Which of the following is the best role responsible for ensuring compliance in an organization with laws and regulations, industrial standards, contractual requirements, organizational policies, and code of ethics through independent assessments?
A. Senior management
B. The board of director
C. First-tier customers
D. Audit committee
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. Audit committee.
The head of the internal audit department typically reports functionally to the audit committee of the board of directors, with administrative reporting to the chief executive officer. His or her job title can be chief audit executive (CAE), director of the (internal) audit, auditor general, or controller general.
The role of the audit committee
* Oversight of financial reporting and related internal controls
* Review of filings and earnings releases
* Risk oversight
* Oversight of the independent auditor
* Ethics and compliance
* Oversight of internal audit
* Other interactions with management and the board
* Audit committee external communications
- The role of the audit committee
- Cybersecurity: The changing role of audit committee and internal audit
- Cyber security is a critical audit committee issue
A BLUEPRINT FOR YOUR SUCCESS IN CISSP
My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.
- It is available on Amazon.
- Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.