Corporate boards may be overlooking critical information about emerging risks—in areas such as cybersecurity or workplace sexual harassment—by relying too heavily on information they receive from management, according to a recent survey of internal auditors. The survey, conducted by the Institute of Internal Auditors, asked chief audit executives where directors at their companies get information about potential risks. Just under half said directors are just as likely to rely on internal auditors or corporate risk executives. Among publicly traded companies, 75% of chief audit executives said they report directly to the chief financial officer. As a result, only 19% of chief auditors at financial institutions currently report to the CFO, while most report to the CEO or other executive leaders, according to the survey.

Source: Wall Street Journal March 06, 2019 21:11 UTC