auditing culture
play

AUDITING CULTURE Kayla Flanders, CIA, CRMA Deanna Bennigsdorf, CIA, - PowerPoint PPT Presentation

Sep 12, 2022 •258 likes •713 views

AUDITING CULTURE Kayla Flanders, CIA, CRMA Deanna Bennigsdorf, CIA, CRMA IIA Sioux Falls Chapter February 20, 2018 OVERVIEW What is all the talk about culture? What is culture? Why is culture hard to audit? Does Internal Audit

  1. AUDITING CULTURE Kayla Flanders, CIA, CRMA Deanna Bennigsdorf, CIA, CRMA IIA Sioux Falls Chapter February 20, 2018

  2. OVERVIEW • What is all the talk about culture? • What is culture? • Why is culture hard to audit? • Does Internal Audit have a role? • Audit Approaches & Techniques • Parting thoughts Caveat: The opinions expressed during this presentation are the individual opinions of the presenters.

  3. WHAT IS ALL THE TALK ABOUT CULTURE?

  4. IT IS A TOP OPERATIONAL RISK #8 on the Top 10 Risks for 2017 Source: Protiviti’s Executive Perspectives on Top Risks for 2017

  5. IT IS THE CULPRIT IN DEBACLES 16% Source: “When Culture Is the Culprit”, 2016 IIA Leadership Academy, Richard Chambers

  6. AUDIT LEADERS ARE INTERESTED

  7. AND BECAUSE... • How organizations, and individuals within them, behave has become a matter of public concern • Regulators are expecting internal audit to review • Boards realize there is an increasing need to focus on the risks toxic culture presents • CEOs and CFOs see culture as critical to success Source: IIA The Uncharted Territory of Auditing and Organization’s Culture And “Corporate Culture: Evidence from the Field,” Graham, Harvey, Popadak, and Rajgopal; Duke University, 2015

  8. WHAT IS CULTURE?

  9. CULTURE IS… COMPANY SPECIFIC SO…….WHAT IS IT? “…the reason why great organizations have sustained success. Culture drives expectations and beliefs. Expectations and beliefs drive behavior. Behavior drives habits. Habits create the future. - Jon Gordon

  10. CULTURE IS NOT… WHAT IS SAID… BUT WHAT IS DONE

  11. CULTURE DEFINED • Merriam Webster – a way of thinking, behaving, or working that exists in a place or organization (such as a business) • Investopedia - Corporate culture refers to the beliefs and behaviors that determine how a company's employees and management interact and handle outside business transactions. • It is the values and behaviors that contribute to the unique social and psychological environment of an organization

  12. CULTURE IMPLIED

  13. SIMPLY SAID IT IS… “The way we do things round here.”

  14. IS DEFINING CULTURE THAT EASY? NO…

  15. LOOKS CAN BE DECEIVING

  16. WHY IS A DEFINITION IMPORTANT? • So everyone is on the same page - definition must be shared • You understand where the culture gap is • KEY in connecting it to critical corporate elements such as: – Organizational structure – Incentives – Strategic planning – Brand development • With no definition, linking culture to strategic elements is a challenge Source: IIA Audit Executive Center Pulse Solutions – Perspectives on Auditing Culture

  17. IS EVERYONE ON THE SAME PAGE?

  18. WHY IS CULTURE HARD TO AUDIT?

  19. CULTURE TALK IS UNCOMFORTABLE • Culture is inherently subjective • It is perception influenced by people in leadership positions • Things can get personal quickly • Emotions fly

  20. CULTURE IS SQUISHY AND SOFT • Soft controls (control environment, tone at the top, culture) are more difficult to audit – Strong leadership – Trust and Openness – High expectations – Shared values – High ethical standards • There isn’t a standard model audit program or checklist that we can use • Auditing culture is a complex and amorphous concept

  21. YES, IT SURE DOES • Culture will directly impact how successful an organization is • Culture can be a key enabler to meeting the business objectives • It is one way to add value and improve organization’s operations

