Auditing the legal process can help meet organizational



Similar documents
How to Assess Legal Risk Management Practices

The Path Ahead for Security Leaders

Work Breakdown Structure. Managing an Efficient Construction Workflow

4 Testing General and Automated Controls

Communicating Internal Control Related Matters Identified in an Audit

The Role of Defense Counsel on the Drug Court Team

Utica College. Information Security Plan

CONNECTING ACCESS GOVERNANCE AND PRIVILEGED ACCESS MANAGEMENT

Contract management's effect on in house counsel

VENDOR MANAGEMENT. General Overview

what your business needs to do about the new HIPAA rules

CONTRACTOR DEFAULT & SURETY PERFORMANCE:

Practice guide. quality assurance and IMProVeMeNt PrograM

Process Intelligence: An Exciting New Frontier for Business Intelligence

Internet Reputation Management Guidelines Building a Roadmap for Continued Success

INTERNATIONAL STANDARD ON AUDITING 330 THE AUDITOR S RESPONSES TO ASSESSED RISKS CONTENTS

WHO GLOBAL COMPETENCY MODEL

Leveraging a Maturity Model to Achieve Proactive Compliance

Application Security in the Software Development Lifecycle

Avoiding Theft in Your Nonprofit Ohio Attorney General Mike DeWine

How To Defend Yourself Against Cyber Attacks

MISSION STATEMENT OBJECTIVES IN ACCOMPLISHING OUR MISSION

Report No. D

The Supreme Court of South Carolina

CISM (Certified Information Security Manager) Document version:

Privilege Gone Wild: The State of Privileged Account Management in 2015

CODE OF ETHICS AND PROFESSIONAL CONDUCT

How To Choose and Use a Risk Management Consultant

Developing and Implementing a Strategy for Technology Deployment

GAO. INFORMATION SECURITY Persistent Weaknesses Highlight Need for Further Improvement

Table of Contents: Chapter 2 Internal Control

Texas Environmental, Health and Safety Audit Privilege Act

Cloud Computing: A Primer on Legal Issues, Including Privacy and Data Security Concerns. Privacy and Information Management Practice / Washington, DC

TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

Internet Reputation Management Guide. Building a Roadmap for Continued Success

THE AUDITOR S RESPONSES TO ASSESSED RISKS

AUDIT REPORT REPORT NUMBER Information Technology Professional Services Oracle Software March 25, 2014

PROJECT MANAGEMENT FRAMEWORK

Main Page Search August 25, 2010

SUMMARY OF POSITION ROLE/RESPONSIBILITIES:

Case 3:05-cv SRC-JJH Document 19-1 Filed 10/06/2005 Page 1 of 6

SSL Certificates: A Simple Solution to Website Security

UNIVERSAL INSURANCE HOLDINGS, INC. CODE OF BUSINESS CONDUCT AND ETHICS. Revised as of March 3, 2014

Foreign Corrupt Practices Act:

to counsel was violated because of the conflict of interest that existed with his prior attorney

Special Purpose Reports on the Effectiveness of Control Procedures

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF INTERCONTINENTAL EXCHANGE, INC.

The potential legal consequences of a personal data breach

LOCAL GOVERNMENT MANAGEMENT ASSESSMENT OVERVIEW AND QUESTIONNAIRE

ROLE OF ATTORNEYS IN MEDIATION PROCESS

PERFORMANCE MEASUREMENT TOOLS IN BUSINESS PROCESS MANAGEMENT A CONTEMPORARY APPROACH

Business Case. for an. Information Security Awareness Program

SELECT SERVICES FLAT FEE REPRESENTATION AGREEMENT page 1 of 8

CODE OF BUSINESS CONDUCT AND ETHICS

This policy applies to UNTHSC employees, volunteers, contractors and agents.

