What is “gravitas” and how does one develop it?

I think that “gravitas” means really the opposite of being a visibly light-hearted, humorous and happy-go-lucky person. Therefore you have to be able to switch the level of gravitas on and off, that’s the tricky bit. There are people who get noted for being able to make people laugh and sometimes, if they are not carefully, they become regarded as “clowns” who are not really to be taken seriously. On the other hand, too much of the opposite will mean you are seen as someone with gravitas, but maybe not someone with a great sense of humour, which could create distance in situations where you don’t want it.

A certain dignity in not being too open about one’s personal life is probably good – familiarity can breed contempt, and making sure that your use of humour is aimed at quality rather than quantity will do a lot to enable you to come off as someone with gravitas. Other than that it is something which grows with age, experience and the ability to show a certain classic style of speech, choice of language, dress and posture. But you can’t stand on your dignity the whole time. If you make a mistake and people laugh at you, better join in the joke rather than get offended or that will undermine gravitas quicker than anything else.

Certainly a serious demeanour going hand in hand with a genuine reputation for being ethical and having a flawless integrity, these are things which many of us aspire to and should aspire to. For many successful people, this is what they tend to have in common and for many this is what they will sum up as “gravitas”.

A former boss of mine suggested that I increase my level of gravitas in order to get on, he did not say how I should go about it, but I think to a degree I did it anyway. Now I am pleased to say I can still make people laugh, but I can just as easily get them to take an issue seriously. That’s what I wanted to achieve and that’s a target I recommend people to aim for whenever I hear them talking about gravitas.

What should the relationship of internal and external audit look like?

Not every organisation has both an external audit and internal audit. In some jurisdictions you can get companies that have internal audit but no external audit, while in most countries you get quite a prevalent external audit with far less incidence of internal audits. Russia is a prime example of the latter case.

External audits done under ISAs are supposed to plan and carry out work in order to have a reasonable expectation of detecting fraud and other irregularities, and certainly the expectation of users has traditionally been that external auditors are responsible for finding fraud.

I work both as external auditor and I also carry out internal audits for clients who don’t have their own departments or who do but still need to be beefed up locally by brought-in experts. Therefore I have no particular axe to grind, but I will say this – a lot seems to be expected of external auditors with relation to fraud without giving them the tools necessary to find instances of fraud.

Internal audit departments can, within reason (they cannot supercede data protection law or labour law, etc, or contravene people’s basic human rights when monitoring them) have whatever tools they like if they are within budget. I can just imagine what my clients would think if I as an external would start installing cameras, GPS trackers on company vehicles, doing spot checks for alcohol, lifestyle checks on managers, and all the other things that internals can do. And yet if you take the standards literally I have to do a job not far off that of a policeman as an external auditor.

All we are usually given as external auditors is a couple of generic questionnaires which we try to go through with the client’s management adapting it to the specifics of their business, then we have the duty and hopefully also the ability to map out and analyse the systems of the client, including the controls and to perform walk-through tests and seek to identify key controls. The way an external auditor assesses a key control and the way an internal auditor assesses a key control are also different in a number of ways, and how we define a key control for our respective purposes differs, and then the timing and frequency of checks on that control will differ. Many people who have worked only in external audit won’t know how or why they differ and therefore their ability to get the best from internal if it is even there will be in many cases limited.

Actually most of the fraud questionnaires in use are a good start because they are based in fact on the fraud triangle originally talked about by notable criminologist Donald Cressey back in the 1960s and 70s. This is the triangle of means, motivation and rationalisation or self-justification. It is based on the idea that if a person hasn’t got the opportunity to get around the system, doesn’t really need to and thinks it would be wrong to, then the chances of that person committing fraud are extremely remote. If on the other hand a person thinks that they know how to get away with it, need the money and also think they deserve to do it, then the fraudulent activity by that person is virtually certain. Various permutations of this give varying degrees of likelihood of fraud. The questions in fraud questionnaires would be good at helping to build a “fraud triangle” exercise in a given context, but only as long as the person doing it knows what they are doing both in theory and in practice. Often it is given to quite junior people to carry out and also very often in assessing audits I have seen that the answers don’t necessarily carry through to specific tests relevant to those answers, but instead increase general risk meaning that there is a likelihood that the sample sizes for other detailed substantive tests (by the way the weakest set of tests for detecting fraud) will be higher. And sometimes you are lucky to even get that much of a response.

Externals go on to make their control tests if they do recognise a key control (and on a worldwide scale I would hazard a guess that tests of controls are still done on only a small minority of audits, with most defaulting to the substantive route based really on lack of time or confidence with control work by the external audit team) and also the other big weapon they have in the arsenal is substantive analytical review. But SAR is only as good as the in-depth knowledge of the branch or business, so externals – especially those which are not branch specific as some Big Four externals are – don’t really have the sector knowledge that the internal audit team have and so their chance of noticing something that doesn’t stack up as they go through their analyses of ratios, or building of expectations and confronting to reality is not as good as that of the internal in many cases.

And then auditors finish every section by mopping up whatever needed assurance they could not derive from the earlier procedures by other substantive procedures based if done properly on a statistical sample, which is designed to get them from the assurance they got from less time-consuming procedures through to within their tolerable error (a function of risk and materiality from their perspective, which again differs from the internal auditor’s perspective which may not even be couched in money figures but in non-monetary terms). However the chances of getting at fraud looking through sampled accounting documents is miniscule, and here many external auditors do the bulk of their work.

So naturally if there is an internal audit team, an enlightened external auditor should be ver anxious to understand how they decided their work plan, what they did, and how many key controls have been checked thoroughly and how many risks are still open. If they want to give the organisation real value for money they will design tests that supplement, rather than duplicate the work of internal auditors.

