Article

Cut Through Compliance Complexity with Consolidated Objectives

2023 has been a rough year, with large tech companies worldwide hit by huge fines for violating the EU General Data Protection Regulation (GDPR) and other compliance violations as well. Busi ...
November 27, 2023
Article

6 Steps to Create an Effective User Access Review Program

Taking regular inventories of your users and their needs helps keep information, and your company, safe and secure. In discussing user access Deloitte’s David Mapgaonkar notes: “Human ...
October 31, 2023
Article

Inherent Risk vs. Control Risk: What’s the Difference?

Inherent risk and control risk are two of the three parts of the audit risk model, which auditors use to determine the overall risk of an audit. Inherent risk is the initial risk related to ...
October 31, 2023
Article

Third Party Vendor Management Audit Program

Large organizations now depend on vendors and service providers to survive. They need those third parties to provide everything from critical components and goods to critical services, such ...
September 9, 2023
Article

Continuous Auditing vs. Continuous Monitoring

Steering a company through the maze of regulatory compliance obligations that all organizations of any appreciable size face a maze of regulatory compliance obligations, and getting through ...
September 1, 2023
Article

What is the CISO’s Role in Risk Management?

The chief information security officer (CISO) is a relatively new type of C-level executive. As cyber threats have grown in recent years, to the point that poor cybersecurity can jeopardize ...
April 5, 2023
Article

Key Steps to Manage Operational Risk

As the repercussions of the Covid-19 pandemic linger, many organizations are still concerned about the pandemic's long-term effect on business operations, continuity, and service delivery. ...
March 23, 2023
Article

Automating NIST Cybersecurity Framework Control Info

Automating the National Institute of Standards and Technology (NIST) Cybersecurity Framework control documentation and processes is one way to help build a strong cybersecurity foundation. T ...
January 30, 2023
1 2 3 25