Build your strategy in 5 minutes!Get Started

Interview with Norman Marks

by | May 13, 2021 | Interviews,

Norman Marks

Norman Marks

Author, Blogger & Thought Leader

Key Topics:Risk Management, Internal Audit, Governance, GRC, The Power of Information
Location:San Jose, California
Norman Marks, CPA, CRMA is a retired senior executive. He works with individuals and organisations around the world, advising them on risk management, internal audit, corporate governance, enterprise performance, and the value of information.
Norman was the chief audit executive of major global corporations for twenty years and is a globally-recognised thought leader in the professions of internal auditing and risk management. In addition, he served as chief risk officer, compliance officer, and ethics officer, and led what would now be called the IT governance function (information security, contingency planning, methodologies, standards, etc.) He managed the Sarbanes-Oxley Section 404 (SOX) programs and investigation units at several companies.
He is the author of these books:
• Risk Management for Success (2020) • Auditing that Matters: Case Studies and Auditing that Matters: Case Studies Discussion Guide (2019)
• Is your Internal Audit World-Class? A Maturity Model for Internal Audit (2019)
• Making Business Sense of Technology Risk (2019)
• Risk Management in Plain English: A Guide for Executives: Enabling Success through Intelligent and Informed Risk-Taking (2018)
• World-Class Risk Management (2015)
• World-Class Risk Management for Nonprofits (with Melanie L. Herman) (2017)
• Auditing that Matters (2016)
• The Institute of Internal Auditors’ Management’s Guide to Sarbanes-Oxley Section 404: Maximize Value Within Your Organization (4th edition, 2017)
• World-Class Internal Audit: Tales from my Journey (2014)
• How Good is your GRC? Twelve Questions to Guide Executives, Boards, and Practitioners (2014)
Norman is a retired member of the review boards of several audit and risk management publications (including the magazines of ISACA and the IIA), a frequent speaker internationally, the author of multiple award-winning articles (receiving the IIA’s Thurston award in 2004 and 2014), and a prolific blogger.
Norman was profiled by the magazines of the AICPA and the IIA as an innovative and successful internal auditing leader. He has also been honoured as a Fellow of the Open Compliance and Ethics Group for his GRC thought leadership, and as an Honorary Fellow of the Institute of Risk Management for his contributions to risk management. In 2018, he was inducted into the IIA’s American Hall of Distinguished Practitioners.

How did you get to become an expert in your key topics?

After ten years in public accounting with what is now PwC, I moved into internal audit leadership positions with large and international companies. I left for five years for a vice president’s position in IT, before returning as the head of internal audit for the next two decades. I was very active with the Institute of Internal Auditors, serving on three international committees and several task forces. I wrote a number of methodologies for the IIA on Sarbanes-Oxley compliance and a book on that topic as well. I was invited to speak at IIA and other conferences and seminars, which became a frequent activity. While I was head of internal audit, I was asked to take on the role of chief risk officer, That led me to additional speaking engagements and writing further books that challenge traditional risk management thinking. I have been consulted and provided input on risk management standards and frameworks.

What sub-topics are you most passionate about?

Cyber risk is misunderstood as it is viewed in a silo, separate from the consideration of other sources of risk. In addition, most companies do far too much work for SOX and are unable to work effectively with the external auditors.

Who influences you within these topics?

Common sense and experience as a senior executive, taking a business rather than a specialist view.

What challenges are brands facing in this space?

Helping management lead for success, making informed and intelligent decisions.

What do you think the future holds in this space?

More and more people are embracing the positions I have been talking about and this is very refreshing. In time, risk management will transform and internal audit will be universally recognised as a tremendous source of value.

What brands are leading the way in this space?

I am working with a number of different organisations.

If a brand wanted to work with you, which activities would you be most interested in collaborating on?

I’d like to do podcasts, webinars, whitepapers, speaking opportunities, product reviews or video interviews, with the reservation that I need to retain my independence as a thought leader.

What are your passions outside of work?

I am an avid and expert bridge player and an enthusiastic qigong practitioner and healer.

What would be the best way for a brand to contact you?