IT Organization Management Re-Structuring Recommendations? 53
SOX-Migration last edited by
Internal Auditors have to have the freedom to tell anyone and everyone they are WRONG. And enough installation so that they can continue to point out what they percieve as defects until management acknowledges the defect and accepts the risk or remediates the problem.
Usually Internal auditors are put under Legal or ideally Chief Operations Officer lead.
Yoda404 last edited by
Sorry to put a new spanner in the works…
but you will find that the ISACA recommends that Internal audit directors should be appointed and reports to the audit comittee directly. He/she may have a dotted line to the COO or the CFO but the setting of goals/ bonuses/MIPs should be performed by the audit committee.