  22. DOES INTERNAL AUDIT HAVE A ROLE?

  23. YES! Internal Audit is now in the corporate culture game

  24. Definition of Internal Auditing (IIA) Internal auditing is an independent , objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

  25. Internal Audit and Risk Management • Risk Management processes are monitored through ongoing management activities; separate evaluations or both – Achievement of the organizations strategic objectives – Reliability and integrity of financial and operational information – Effectiveness and efficiency of operations and programs – Safeguarding of assets – Compliance with laws, regulations, policies, procedures, and contracts

  26. AUDIT APPROACHES & TECHNIQUES

  27. IT IS A JOURNEY Most Challenging Use Data Analytics to look for themes Don’t just look at the specific issue and how to correct it Source: “When Culture Is the Culprit”, 2016 IIA Leadership Academy, Richard Chambers

  28. AUDIT APPROACHES – BABY STEPS Horizontal – Each Engagement Annual Summary Report Assess Assess 2 nd Line management culture each tone each Coordination audit audit

  29. AUDIT APPROACHES – GIANT LEAP Vertical – Enterprise Wide Massive undertaking All components and elements One culture audit – enterprise wide

  30. AUDIT APPROACHES – BITE SIZE CHUNKS • This is not an exhaustive list • Break down into Risk Cyber manageable chunks • Pay attention to what you are already doing Fraud Safety “Bite - sized Culture Audits” - Jim Pelletier

  31. TOOLS AND TECHNIQUES • Supplement with audits of certain key components of culture, through either vertical or horizontal approaches – Employee Development – Employee Retention – Whistleblowing/Hotline Activity – Compensation Plans and Strategy • Identify culture as a metadata point in root cause attributes and discussions and be ready to have courageous conversations • Perform surveys or host workshops to ascertain cultural elements

  32. ASSESS CURRENT STATE • Do we have a healthy or toxic culture? • Does current culture or sub-cultures promote behavior alignment? • What are the hard controls? Formal codes of ethics – polices – organizational structure – defined roles – training • What are the soft controls? Less Tangible competence – trust – leadership – expectations – shared values – ethical standards

  33. EXAMPLE Source: How to Audit Culture by James Roth

  34. UNHEALTHY CULTURE Source: “When Culture Is the Culprit”, 2016 IIA Leadership Academy, Richard Chambers

  35. WHAT DOES IT LOOK LIKE • Different standards for different people • Groupthink and judgment errors • Unethical or illegal behavior • Poor communication • Blaming others & defensiveness • The talk isn’t walked! Source: “When Culture Is the Culprit”, 2016 IIA Leadership Academy, Richard Chambers

  36. TOXIC CULTURE RED FLAGS Source: IIA The Uncharted Territory of Auditing and Organization’s Culture

  37. WATCH OUT – SUBCULTURES MAY EXIST • Cultures develop locally within business units or teams • Employees will follow actions of their direct leaders • Behaviors may not align with main culture – Are there systemic failures in controls/compliance? – Is there hotline or whistleblowing activity? – Is there unusual deference to leadership?

  38. CULTURE AUDIT ENABLERS Source: IIA The Uncharted Territory of Auditing and Organization’s Culture

  39. Example from an Iowa Company Conduct a Post Project Assessment on Management Risk

  40. Example from an Iowa Company (Cont.) Conduct a Post Project Assessment on Management Risk

  41. PARTING THOUGHTS

  42. SO NOW WHAT? • Understand your company’s appetite for auditing culture • Communicate the value • Identify the right audit approach • Get everyone on board • Start small

  43. OLD CONCEPT – NEW PACKAGE • MORE THAN LIKELY, you are already auditing certain elements of culture. • This is not a new concept – just a new package.

