Risk Topics

CIA for five years


It's been five years since I wrapped up a year—and five hundred hours of study—toward the Certified Internal Auditor designation. Over these five years, I've tried to put it to good use, being an internal consultant and working with my colleagues on developing controls and talking about residual risk. There's another view of internal audit that says it's about conveying one's opinion on existing controls. This is a view on internal audit that I've always worried about—what makes my view on the controls worthwhile? Also, wouldn't it be more effective to work with the "first line of defense" rather than drafting up reports to people as removed as the board?

One thing that I've noticed quite recently: it's a designation that's come into vogue again. I'm seeing as a requirement in job postings at some of the local banks in particular.

© 2013 - 2019 werneburg information risk management inc.