Our Thoughts On

Sort by

Categories
Authors

Risk Advisory/Internal Audit

Articles 91 - 100 of 100

The 2016 ACFE Report on Occupational Fraud and Abuse

The Association of Certified Fraud Examiners (ACFE) recently published the 2016 Report to the Nations on Occupational Fraud and Abuse. This year’s

Number of Banks Eligible for Longer Exam Cycle Increases

On February 19, 2016, Federal bank regulators unveiled an interim final rule increasing the number of small banks and savings associations eligible for

Can Internal Audit be a Star Player in your Second Line of Defense?

In a sense, managing your company’s risk can be a lot like managing a professional sports team. There are budget restraints, shortage of players,

Efficiency in Reporting: SOC2 Plus HITRUST

HIPAA, ISO, and COBIT, oh my! Companies that create, access, store or exchange personal health and financial information are beginning to feel a never-ending

Register to receive our weekly newsletter with our most recent columns and insights.

Conquer Your Third-Party Risk

Vendors are a common element in today’s business environment. Outsourcing services and processes to vendors provides flexibility, convenience and

Understanding Procurement Cards Benefits and Pitfalls

As organizations look to gain a better handle on their procurement process, provide an additional level of control and help to either control or reduce

Middle States Commission on Higher Education Revised Compliance Verification Requirements - What's New?

In August 2014, we wrote an article regarding the Middle States Commission on Higher Education published guidelines participating in an accreditation-related

Preventing Cyberattacks and Data Breaches via Employee Awareness Training and Phishing Simulations

One of the findings in Verizon’s most recent Data Breach Report is that stolen credentials are the root cause of data breaches 80% of the time. The

Register to receive our weekly newsletter with our most recent columns and insights.

Do Companies that Handle Personal Health Information Require a Service Organization Control (SOC) Report?

The superficial answer is no. Companies that store, process or collect protected health information (PHI) electronically or in paper form are not required

New Year, New COSO

If you haven't already transitioned to the new COSO 2013 Framework, now is the time! Previously, guidance was somewhat vague, stating that the transition

Register to receive our weekly newsletter with our most recent columns and insights.