“The internal controls information Internal Audit was providing wasn't enough for the CFO to truly gauge the health of the organization,” he said. “He needed to know more than whether a control was passing or failing. He needed to understand how big a risk a failing control was, whether management knew about it and what they’re doing to fix it.”

Our new series, 5: insights for executives, explores five questions regarding Internal Audit:

  1. Why the push for internal control ratings?
  2. What does a three-dimensional control ratings approach consist of?
  3. Why consider a three-dimensional control ratings approach?
  4. What needs to happen to make it work?
  5. What's the bottom line?

























Inside

Answers to your questions, at a glance

5: insights for executives series asks five questions to get to the core of an issue – and answers them at a glance.

Related content

  • Internal audit case study: is cosourcing the right move?
    Four leaders of fictional XYZ Technology Group consider cosourcing as part of their Internal Audit strategy. Read about the issues they face along the way.
  • Unlocking the value of internal audit
    Learn why Internal Audit should be involved in all strategic decision-making to grow or improve your organization.

Download

Contacts

Back to top