- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
Some pundits would say that battles have steadily been brewing between the risk and control assurance functions. Should compliance report to legal, or be separate? Should compliance and internal audit be combined? Should audit take on risk management, or vice-versa? These are some of the simmering debates on how best to structure governance-related functions at a large enterprise.
Lately I’ve been getting inquiries about the value of combining risk and control functions. While efficiencies can be gained, organizations should heed whether integrating these areas can impair the ability of these functions to provide needed levels of assurance effectively. New approaches have emerged rolling these areas into an “office of governance” to facilitate information flow among them. I’ve even been asked about the old bugaboo of placing all risk and control functions (even internal audit) under legal, to better preserve attorney-client privilege.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
Chinese authorities banned PwC’s Chinese unit from performing audits in the country for six months, labeling the subsidiary’s flawed audit work as complicit in the failure of giant property developer Evergrande.
Erica Williams was reappointed to a second term as chair of the Public Company Accounting Oversight Board after an ambitious first three years in the role that have seen the agency work to update many of its standards deemed outdated.
Software company Autodesk said it won’t restate several years of financial statements following an audit committee investigation into potential accounting misconduct.
