HR and Internal Audit – Both Trying to Earn More Respect and a Place at the Table – Suggestions . . . .

I have provided below two links, one to an article by the Society for Human Resource Management (SHRM), and the other by Internal Audit 360.

The SHRM article discusses HR’s desire for a place at the C-Suite table, the difficulties that HR is having getting there, and suggestions that might help.

The Internal Audit 360 article discusses the possibility of Internal Audit becoming involved in auditing (internally) the status of sexual harassment and culture at the entity. For years I have read articles about Internal Audit wanted to become more useful, valued and respected, and to become more than a function that audits after the fact.

HR is instrumental for day-to-day operations, and is looking for a seat at the C-Suite table. HR is or has the opportunity to be involved with the culture of the entity.

Internal Audit generally isn’t thought of as being instrumental for day-to-day operations, but Internal Audit should already have an invitation to help the Audit Committee with its oversight responsibilities; should already meet with, report to and in some manner help the C-Suite; and might meet with the Board. Nevertheless, Internal Audit is primarily thought of as a function that audits financial operations, internal controls, fraud and sometimes aspects of risk management. The new 2017 COSO ERM (enterprise risk management) framework lists culture and governance as the first and most important components of enterprise risk management. Thus, the door might be open for Internal Audit to become involved in (internally) auditing culture and the various aspects of culture. You will find more of my prior posts about 2017 COSO ERM and risk management processes at

I have suggestions for HR. Read the SHRM article linked below – it is a good article, with at least broad suggestions to better help HR position itself as a valued function and get to the C-Suite table. Additionally, I suggest that HR also at the same time aim for meeting with the Audit Committee or Risk Management Committee, and the Board, on issues relating to “culture” and the Company’s reputation with employees and as an employer – and also promote, promote, promote yourself. Directors are interested in the entity’s culture and reputation as an employer, at least currently, and hopefully on into the future.

I also have suggestions for Internal Audit. Read the SHRM article. And, if you want to be involved in the internal audit of culture, governance, risk management processes, sexual harassment, or similar issues, actions and activities, get busy establishing your qualifications and knowledge in those areas, develop criteria and an audit plan in at least one (or more) of those areas that will provide worthwhile value to executive management and Directors – and promote, promote, promote yourself.

HR and Internal Audit might also consider discussing together areas of similar interest with a view toward combining or collaborating their different but compatible strengths and areas of experience.

Here is the SHRM article. SHRM – for HR – How to Earn the Trust of Your CEO – HR is Losing the Confidence of the C-Suite, click on the following link for the discussion,

Here is the Internal Audit 360 article. Internal Audit 360 – sexual harassment issues rooted more in culture than policy, click on the following link for the discussion,

Best to you, David Tate, Esq. Royse Law Firm, with offices in northern and southern California

The following is a summary of the 2017 COSO ERM framework components:

COSO Enterprise Risk Management Framework ERM Components and Principles

Additional materials of interest:

Audit Committee 5 Lines of Defense 10222017 David W. Tate, Esq. jpg


NIST Cybersecurity Framework Tiers Summary

The Business Judgment Rule

In summary, as a general principle the business judgment rule provides that a director should undertake his or her duties:

-In good faith, with honesty and without self-dealing, conflict or improper personal benefit;

-In a manner that the director reasonably believes to be in the best interests of the corporation and its shareholders; and

-With the care, including reasonable inquiry, that an ordinarily prudent person in a like position with like expertise would use under similar circumstances. The rule itself doesn’t require a particular level of expertise, knowledge or understanding; however, as you might be aware, public company audit committee members do have such a requirement, and you can at least argue that, depending on the facts and circumstances, a board or committee member should have or should obtain a certain unspecified level of knowledge or understanding to be sufficiently prepared to ask questions, evaluate information provided, and make decisions.

Reliance Upon Other People Under the Business Judgment Rule

In the course and scope of performing his or her duties, a director must necessarily obtain information from and rely upon other people. An independent director is not involved in the day-to-day operations of the business. The director provides an oversight function. Pursuant to the business judgment rule, a director is entitled to rely on information, opinions, reports or statements, including financial statements and other financial data, prepared or presented by any of the following:

-Officers or employees of the corporation whom the director reasonably believes to be reliable and competent in the relevant matters;

-Legal counsel, independent accountants or other persons as to matters that the director reasonably believes are within the person’s professional or expert competence; or

-A committee of the board on which the director does not serve, as to matters within that committee’s designated authority, so long as the director acts in good faith, after reasonable inquiry as warranted by the circumstances, and without knowledge that would cause reliance to be unwarranted.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s