Risk is not about money. In today's blog post, I talk about the practice of calculating the level of #risk in monetary terms. I share real-life examples as I argue for tailoring risk information to the needs of decision-makers. normanmarks.wordpress.com/2025/04/21/ris… via Norman Marks

These are times of chaos. Is your risk management up to the challenge> Will it help make the right decisions? It's past time to assess its effectiveness. normanmarks.wordpress.com/how-should-you… via Norman Marks

Things internal auditors should do in these turbulent times normanmarks.wordpress.com/2025/04/23/thi… via Norman Marks #audit #risk #GRC #IIA #ISACA #governance #ERM

What is the future of internal auditing? Will it be replaced by AI? Will we be relevant in 2035? I argue in today's post that we need to focus on helping our organization survive in the midst of chaos, which I describe. Your thoughts? normanmarks.wordpress.com/2025/04/29/wha… via Norman Marks

How Do You Establish the Level of Risk? by Norman Marks reworked.co/information-ma… #RiskManagement #RiskAssessment

If you are not worried about #AI errors, read this: cfodive.com/news/nearly-6-…

Laughter…contagious isn’t it? Have a Great Sunday! #StillBringingSunshine 👓☀️♥️ #MorecambeAndWise #EricAndErnie #ThamesTV

Today, I review and comment on an article by a prominent leader of internal auditing. I point out several statements that I consider erroneous and make my own recommendations for IA's future. #risk #audit #GRC #IIA #ERM #boards #governance #ISACA normanmarks.wordpress.com/2025/05/05/int…

Is it a myth that #cyber is the top #risk? I review the results of conflicting surveys and analyses. Are the surveys right that cyber is a top risk, when reports of actual breach consequences contradict them? normanmarks.wordpress.com/2025/05/08/is-… via Norman Marks

A bit of “Style” today as #EricAndErnie are joined by a Knight of the Realm… …the late, great #DonaldSinden #StillBringingSunshine 👓☀️♥️ #MorecambeAndWise #EricAndErn

How can you use AI in a SOX compliance program? I tackle that question in today's post. Please share your thoughts and use cases. normanmarks.wordpress.com/2025/05/12/how… via Norman Marks

Whose fault is it that internal audit recommendations are ignored? Is it management's fault, or is it because we failed to have constructive discussions with them before the report was even drafted? normanmarks.wordpress.com/2025/05/14/who… via Norman Marks

Risk wisdom from the Guru I review the thoughts of one of the most influential #GRC and #risk management thought leaders. Do you agree with him? normanmarks.wordpress.com/2025/05/19/ris… via Norman Marks #GRC #risk #audit #IIA #governance #ISACA

A fine speech explains the problems with traditional risk management I share highlights in today's blog post. Do you agree? normanmarks.wordpress.com/2025/05/22/a-f… via Norman Marks #audit #risk #GRC #governance #boards #management

GRC vs ERM vs IRM vs Connected Risk vs ORM vs SRM vs TPRM Are you fed up with all these acronyms? Why don't we just focus on effective risk management instead of trumpeting our framework of the day? I discuss in today's blog post. normanmarks.wordpress.com/2025/05/26/grc… via Norman Marks

Republican Congressman Rep. Don Bacon 🇺🇸✈️🏍️⭐️🎖️

Does the US need a Corporate Governance Code? I discuss the draft Corporate Governance Framework from COSO and the NACD. Does it have value? Does it do what it says. enabling an assessment of an entity's governance? normanmarks.wordpress.com/2025/05/29/a-n… via Norman Marks

A tool for assessing the internal audit function I review and excerpt useful IIA guidance and suggest important questions of my own. What do you like? What is missing? normanmarks.wordpress.com/2025/06/02/a-t… via Norman Marks