Aligning the board, risk management, and internal audit
What is the executive leadership team (ELT) and the board worrying about? What are the topics on their agenda?
They are discussing these topics because they represent either opportunities to add shareholder value (such as major projects, acquisitions, etc.) or threats to that value – to the achievement of corporate goals, strategies, and objectives (such as the actions of competitors). They determine what actions to take and measure progress.
When the ELT and the board evaluate these opportunities and threats, then decide what actions to take, they are managing risk. They are understanding and responding to uncertainty with the objective of optimizing outcomes: increasing the likelihood of positive results and minimizing the negative.
If the ELT and board are to be successful, they need both the risk management and internal audit functions to be aligned with them. Risk management helps ensure they have all the information they need to steer the organization. Internal audit provides assurance that the processes involved in obtaining information can be relied on, and that the ship will respond to directions from the bridge.
Do the leaders of risk management and internal audit always understand what is on the ELT and board agendas? Do they have access to the bridge of the organization, so they understand what the captain is trying to do?
If the craft is to successfully navigate treacherous waters, taking advantage of tailwinds and clear channels:
1. The ELT and board must ensure they communicate to risk management and internal audit leaders what items are on their agenda
2. The latter leaders must ensure that they receive they receive and act on that information
Do you agree?