Skip Ribbon Commands
Skip to main content
The Institute of Internal Auditors North AmericaBreadcrumb SeparatorNewsBreadcrumb SeparatorBlog: "Risk, No Action" Doesn't Justify "Risk, No Audit"

Read Richard Chambers' Latest Blog
"Risk, No Action" Doesn't Justify "Risk, No Audit"

In his blog, IIA President and CEO Richard Chambers, CIA, QIAL, CGAP, CCSA, CRMA, shares his personal reflections and insights on the internal audit profession. Here's an excerpt from his latest post:

A recently released EisnerAmper report, Concerns About Risks Confronting Boards - 2015 Survey, includes an interesting warning the authors describe as "risk, no action." The report identifies reputational risk, cybersecurity, and regulatory compliance as the top three risks driving concerns among board members. No real surprises there. But there remain troubling gaps between what board members acknowledge as risks and the actions they or management take.

For example, while identifying reputational risk as the top risk, the survey found little board knowledge about one of the biggest vulnerabilities to organizational reputation — social media. According to the survey, just 6 percent of board members feel they are well-versed in social media risk.

Read the full InternalAuditor.org blog post from IIA President and CEO Richard Chambers.