A risk-based approach to auditing governance processes
Should internal audit departments audit governance processes? Can they effectively assess board operations? Isn’t that the responsibility of the board itself, generally through a governance committee? Are we sufficiently independent, because we report to the audit committee of the board, and do we have the necessary skills?