- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
Some pundits would say that battles have steadily been brewing between the risk and control assurance functions. Should compliance report to legal, or be separate? Should compliance and internal audit be combined? Should audit take on risk management, or vice-versa? These are some of the simmering debates on how best to structure governance-related functions at a large enterprise.
Lately I’ve been getting inquiries about the value of combining risk and control functions. While efficiencies can be gained, organizations should heed whether integrating these areas can impair the ability of these functions to provide needed levels of assurance effectively. New approaches have emerged rolling these areas into an “office of governance” to facilitate information flow among them. I’ve even been asked about the old bugaboo of placing all risk and control functions (even internal audit) under legal, to better preserve attorney-client privilege.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Erica Williams was reappointed to a second term as chair of the Public Company Accounting Oversight Board after an ambitious first three years in the role that have seen the agency work to update many of its standards deemed outdated.
Software company Autodesk said it won’t restate several years of financial statements following an audit committee investigation into potential accounting misconduct.
Los Angeles-based bank holding company Broadway Financial Corp. disclosed in a public filing weaknesses discovered in its internal control over financial reporting because of training shortfalls.