  44. LAST CHANCE

  45. RESOURCES • IIA – The Uncharted Territory of Auditing an Organization’s Culture (2015) • IIA – Auditing Corporate Culture Training and Resources https://na.theiia.org/standards-guidance/topics/Pages/Auditing-Culture.aspx • IIA - “When Culture Is the Culprit” Leadership Academy, Richard Chambers (2016) • Financial Stability Board – Guidance on Supervisory Interaction with Financial Institutions on Risk Culture (2014) • Protiviti – The Most Important Risks for 2017 - https://www.protiviti.com/US- en/insights/bpro-issue-87 • How to Audit Culture, article by Jim Roth (links to surveys and questionnaires) • Global Perspectives & Insights: Auditing Culture – A Hard Look at the Soft Stuff • https://iaonline.theiia.org/blogs/Jim-Pelletier/2017/Pages/Bite-sized-Culture- Audits.aspx • https://iaonline.theiia.org/blogs/Jim-Pelletier/2018/Pages/5-Words-That-Should-Be-in- Internal-Audit-Reports.aspx • Report of the NACD Blue Ribbon Commission on Culture As A Corporate Asset, 2017.

Recommend

Remarks on Auditing, Regulatory Auditing and Regulatory Auditing Strategy Prof. Dr. Horst

Remarks on Auditing, Regulatory Auditing and Regulatory Auditing Strategy Prof. Dr. Horst

Remarks on Auditing, Regulatory Auditing and Regulatory Auditing Strategy Prof. Dr. Horst Frankenberger University of Applied Sciences Lbeck SG 4: Auditing - Lbeck 16.09.2002 1 Remarks on Auditing, Regulatory Auditing and Regulatory

305 views • 16 slides
Workshop G Corporate Sustainability Best Practices EHS Auditing, Enforcement Initiatives,

Workshop G Corporate Sustainability Best Practices EHS Auditing, Enforcement Initiatives,

Workshop G Corporate Sustainability Best Practices EHS Auditing, Enforcement Initiatives, and Improving the Culture of Self Governance Tuesday, March 26, 2019 11:15 a.m. to 12:30 p.m. Biographical Information Kelli Totten, Environmental

1.17k views • 84 slides
Auditing Chapter 25 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 25-1

Auditing Chapter 25 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 25-1

Auditing Chapter 25 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 25-1 Outline Overview What is auditing? What does an audit system look like? How do you design an auditing system? Auditing mechanisms

1.4k views • 88 slides
The Right Culture Why culture matters Wh lt tt What a great culture looks like

The Right Culture Why culture matters Wh lt tt What a great culture looks like

4/30/2014 Building the Right Culture for Your Organization Barbara Schmidt Kemp North Star Consultants LLC Guiding organizations and leaders in the right direction 1 The Right Culture Why culture matters Wh lt tt What a

356 views • 17 slides
THE AUDITING OF SOCIAL ACCOUNTS SOME GENERAL CONSIDERATIONS INDEPENDENT AUDITING (with

THE AUDITING OF SOCIAL ACCOUNTS SOME GENERAL CONSIDERATIONS INDEPENDENT AUDITING (with

16/11/2012 THE AUDITING OF SOCIAL ACCOUNTS SOME GENERAL CONSIDERATIONS INDEPENDENT AUDITING (with certification) OF SOCIAL ACCOUNTS A DEBATE (CONSIDERING IN THIS CASE ONLY ITALY): A) ONLY VOLUNTARY B) COMPULSORY BY LAW 1

322 views • 7 slides
Auditing in the Public Interest Auditing in the Public Interest Victorian Government

Auditing in the Public Interest Auditing in the Public Interest Victorian Government

Victorian Auditor-Generals Office Auditing in the Public Interest Auditing in the Public Interest Victorian Government Solicitors Office Seminar 30 May 2007 Des Pearson - Auditor-General 1 Auditing in the Public Interest Personal

352 views • 20 slides
INNOVATIVE SOLUTIONS MEETING EXPECTATIONS Locations & Projects Auditing Auditing

INNOVATIVE SOLUTIONS MEETING EXPECTATIONS Locations & Projects Auditing Auditing

INNOVATIVE SOLUTIONS MEETING EXPECTATIONS Locations & Projects Auditing Auditing and assurance plays a crucial part of ensuring the safety and integrity of any diving system as well as ensuring safe and efficient diving

