Main Menu
  • Filter:
image
Blog

Cyber SOC – What Board Members Need to Know

The AICPA has issued its much awaited standard on cyber security. The new guidance, referred to as the “Cyber SOC,” allows CPA’s to audit a company’s cyber security. In the...

image
Blog

President Trump's Cybersecurity Executive Order: What You Need to Know

Last weekend’s global cyber-attack shocked a lot of us due to its size, scope and impact. As news broke of the attack around the globe, each story was more concerning...

image
Blog

Breaking Bank: Episode 1

I don’t know about you, but I’ve read a lot of content-filled, factually intense cybersecurity articles over the past few months. I’ve read so many that I begin hearing similar...

image
Blog

SOC for Cybersecurity: What Does this Mean for Your Business?

The American Institute of Certified Public Accountants (AICPA) finalized the guidance for Systems and Organization Controls (SOC) for Cybersecurity reporting this week. This guidance gives organizations guidelines on how to...

image
Blog

Teamwork Makes the Dream Work

I grew up in Birmingham, Alabama and throughout my childhood I played a lot of sports. I played anything from basketball, to soccer, to pickup games of kickball and baseball...

image
Blog

SSAE 18 and Your Company's SOC 1 Audit

For the purposes of this article, we’ll be entirely focused on SOC 1. Look for future blogs related to the impact of SSAE 18 on your SOC 2 and 3...

image
Blog

Audit Risk in Penetration Tests: What You Should Know

Cyber risk is prevalent in almost every business today. Any business which has a web page, keeps information online, or uses the cloud is at risk for a cyber breach....

image
Blog

R.I.P. VCRs: Lessons in Disruption for the Audit Industry

I was shocked to learn the last VCR rolled off the assembly line in July 2016. I remember my family buying our first VCR – the magic of being able...

image
Blog

Vendor Management: Ignore at Your Own Risk

In this busy, ever changing business world, management has so many things to worry about that some key business responsibilities often get overlooked. One key area that is front and...

image
Blog

FFIEC Cybersecurity Assessment Tool Frequently Asked Questions

This past month the FFIEC issued a statement to provide clarification on several questions the FFIEC recieved for the Cybersecurity Assessment Tool (CAT). Since the release of the CAT and...

image
Blog

GAO Audit: Can We Learn From Their Mistakes

The old saying “if it ain't broke, don’t fix it” immediately came to mind as I began to look at the audit report from the Government Accountability Office regarding Federal Agency...

image
Blog

Under the Surface Cyber Risk

Part of my role as a Cyber Risk Analyst is to help companies think through their cybersecurity threats. Like most threats, they lie under the surface and most of the time remain unseen...

image
Blog

Where is Your Data? Why Performing a Data Inventory is Integral for Companies in this Digital Age

There’s no denying that the days of printed documents are a distant speck in the rearview. Industries are becoming much more reliant on automated systems and processes versus the manual...

image
Blog

AICPA Exposes Guidance for Cybersecurity Risk Management Examinations

The American Institute of Certified Public Accountants (AICPA) recently released two exposure drafts on criteria for cybersecurity. The first Proposed Description Criteria for Management's Description of an Entity's Cybersecurity Risk...

image
Blog

Alphabet Soup: Understanding the Qualifications of Risk Management Professionals

You’ve just gotten an email from a potential vendor looking to make a connection. In their signature, following their name is a list of five abbreviations, all intended to make...

image
Blog

How InTREx Changes Audits

On June 30th, 2016, the FDIC announced that the Information Technology Risk Examination (InTREx) Program would be replacing the existing Information Technology Risk Management Program (IT-RMP) effective July 1st, 2016....

image
Blog

4 Tips for Password Management

With the recent high-profile social media account hacks, it has become apparent that password management is a challenge for users that has not been adequately addressed. After all, if the...

image
Blog

Key Takeaways From the FFIEC Joint Statement on Cybersecurity

This past week the FFIEC issued a statement advising financial institutions to actively manage the risks associated with interbank messaging and wholesale payment networks. The FFIEC warned financial institutions to...

image
Infographic

Data is the New Currency

It’s not if a breach will occur, it’s when.  Where should you look for vulnerabilities?  What should you do?