Norman Marks

About Norman Marks

Norman Marks previously held the role of Vice President, Evangelist for Better Run Business, at SAP, responsible for optimizing business processes for internal audit, risk management, governance, and compliance.

Lessons Learned From The Transition To COSO 2013

7-May-2015 | Norman Marks

Protiviti has shared with us a useful Top 10 Lessons Learned from Implementing COSO 2013. I especially like this section: It is presumed that everyone understands that a top-down, risk-based appro

The Most Important Sentence In COSO

6-May-2015 | Norman Marks

In my opinion, one sentence stands out, whether you are looking at the COSO Internal Control – Integrated Framework (2013 version) or the COSO Enterprise Risk Management – Integrated Framework.

A Study In Enterprise Risk Management

4-May-2015 | Norman Marks

A new article in Singapore’s Business Times explains that when Singapore achieved its independence in 1965 (through separation from Malaysia), its attention to enterprise risk management helped it b

privacy security

Privacy Risk Management And Compliance

17-Apr-2015 | Norman Marks

I have been a big fan of the Open Compliance and Ethics Group for many years (since well before it honored me as a Fellow). OCEG is a not-for-profit organization that focuses on “principled perfo

Understanding And Managing Cyber Risk

31-Mar-2015 | Norman Marks

Last week, I participated in an NACD Master Class. I was a panelist in discussions of technology and cyber risk with 40-50 board members very actively involved – because this is a hot topic for boar

New Information And Perspectives On Cyber Security

26-Mar-2015 | Norman Marks

The world continues to buzz about cyber security (or, perhaps we should say, insecurity). Now we have the Chinese government apparently admitting that they have a cyberwarfare capability: not just one

It’s Time For An Internal Audit Transformation

24-Feb-2015 | Norman Marks

Jack Welch, former CEO of GE, is credited with saying that if the rate of change on the outside is greater than the rate of change on the inside, the end is in sight. Not only is the environment in

Drive Business Results By Harnessing Uncertainty

11-Feb-2015 | Norman Marks

I am very pleased to see new guidance on risk management from Ernst & Young (EY) that recognizes that risk management is not a defensive activity designed only to protect value. It can and should

What Should The Audit Committee Focus On In 2015?

6-Feb-2015 | Norman Marks

Every year, the audit firms provide audit committees with their ideas of what the agenda should include in the coming year. Their ideas are usually good, although typically (and understandably) focus

Hire People Who Can Think

18-Dec-2014 | Norman Marks

I am often encouraged by surveys of the attributes executives look for when they hire. An increasing number recognize that education, certifications, and even experience are insufficient. The so-ca