185 views • 14 slides
Why Data Auditing is Important Arizona State Public Health Laboratory April 2019 Objectives

Why Data Auditing is Important Arizona State Public Health Laboratory April 2019 Objectives

Why Data Auditing is Important Arizona State Public Health Laboratory April 2019 Objectives Define data auditing Explain the importance of data auditing Data Auditing What does data mean to you? What is data auditing? When

648 views • 33 slides
Auditing : the good, the bad and the ugly A. Feinberg 14 Sep 2017 1 I must pay a debt of

Auditing : the good, the bad and the ugly A. Feinberg 14 Sep 2017 1 I must pay a debt of

Auditing : the good, the bad and the ugly A. Feinberg 14 Sep 2017 1 I must pay a debt of gratitude to DeWitt Beeler, who in an article published in the 1999 May Issue of Quality Progress provided me with a fresh look at auditing and

557 views • 41 slides
How would the emerging technology affect the future of auditing? AC4342 Auditing S01 Group 4

How would the emerging technology affect the future of auditing? AC4342 Auditing S01 Group 4

How would the emerging technology affect the future of auditing? AC4342 Auditing S01 Group 4 54818800 CHAN Shu Wah 54791726 IP Sunny 54814013 WAN Chun Fai 54808805 YIU Ho Fung How would the emerging technology affect the future of

672 views • 54 slides
1 State Single Audit Requirements In accordance with federal requirements, beginning in

1 State Single Audit Requirements In accordance with federal requirements, beginning in

Compliance Auditing Update Compliance Auditing Update NC Local Government Auditing, Reporting and Review NC Local Government Auditing, Reporting and Review June 14, 2016 June 14, 2016 Uniform Guidance Overview Course Objectives- Uniform

435 views • 25 slides
Auditing large-scale medical terminologies, with a focus on SNOMED CT Ronald Cornet PhD Dept.

Auditing large-scale medical terminologies, with a focus on SNOMED CT Ronald Cornet PhD Dept.

Auditing large-scale medical terminologies, with a focus on SNOMED CT Ronald Cornet PhD Dept. of Medical Informatics Academic Medical Center University of Amsterdam Outline Background Types of Auditing Logic-based Auditing

245 views • 21 slides
School Equipment Auditing System(SEAS) Mr.Anuwat Shutanaruk 5522800556 Mr.Thanapon Areewattana

School Equipment Auditing System(SEAS) Mr.Anuwat Shutanaruk 5522800556 Mr.Thanapon Areewattana

School Equipment Auditing System(SEAS) Mr.Anuwat Shutanaruk 5522800556 Mr.Thanapon Areewattana 5522791896 Objective To make auditing system more efficient we develop the new auditing system version. Motivation Old style of search or tracking

852 views • 8 slides
Auditing SDGs SUSTAINABLE DEVELOPMENT GOALS What value do SAIs add to the implementation of

Auditing SDGs SUSTAINABLE DEVELOPMENT GOALS What value do SAIs add to the implementation of

SAIs making a difference by AUDITING Auditing SDGs SUSTAINABLE DEVELOPMENT GOALS What value do SAIs add to the implementation of Agenda 2030 ? Urge national governments into action if there isnt any. Independent oversight on the

203 views • 17 slides
Culture: Its not what you do, its the way that you do it 6 th October 2020 Culture a

Culture: Its not what you do, its the way that you do it 6 th October 2020 Culture a

Exploring Organisational Culture: Its not what you do, its the way that you do it 6 th October 2020 Culture a framing Alastair Mitchell-Baker Tricordant 2 5 What is culture? What happens when no one is looking The environment in

552 views • 17 slides
Auditing IoT Communications with TLS-RaR Judson Wilson, Henry Corrigan-Gibbs, Riad S. Wahby,

Auditing IoT Communications with TLS-RaR Judson Wilson, Henry Corrigan-Gibbs, Riad S. Wahby,