Internal auditors will encourage this – they too will want to see that the organisation’s budget for external audit work goes on procedures that help to improve the risk heat map and the overall picture for the organisation. This call only be done when each side understands the other and “speaks their language”. Many internals have worked as external but not many are continually doing both types and therefore able to think through an assurance issue from both perspectives.

Polish Radio Appearance by David J. James discussing Post-Balance-Sheet events.




Plaxo as a personal CRM business tool

In these days of below-the-line marketing, everyone should have a personal social-media CRM independently to whatever CRM they have in their office. This reflects the blurring of the work and play areas of life which is one of the recognised aspects of Generations Y and Z, as well as a very natural result of the interactive technology most of our readers will be native to and working in every day of their lives.

Plaxo (www.plaxo.com) is an address book synchronising and back-up tool which has a number of interesting features such as the ability to access your contacts from the net, to import and export as CSV files, to send greetings cards to check duplicates and synchronise in a limited way with google applications, facebook and other social media.

The interface seems to offer a lot of benefits and certainly the ability to send greetings cards is a useful one. There are, however a whole series of issues and bugs and incomplete aspects to Plaxo which means that it can easily be superseded as the personal CRM of choice by any app maker able to sort out these issues more efficiently.

1) There’s no official Plaxo app on Android phones and so the synchronisation goes via Google Apps and is clunky. Whenever codeword security runs out, it seems to stop synchronising. Also the synchronising doesn’t seem to work well all the time and in my case telephone numbers have been moved from one person to another, which is very troublesome.

2) There are not really enough greetings cards and they are in too few languages.

3) Intelligent updating from the web of what our contacts are doing seems not to be working half the time. Occasionally the robot makes a half-hearted attempt to find and update people, but nowhere near what you’d expect for the annual fee.

4) Above about 3000 contacts and the site works slowly. It is unable to offer you a print out of the whole database at that size.

5) It often loses the pictures it has imported from facebook and doesn’t seem to be able to import any at all from Linked In. It cannot update calendars directly to Android, again only via Google apps.

6) It doesn’t deal properly with any scripts beyond basic Latin script, so it mangles names written even with Polish or Czech letters, leave alone Cyrillics or Chinese names.

7) The folders are a clunky interface, but even when you have done the work of putting contacts into the appropriate folders, they don’t carry through to the greetings cards area, so you cannot, for instance, make a folder of people who would receive, let’s say, and Eidh card or a more/less traditional Hannukah card and then easily access that folder from the greetings card area. Also send outs of more than about 200 cards per time tend to fail and need all that work to be done again.

These are my main Plaxo gripes. I am airing them in the hope that Plaxo will finally get their act together and repair their product before their remaining users find another app on the market among the choice which seems to be growing every day that does all the things that Plaxo is expected to do, but still fails to deliver.





International Audit and Assurance Stands Board issues new Consultation Paper on Audit Quality

The pdf is here

iaasb audit quality framework consultation paper

If anyone wants to use this smaller audience to knock about some ideas about the content of this document informally, you’re very welcome to add comments here.

Quoracy readers’ poll on mobile phone interfaces

Out of interest, what is your preferred choice of phone operating system? This is purely for the sake of providing a barometer or benchmark for fellow subscribers. We have no association with any particular platform.

Thanks for your vote! Please freely add your comments and experience as comments to this article.

I come to bury mind-mapping, not to praise it.

Mind Mapping
Mind Mapping (Photo credit: sirwiseowl)

Tim Brown recently wrote the following small article on Linked In updates, which I found by clicking a link telling me to stop using words to describe things:

Make it Visual

Some things are hard to describe in words. In fact, many things are hard to describe in words. Try describing in detail the bedroom you spent your childhood in. My guess is that you will have a hard time describing it well enough for someone else to recreate it. The same is true for new ideas. Words may be a start, but they often lack the precision and clarity required to describe a new idea to someone else. Photos, sketches, and data visualizations can make complex ideas easier to understand and share. That’s why portfolios beat résumés, and young designers are still encouraged to carry a sketchbook.

This week, try recording your observations and ideas visually, even if just as a rough sketch in a notebook or a picture on your camera phone. If you think you can’t draw, too bad. Do it anyway.

Mind mapping can be an excellent way to get visual about abstract ideas. For example, check out the design thinking mind map used in Change By Design, which you also can see in my recent post, “Start Designing Your Life.

There were nearly two hundred likes on this and a discussion had kicked off which seemed fairly one-sided, with 42 people all agreeing with this premise in one form or another. Oddly they had all used words to express this agreement and not one picture could be seen.

I had to add the contrary view, and did so as follows:

I respectfully disagree with some of the premises in this article. We think with language – I defy anyone to frame a conceptual thought without it – and human language, at least the ones I know, bases on words.

I have looked at Mind Mapping and some of the other inventions of Tony Buzan, I have read several of his books and remain skeptical as to the practical use of them. As far as mind mapping is concerned, its main use in my opinion is to give people of an artistic bent an excuse for doodling in meetings, and at least some direction to the doodling they’d probably be doing anyway.

A tabular approach wins out every time – the human brain loves tables and rectangular things. That’s why we live in rectangular rooms in rectangular buildings with rectangular furniture. Placing any problem into a table immediately highlights areas which are uncovered, and ensures deeper and more consistent thinking on any topic. Even “out of the box” thinking is only possible if you’ve defined a box. None of this happens with mind-maps, which ensure a very subjective and random summary of any topic.

I thought it was worth taking a contrary position and maybe getting some thought and discussion going, so please don’t be offended at my detraction from your premise, which is certainly not intended in an agressive spirit.

I thought we could find out whether the mind-mapping is actually popular among the people who follow or at least stumble upon this service, so please take part in the following poll: