ESGInternal Audit ExecutivesRisk Management
June 2, 2022

Internal Auditors Shine a Brighter Light on Climate Data Sources

Pending regulations prompt IA to validate companies’ climate-related claims and incorporate first and second lines of defense. Several members of NeuGroup for Internal Audit Executives have recently or will soon conduct the first audits of their companies’ climate impact reports, and in a recent meeting they generally concluded that ESG group leaders may not understand much of the data behind their reports. The vice president of internal audit at a corporate with supply chains stretching worldwide discussed his company’s annual climate impact…
ComplianceRisk Management
January 26, 2022

Drawing Legal Lines: Internal Audit and Attorney-Client Privilege

Insights on when and how internal auditors involve lawyers to protect information in an audit report.Most members of NeuGroup for Internal Audit Executives either don’t have a formal process to secure attorney-client privilege (ACP) for their audit reports or are working to formalize one. That takeaway emerged at a recent group session where other members shared how the process works at their companies. But first, some context: According to the law firm Gibson Dunn, “Generally speaking, internal audit reports and…
ESGRisk Management
September 30, 2021

Environmental Scrutiny: Internal Audit Takes Stock of ESG Goals

As ESG initiatives grow, audit teams work to ensure companies meet their publicized targets. At recent NeuGroup meetings, internal audit heads discussed taking the first steps at integrating ESG into their audit plans, conducting tests to ensure alignment with public statements on environmental goals. Though only a handful of members currently have ESG in their audit plan, others recognized the need and are kickstarting the process to get out ahead.ESG goals “can become a sales pitch,” one member said, adding he…
Risk ManagementTalking Shop
July 22, 2021

Talking Shop: Interviewing Management to Uncover Risks

Member question: “Has anyone, recently or in the past, conducted broad wide-scale open-ended (i.e., not scripted Q&A) risk interviews of top management and leaders as the primary means to collect risk-identification inputs? “I am looking to share thoughts and experiences regarding the effectiveness, as well as methods to summarize, quantify and present the key findings.“I have interviewed board members, executive staff, management VPs+, totaling in the range of 75-100 one-on-one discussions. I am seeking recommendations on the process.” Peer answer…