Does risk management come in one size? Should the auditor use the same standard to assess risk management at every organization? blog
This week, I wrote about how to audit risk management on my IIA blog. Not everybody, either in comments on the blog or elsewhere on LinkedIn, understood my point.
The risk management program has to be sized and oriented to meet the needs of the organization.