WHO AM I?
I have been a practitioner and thought leader in internal audit, risk management, and governance for a long time. I have led large and small internal audit departments, been the Chief Risk Officer and Chief Compliance Officer, and managed IT Security and governance functions.
My books are discussed in a separate tab.
I continue to lead workshops designed for experienced practitioners on the topics of Sarbanes-Oxley, effective risk management, and building a world-class internal audit function.
I am also working with individiuals and companies, including software vendors, where my knowledge and experience is seen of value.
I am fortunate to have been recognized and made a Fellow by OCEG for my commentary on GRC, and an Honorary Fellow of the Institute of Risk Management for my contribution to the risk management field. I am also pleased to contribute to the profession through my activities in support of the IIA and ISACA, articles in various publications, and membership of periodical review boards (including the Internal Auditor, ISACA Journal, and EDPACS).
Please consider following me on Twitter, where I share daily news and opinion on topics that I hope will be interesting to governance, risk, audit, and other professionals
Please let me know if you are looking for speakers, whether for a conference, chapter meeting, or for your department’s training week. I have spoken recently about:
- Building a risk-based audit plan
- Fundamentals of risk management and how to audit it
- Internal audit 2020
- Audit leadership
- World-class internal auditing
- World-class risk management
- The role of Audit as the last line of defense in managing risk to the organization
- IT audit and how it needs to change
- How disruptive technology should change IT risk management
- Continuous auditing/monitoring
- What is GRC and what does it mean for you?
- The future of information
- Managing risk at the speed of business
- Building a risk culture
- Using technology in your internal audit department
- The GAIT methodology for business and IT risk scoping
- and more
WEBCASTS, PODCASTS, AND VIDEOS
I am passionate about internal audit, risk management, governance, and the topic of GRC. If you are interested in conversation and discussion, please feel free to contact me.
I am also somewhat of a mentor, giving back to the profession, so if you have a tough situation and want to talk – contact me.