Printer Friendly
The Free Library
4,555,040 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

Consulting hazards.


"The Hazards of Consulting" ("In My Opinion," December 2007) is on point. I see many internal audit leaders all too willing to nominate their department as the "prom queen." Elaine Kawashima's key words were "duties to the audit committee" and "independent." When these are made secondary to management requests for advisory or consultant services, the first step down the slippery slope is taken. It is a long fall down and an even more difficult climb up. I hope others who read Kawashima's opinion stop and think about it.

MIKE KENNEMER

Vice President, Internal Audit

The Bass Companies

Willow Park, Texas

mkennemer@bass-net.com

I enjoyed Kawashima's article. I understand and agree with her perspective, but is the auditors' independence impaired if they assist in the design phase of a new system or process? I agree with Kawashima about the fact that we must segregate ourselves from the process, but by suggesting best practices, we also ensure that the process is built appropriately. Where do we draw the line?

DANNY M. GOLDBERG, CIA, CPA, CCSA, CISA

Director of Internal Audit

Tyler Technologies Inc.

Dallas, Texas

daniel.goldberg@tylertech.com

I am alarmed that the concerns about internal audit consulting and independence, which I thought were buried deep in the grave of obsolete internal audit theory books, have resurfaced. There are several obvious arguments against Kawashima's assertions:

* Kawashima's suggestions are contrary to the Standards.

* Auditors are expected not only to issue formal findings that criticize the lack of controls, but also to recommend actions to correct the deficiencies. There is no difference between advising management on controls as part of an audit and advising as part of controls consulting.

* Auditors should not be focusing on weaknesses, as Kawashima suggests. Instead, they should provide assurance on the adequacy of the system of internal controls with a balanced report that discusses both the good and the bad.

* The best way to provide assurance is to build solid controls into new processes and systems.

Although internal auditors should not assume management responsibility and own the design of controls, we certainly can--as we do in audit reports--make suggestions and comment on management's proposed design.

I agree we must be mindful of our core duties to audit committees. They want us to provide objective assurance and improve governance, risk, and control practices.

NORMAN MARKS

Vice President, Internal Audit

Business Objects S.A.

San Jose, Calif.

nmarks@businessobjects.com

COPYRIGHT 2008 Institute of Internal Auditors, Inc.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2008 Gale, Cengage Learning. All rights reserved.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:LETTERS
Author:Kennemer, Mike; Goldberg, Danny M.; Marks, Norman
Publication:Internal Auditor
Article Type:Letter to the editor
Date:Apr 1, 2008
Words:401
Previous Article:Thanks for the laugh.(LETTERS)(Letter to the editor)
Next Article:Capitalizing on survey findings.(LETTERS)(Letter to the editor)
Topics:

Terms of use | Copyright © 2008 Farlex, Inc. | Feedback | For webmasters | Submit articles