Auditing IoT Communications with TLS-RaR Judson Wilson, Henry Corrigan-Gibbs, Riad S. Wahby, Keith Winstein, Philip Levis, Dan Boneh Stanford University Auditing Standard Devices MITM Used for: security audit automated exfiltration

971 views • 64 slides
Auditing the European room Auditing the European room air- conditioning systems and potential

Auditing the European room Auditing the European room air- conditioning systems and potential

Auditing the European room Auditing the European room air- conditioning systems and potential air- conditioning systems and potential energy savings energy savings Daniela Bory Centre for energy and process Mines de Paris - France ECEEE

351 views • 19 slides
Standards on Auditing (SAs) Presented By C.A. Abhijit Sanzgiri 22/12/2018 CA Abhijit Sanzgiri

Standards on Auditing (SAs) Presented By C.A. Abhijit Sanzgiri 22/12/2018 CA Abhijit Sanzgiri

Documentation requirements under Standards on Auditing (SAs) Presented By C.A. Abhijit Sanzgiri 22/12/2018 CA Abhijit Sanzgiri Standards on Auditing Ensures information in FS is of high quality & acceptable worldwide Formulated by AASB

1.15k views • 89 slides
What is Culture? Culture has to do with values and beliefs as well as customs and

What is Culture? Culture has to do with values and beliefs as well as customs and

What is Culture? Culture has to do with values and beliefs as well as customs and traditions Culture is learned and handed down from generation to generation Culture influences and shapes our behaviors and attitude

771 views • 37 slides
DANFOSS AUDITING SYSTEM May15-02 Responsibilities Jamie Countryman (SE) - Team Lead Zach

DANFOSS AUDITING SYSTEM May15-02 Responsibilities Jamie Countryman (SE) - Team Lead Zach

DANFOSS AUDITING SYSTEM May15-02 Responsibilities Jamie Countryman (SE) - Team Lead Zach Carlson (SE) - Web Master, Key Concept Holder Mitch Valenta (CPRE) - Communications May 15-02 Problem Auditing done on paper

578 views • 26 slides
Endunamoo BCTA Auditing Koena Gerald Moabelo CA (SA) | 03/03/2018 The Audit Process The

Endunamoo BCTA Auditing Koena Gerald Moabelo CA (SA) | 03/03/2018 The Audit Process The

Endunamoo BCTA Auditing Koena Gerald Moabelo CA (SA) | 03/03/2018 The Audit Process The Companies Act Preliminary engagement activities (2008) Planning The Auditing Profession Act (IRBA) Establish overall audit Develop an audit plan

763 views • 45 slides
Company Presentation Culture Culture is everyones business Culture in its broad sense

Company Presentation Culture Culture is everyones business Culture in its broad sense

Company Presentation Culture Culture is everyones business Culture in its broad sense including visual arts, music, cinema, theatre, performance, food, crafts, and folklore, among others is today an important dimension of any

726 views • 17 slides
Auditing Research in 2016 Some Statistics, Four Fundamental Truths, and a Sarcastic Side Point

Auditing Research in 2016 Some Statistics, Four Fundamental Truths, and a Sarcastic Side Point

Illinois Audit Doctoral Consortium October 13, 2016 Auditing Research in 2016 Some Statistics, Four Fundamental Truths, and a Sarcastic Side Point Steven Kachelmeier University of Texas at Austin Some Statistics Auditing articles in TAR and

482 views • 25 slides
SOCIAL ACCOUNTING AND AUDITING Session 2: Measuring social outcomes and impacts Preparatory

SOCIAL ACCOUNTING AND AUDITING Session 2: Measuring social outcomes and impacts Preparatory

SOCIAL ACCOUNTING AND AUDITING Session 2: Measuring social outcomes and impacts Preparatory Activities Understand key principles of social accounting and auditing. Agree the Terms of Reference (scope, manner and responsibility) for

185 views • 7 slides

More recommend