In the business world, an auditor should rightly be seen as part of your risk management process. You want to make sure your books are in order and nothing has slipped under the radar - that's what the auditor is paid to do. But what if the auditor stuffs it up? It's an interesting question arising from a US report released last week into the Lehman Brothers collapse.

Examiner Anton Valukas was appointed by the court of enquiry to look into the causes of the collapse and his findings reportedly slam the company's auditors, claiming they were negligent "for among other things its failure to question and challenge improper or inadequate disclosure in those financial statements."

The auditors are not the only ones criticised in Valukas' report - Lehman's company executives and competitors also received a mention for their role in the biggest bankruptcy in US history.

It will certainly be interesting to see how the fall-out of the Lehman collapse will impact future risk analysis and management in the US banking and financial services sector and how risk controls are monitored and verified across other industries.

Regardless of this enquiry it is good practice to have regular internal and external assurance processes that check your company's performance and effectiveness in minimizing risks.