Internal Control Systems and Maintenance of Accounting and Other Records for Interactive Gaming & Interactive Wagering Corporations (IGIWC)

CREDIT CARD FRAUD PREVENTION IN NONPROFITS

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

Section 10. Compliance

Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained

CORPORATE COMPLIANCE PROGRAM

Privilege Gone Wild: The State of Privileged Account Management in 2015

Standard: Information Security Incident Management

The New Role of Hospital Boards in the Face of Increased Compliance Risks NCHA Trustee Institute

risk management & crisis response Building a Proactive Risk Management Program

Computer Forensics as an Integral Component of the Information Security Enterprise

CONTRACT FOR LEGAL SERVICES

NAPD Formal Ethics Opinion 14-1

REVIEW OF MEDICARE CONTRACTOR INFORMATION SECURITY PROGRAM EVALUATIONS FOR FISCAL YEAR 2013

The Upside of Risk: Enterprise Risk Management and Public Real Estate Companies

ASSURANCE OF DISCONTINUANCE. The Office of the Attorney General of the State of New York (sometimes referred to as

Key Considerations for Information Technology Governance. 900 Monroe NW Grand Rapids, MI (616)

Seattle Municipal Court

MISSION VALUES. The guide has been printed by:

United States Court of Appeals

Transcription:

James Scott Fargason (C) 2009 The Institute of Internal Auditors Research Foundation Introduction Auditing the legal process can help meet organizational goals of improving legal outcomes, while using less organizational resources. There is ample opportunity for auditors to dramatically improve the efficiency and effectiveness of both in-house and external legal counsel. Auditing legal counsel is one way to help reduce waste associated with legal representation. Accordingly, auditors should audit legal counsel periodically to find ways to enhance the value of legal representation. The objectives of auditing legal counsel may vary from organization to organization. However, there are several key objectives the auditor should consider, including evaluating whether all or part of the legal process should be completely restructured, and to what extent the efficiency and effectiveness can be improved. These concepts are discussed in more detail as follows: Restructuring the legal department: During the course of performing these audit steps, the auditor may discover the following audit findings: (1) the organization does not have articulated goals and objectives for legal services; (2) the legal department does not have its own established goals and objectives; (3) the goals and objectives of the legal department are not congruent with those of the organization; and/ 1

or (4) the organization has failed to adequately advise the legal department of the overall corporate goals and expectations of the department. The auditor should report those findings to executive management who can ensure corrective action. Increase the efficiency and effectiveness of the legal process: Legal counsel costs and expenses can be excessive. Additionally, legal counsel can waste considerable time and money, and may lead the organization down paths that deviate from corporate goals and objectives. Auditors should examine the broad goals and objectives of the legal department and compare them against those of the organization. During the course of this review, the auditors should note deficiencies and recommend corrective action. There are fundamental questions that the auditor should ask when conducting the initial assessment of legal counsel. Some of those questions can be found in the following audit checklist: Audit Checklist Do internal and external counsel departments and firms have well-written and articulated goals and objectives? Does the organization have well-written communicated goals and objectives, especially with respect to legal representation? Are the articulated goals and objectives of legal counsel congruent with those of the organization? 2

Introduction Are legal counsel practices congruent with organizational goals and objectives? Are differences documented and corrective action taken? The mission statement, goals, and objectives of legal counsel should be in place and functioning to ensure the organization and the lawyers representing the organization share a common vision and are working toward a common goal of decreasing legal expenses and costs, while improving the outcomes of legal representation. This goal applies to internal as well as external legal counsel. Legal costs can be excessive and unauthorized. Lawyers may engage in material inaccurate billing, including excessive time and expenses. Many legal costs and expenses can be substantially mitigated by using creative methods for billing. For example, the client may insist that its lawyers bill by the product or service rather than by the hour. Such techniques can lead to a higher degree of cost containment. Additionally, having predetermined billing units can correspondingly lead to more accurate figures for budgeted and actual legal fees. Auditors should consider the following questions: Audit Checklist Does the organization clearly communicate to legal counsel what charges are authorized and unauthorized? Does legal counsel clearly and adequately document charges? Are attorney billings in compliance with organizational standards? 3

