The bird’s eye diagram is a diagramming technique we use with our clients to see the big picture without getting lost in a vortex (or rabbit hole) of details. You can use this technique on projects like internal controls, audits, SOX, CSOX, ICFR programs or process design or system implementations too. A bird’s eye diagram gives your process owners, auditors, and leaders a clear, aerial view of your processes. It’s a supercharged version of the more familiar swim lane diagram which is about visually representing a process, workflow, or system using parallel lanes. We’ve been using, testing, and improving our bird’s eye method with clients for over a decade.

Given the number of questions Risk Oversight receives about AI and steps companies should be taking, we wanted to share our thoughts on how generative AI is impacting our work and what we need to be doing right now as professionals, leaders, and organizations. But over the past 6 months–prodded by conversations, conferences, and colleagues–we’ve taken a more proactive approach. We began testing specific business cases and applications of AI in our own business, in our client work, and with some initial advising. Our preliminary conclusion: We’re convinced that generative AI represents a substantial shift in how we operate and the internal control, internal audit, and GRC (or governance, risk, and compliance) landscapes.

As we look at adopting AI tools over the next year, one topic that is especially topical for professionals and knowledge workers alike — especially internal control, internal audit, risk management, and governance professionals – is the topic of using AI for note-taking. Like so many other AI applications, AI note-taking apps open a world of possibilities but bear risks at the same time too. As we jump into making AI note-taking tools a bigger part of our day-to-day work, it’s important that we as professionals and leaders understand and assess the advantages and disadvantages of the tools versus our traditional approaches to use the tools effectively and get the best of both worlds.

Risk Oversight sits down with David J. O’Regan to discuss his latest book, The Closing of the Auditor’s Mind?, and the challenges facing the Internal Audit profession today Dr. David J. O’Regan is the Auditor General of the World Health Organization (Americas Region)...

3 Questions to Consider Before Implementing the New Standards In January 2024, the Global Internal Audit Standards (the IIA’s Standards) were updated after a long consultation process. While the updated standards are not expected to have a dramatic impact on IA...

This template provides an easy guide for assessing your Board and Committee minutes aligned with best practices. It’s a useful template for internal control, internal audit, finance, or governance professionals. While it’s not meant to be a comprehensive guide of everything required for Board oversight, meeting, and minutes practices, it is a great resource for assessing Board and Committee minutes through the filter of an internal audit professional.

Do people in your organization worry about saying too much, too little, or the wrong thing?  I can guess the answer is yes. The risks of disclosure (and nondisclosure) are intensifying with the rise of new regulations regarding what we say and how and when we say it....

As we gear up for a strong Q4, everywhere we go we hear people talking about interest rates, inflation, layoffs, and the economic risks ahead. We’re seeing delays and even decreases in spending on projects, training, and benefits. People are trying to figure out how...

A fish can’t survive if the water it’s living in is dirty. The same goes for your control environment. Your controls can only thrive in the right environment.  Ten years ago, the approach to achieving that “right environment” shifted with the concept of Entity Level...

“Design” is the foundation of internal controls — from how you structure financial processes, controls, testing, and your program. But it is likely the most untapped and misunderstood aspect of your internal controls program too. Effective design is where your team’s...