Audit Board

NOVEMBER 1, 2023

IT risk assessments can be a great way to gain insight into your organization’s IT environment, risks, and controls. Not only do IT risk assessments provide a comprehensive view of an organization’s security risk posture, but they also offer insights into the identification and prioritization of evolving threats.

Compliance 52

Compliance Technology Dividends Start-ups 52

Audit Board

SEPTEMBER 29, 2023

In today’s data-driven business environment, ineffective cyber risk management can pose a serious threat to achieving strategic business objectives. According to PwC ’s 2023 CEO Survey, cyber risk ranks among the top three areas where insurance CEOs feel most financially exposed , in addition to inflation and economic volatility.

Compliance 52

Compliance Technology Finance Marketability 52

Audit Board

OCTOBER 26, 2023

In an era where cyber threats are omnipresent, businesses and individuals are investing heavily in cybersecurity insurance to safeguard against potential financial losses. However, cybersecurity insurance policies are not a foolproof method for transferring risk. What Is Cybersecurity Insurance?

Compliance 52

Compliance 52

Audit Board

OCTOBER 30, 2023

Today’s business and IT leaders face unprecedented challenges in understanding and quantifying IT risk. How resilient is your organization’s IT risk management (ITRM) program? Are stakeholders across the business getting the information needed to identify, quantify, and respond to the risks that matter for their roles?

Compliance 52

Compliance Technology 52

Internal Audit 360

OCTOBER 11, 2022

GUEST BLOG. The first time I heard it came when I was an internal audit manager for a financial institution. We might not have been experts in running HR, but we were experts in processes, risks, and controls. He was a former manager of trading operations and now specialized in consulting and performing such audits or reviews.

Compliance 98

Compliance Marketability 98

Sun Acquisitions

MARCH 20, 2024

Advanced software can identify potential risks and opportunities more accurately, helping M&A professionals make more informed decisions. This technology simplifies document management, accelerates the due diligence process, and improves data security. Technology is undeniably transforming the landscape of mergers and acquisitions.

Technology 59

Technology Compliance Marketability 59

Audit Board

JUNE 30, 2023

83% of executives only identified third-party risks after initial onboarding had already occurred. While the third-party risk universe has expanded dramatically, risk management hasn’t kept up. Today’s volatile risk landscape requires us to look beyond third-party vendors to include their vendors and beyond.

Compliance 52

Compliance 52

Audit Board

JUNE 30, 2023

83% of executives only identified third-party risks after initial onboarding had already occurred. While the third-party risk universe has expanded dramatically, risk management hasn’t kept up. Today’s volatile risk landscape requires us to look beyond third-party vendors to include their vendors and beyond.

Compliance 52

Compliance 52

ThomsonReuters

JUNE 23, 2022

Security Risk Assessment Tool; Security Risk Assessment Tool v3.3 HHS’s Office of the National Coordinator for Health Information Technology, in collaboration with its Office for Civil Rights, has announced an updated version of the interactive Security Risk Assessment (SRA) Tool. User Guide (May 5, 2022). User Guide.

Compliance 98

Compliance Technology 98

Audit Board

SEPTEMBER 28, 2023

Since 2016, the European Confederation of Institutes of Internal Auditing’s (ECIIA’s) annual Risk in Focus report has sought to help Chief Audit Executives (CAEs) understand how their peers view today’s risk landscape as they prepare their forthcoming audit plans for the year ahead.

Marketability 52

Marketability Market Risk Technology 52

Audit Board

DECEMBER 25, 2022

With increased regulatory scrutiny on cybersecurity, third-party exposure, and Environmental, Social, and Governance (ESG), compliance risk was a major concern for organizations in the past year. In 2022, AuditBoard hosted 40 audit, risk, and compliance webinars that attracted over 40,000 attendees.

Compliance 52

Compliance Start-ups Technology Equity 52

Internal Audit 360

JANUARY 16, 2024

To identify and neutralize these vulnerabilities, we must turn our reconnaissance to the five most prevalent cybersecurity failures. Encourage the use of password managers and implement multi-factor authentication (MFA) to add an extra layer of security.

