Article
Inherent Risk vs. Control Risk: What’s the Difference?
Inherent risk and control risk are two of the three parts of the audit risk model, which auditors use to determine the overall risk of an audit. Inherent risk is the initial risk related to ...
April 30, 2024
Article
Choosing a Governance Risk and Compliance Tool: Constant Vigilance
Managing your Governance, Risk, and Compliance (GRC) needs is challenging. To succeed, a business is well advised to use a dedicated GRC tool; the right one allows you to stay aware of your ...
January 23, 2024
Article
Automating NIST Cybersecurity Framework Control Info
Automating the National Institute of Standards and Technology (NIST) Cybersecurity Framework control documentation and processes is one way to help build a strong cybersecurity foundation. T ...
January 23, 2024
Article
Key Steps To Becoming NIST Compliant
Companies seeking to obtain the elusive Department of Defense (DoD) contracts understand the need to meet Defense Federal Acquisition Regulation Supplement (DFARS) minimum cybersecurity stan ...
January 23, 2024
Article
Cut Through Compliance Complexity with Consolidated Objectives
2023 has been a rough year, with large tech companies worldwide hit by huge fines for violating the EU General Data Protection Regulation (GDPR) and other compliance violations as well. Busi ...
November 27, 2023
Article
6 Steps to Create an Effective User Access Review Program
Taking regular inventories of your users and their needs helps keep information, and your company, safe and secure. In discussing user access Deloitte’s David Mapgaonkar notes:
“Human ...
October 31, 2023
Article
Third Party Vendor Management Audit Program
Large organizations now depend on vendors and service providers to survive. They need those third parties to provide everything from critical components and goods to critical services, such ...
September 9, 2023
Article
Continuous Auditing vs. Continuous Monitoring
Steering a company through the maze of regulatory compliance obligations that all organizations of any appreciable size face a maze of regulatory compliance obligations, and getting through ...
September 1, 2023