Good Governance - Auditors, Your (Unlikely) Partners In Progress

If you can cast your mind back far enough, the list is as long as it is depressing – the list, that is, of organisations that have failed despite their efforts to maintain vigilance against the risks associated with running a business. The list includes the recent spectacular failures of the banks, AIG, Enron, Tyco, Polly Peck, and BCCI; there are many others besides.

Various reports addressing the issues of internal control have been written by stock market grandees, probably most notably the Turnbull report which pulled the findings of a number of earlier reports together.

The board is ultimately responsible for the stewardship of the organisation and managing the associated risks, but assurances on how well the risk management controls are working across the wider business should come from the internal auditors.

Many line managers will have specific audit responsibilities: the quality manager will audit product and process quality; the health and safety manager will audit safety; the IT manager will audit the IT security threat. However, highly skilled and properly trained internal auditors should also be looking at a range of broader issues and evaluating the controls in place for both overt and covert risks (which might include strained relationships at the top of an organisation, investment in new technology or equipment, reputation and customer management, risks arising from the loss of key people, cost controls, supply chain risks (for instance arising from the exploitation of child workers)), as well as an overview of the finance, quality, safety and IT issues.

Internal auditing may be seen as a big company activity, but assessing and measuring exposure to risk is important for the survival of all companies and is a catalyst for best practice. It is of value even if everything is found to be okay as it means of ensuring that you are not missing anything. In the words of one of our clients, “you keep us honest”. Can you afford to fail?

Our Clients Love Us

format_quote

Simply ISO9001

“Statius took time to understand us, then they made ISO9001 very simple whereas other consultants had made it impossibly complicated”
format_quote

Mindset management

“This (assignment) has confirmed some things I knew, and that was useful; some things I didn’t and that too was useful. However, most importantly, I guess we all felt a bit uncomfortable at times but now we have a real and robust improvement plan to go forward with.”
format_quote

Mindset management

“The (performance improvement) work you have undertaken has providing a real opportunity for us to break out of our mindset… I’m just afraid it will stop!”
format_quote

Streamline and simplify

“I have to say from a personal viewpoint, since you came on board you have helped streamline and simplify our systems brilliantly, and continue to do so, which makes my job much more straight forward, and I thank you very much for all your efforts...”
format_quote

Securing new business

“Without the help of Statius and the systems and processes developed we would not have secured £27m of framework agreements and term contracts.”
format_quote

Changing thinking

“Statius challenged and changed our thinking, without them we would never have changed the business model and we’d be far less prepared for sale.”
format_quote

Integrated management

“Statius’s hands on approach and genuine interest in the development of the Integrated Management System meant that we successfully achieved ISO 14001 certification (at the first attempt) and we shall rely on their future support as we develop our systems.”