The Test of Controls One of the best lines of defense against inefficient and ineffective legal counsel is a strong system of internal controls. The controls an organization can implement are numerous, including the use of a litigation committee and the implementation of billing guidelines. Other controls include the practice of bidding out legal services and periodically rotating the use of legal firms to ensure efficient and effective representation. Key Notes Good to Know! Many organizations severely undercontrol legal counsel. Failure to adequately control the legal process may be due to a lack of understanding how it functions or the belief that the legal process cannot be controlled. In many cases, the legal process is perceived as more mysterious than other operations within the business. Auditors and management should confidently view the legal function as most other staff functions designed to help the organization achieve desired goals and objectives. The legal process is ripe for a well-designed series of controls and constraints to which legal counsel should be compelled to adhere. A more detailed analysis of internal controls the organization should consider is outlined later in this book. 4

Introduction Substantive Tests The audit of legal counsel should include a series of substantive tests. This book reviews some of those tests, including tests of transactions and balances. It is important for the auditor to coordinate control testing with substantive testing to reduce the amount of time spent on the audit. A review of legal audits indicates that many auditors spend too much time on substantive testing, when more effort should be allocated to tests of controls. While substantive testing is important, it should not dwarf the importance of testing and recommending the implementation of a strong internal control structure. Whether company lawyers are engaged in excessive billing practices is an important substantive test. However, in many audits of legal counsel, this test is often a primary focus of the audit. In the author s opinion, catching the lawyer in excessive billing practices should be an ancillary concern, but not the audit s primary focus. It is the author s opinion that excessive billings are symptoms of greater underlying problems in the internal control structure. Thus, it is recommended that the audit team concentrate on broader objectives, including, but not limited to, improving the internal control structure. During the course of substantive testing, the auditor may encounter over-billing or unauthorized billing. Excessive and abusive billing practices are possible grounds for terminating legal representation, disbarring a lawyer, and prosecuting a lawyer for theft. Auditors too often atrophy when such findings are discovered. The auditors and management should not equivocate. 5

The Audit Report The auditor and the audit team are hereby warned that the audit report on legal counsel can be a source of legal liability for the auditors performing the audit. The key is to write an effective report that does not expose the auditors to legal liability. Lawyers who are criticized during the course of the audit are apt to take an adversarial position and possibly file a claim against the auditors. Auditors must take care to write a report that is not defamatory and does not constitute a breach of contract or tortuous act against the lawyers under review. This can be achieved by taking a few fundamental steps when writing the audit report. Audit Checklist Attack the process and the practice, not the lawyer. Reported findings should focus on deviations from clearly established standards. Never name a lawyer or law firm in the audit report. This is not necessary. Give the lawyer sufficient time to read and respond to the audit report before finalizing and distributing the report. Auditors can expect a variety of obstacles before, during, and after auditing the legal process. From the outset, auditors may be precluded from auditing legal counsel based on a variety of oppositions. However, the author is not aware of a legitimate reason for not allowing an audit of legal counsel. 6

Introduction Even organizations such as sensitive governmental intelligence (e.g., the FBI) should encourage audits to ensure that the work of legal counsel is performed in the best interest of the organization. Auditors should ensure the audit is conducted in a timely and professional manner. Key Notes Good to Know! The audit department may take even a limited approach to auditing legal counsel and still provide basic recommendations that can have a dramatic effect on how legal resources are used and measured. During the course of auditing legal counsel, some of the steps the auditor may want to consider include: Obtain copies of the legal department s mission statement. Procure copies of the goals and objectives of the legal department. Compare/contrast institutional goals and objectives with those of the legal department. Obtain copies of the legal department budget and review the information for reasonableness. Compare actual performance with budgeted performance. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information