Article
Cut Through Compliance Complexity with Consolidated Objectives
2023 has been a rough year, with large tech companies worldwide hit by huge fines for violating the EU General Data Protection Regulation (GDPR) and other compliance violations as well. Busi ...
November 27, 2023
Article
6 Steps to Create an Effective User Access Review Program
Taking regular inventories of your users and their needs helps keep information, and your company, safe and secure. In discussing user access Deloitte’s David Mapgaonkar notes:
“Human ...
October 31, 2023
Article
Inherent Risk vs. Control Risk: What’s the Difference?
Inherent risk and control risk are two of the three parts of the audit risk model, which auditors use to determine the overall risk of an audit. Inherent risk is the initial risk related to ...
October 31, 2023
Article
Third Party Vendor Management Audit Program
Large organizations now depend on vendors and service providers to survive. They need those third parties to provide everything from critical components and goods to critical services, such ...
September 9, 2023
Article
Continuous Auditing vs. Continuous Monitoring
Steering a company through the maze of regulatory compliance obligations that all organizations of any appreciable size face a maze of regulatory compliance obligations, and getting through ...
September 1, 2023
Article
What is the CISO’s Role in Risk Management?
The chief information security officer (CISO) is a relatively new type of C-level executive. As cyber threats have grown in recent years, to the point that poor cybersecurity can jeopardize ...
April 5, 2023
Article
Key Steps to Manage Operational Risk
As the repercussions of the Covid-19 pandemic linger, many organizations are still concerned about the pandemic's long-term effect on business operations, continuity, and service delivery.
...
March 23, 2023
Article
Automating NIST Cybersecurity Framework Control Info
Automating the National Institute of Standards and Technology (NIST) Cybersecurity Framework control documentation and processes is one way to help build a strong cybersecurity foundation. T ...
January 30, 2023