59

59

Audit Board

OCTOBER 12, 2023

Many leading organizations have embraced cyber risk quantification to understand the financial impact of a cyber risk event. Myth 1: Cyber risk quantification is too complex. Cyber risk quantification can be complex, but several tools and resources are available to make it more accessible to organizations of all sizes.

52

52

Audit Board

JULY 25, 2022

Every business faces cyber risk. Ineffective cyber risk management increases a business’s susceptibility to cyber breaches that bring heavy financial costs, regulatory fines, operational disruption, and reputational damage. Three Ways to Effectively Manage Cyber Risk and Reduce Cyber Liability Insurance Costs .

Compliance 52

Compliance Technology Finance 52

Audit Board

OCTOBER 12, 2023

That number is expected to skyrocket in a short amount of time–and TPRM risk initiatives aren’t keeping pace. Download the full guide here , and continue reading below for actionable strategies to help your company stay ahead of third-party risks looming on the horizon and beyond. cybersecurity and climate disclosure requirements).

Technology 52

Technology Compliance Banking 52

Audit Board

MARCH 15, 2022

Supply chain disruption is one of the most visible risks impacting many organizations. Gartner’s 2022 Audit Plan Hot Spots report calls out the supply chain as a top 10 risk that should be on every auditor’s radar. Five Supply Chain Risks to Include in Your Assessment. Reputational Risk. Cybersecurity Risk.

Compliance 98

Compliance Start-ups 98

Audit Board

SEPTEMBER 14, 2023

The importance of robust vendor risk management, or “VRM”, practices has been illustrated by a number of cyberattacks and data breaches that have originated from vendors and gone on to significantly impact the organizations using their services. What is Vendor Risk?

Compliance 52

Compliance Start-ups Accounting Firms Technology 52

Audit Board

AUGUST 1, 2023

The SEC recently adopted their proposed rules, including those regarding Cybersecurity Risk Management on July 26, 2023. The stakes and expectations of an organization’s IT Risk Management capabilities have never been higher – and as we all know, the dollar impacts are real.

Technology 52

Technology Start-ups Compliance Marketability 52

Audit Board

OCTOBER 12, 2022

The fundamental question is: Are companies treating security and risk appropriately, and are they good corporate stewards of the data that they use or store on behalf of their customers? SEC Cybersecurity Proposed Requirements: Faster, More Detailed, and More Frequent Disclosures for Increased Transparency.

Compliance 52

Compliance Start-ups 52

Internal Audit 360

OCTOBER 11, 2022

GUEST BLOG. The first time I heard it came when I was an internal audit manager for a financial institution. We might not have been experts in running HR, but we were experts in processes, risks, and controls. He was a former manager of trading operations and now specialized in consulting and performing such audits or reviews.

Compliance 52

Compliance Marketability 52

Audit Board

FEBRUARY 6, 2023

How risk aware is your organization? Without risk awareness and communication, organizations can so easily fall into a false sense of security. Often, what is communicated at the board-level in the form of an enterprise risk management plan, is not rooted in what risks are emanating from lower levels in the organization.

Compliance 52

Compliance Start-ups Technology 52

ThomsonReuters

JUNE 8, 2023

The investigation indicated that the business associate disclosed more than 230,000 individuals’ ePHI, failed to enter into a business associate agreement with a subcontractor, and did not conduct a security risk analysis or implement a management plan to determine and address vulnerabilities of ePHI across the organization.

Compliance 52

Compliance 52

Audit Board

JUNE 1, 2022

FutureRisk spotlights emerging risk areas and unique approaches to risk treatment with risk leaders from the world’s most prominent organizations. Where are organizations placing their bets around future risk. Where to look for big risks that may be looming on the horizon?

Compliance 52

Compliance Technology 52

Audit Board

MARCH 29, 2023

In a constantly shifting risk landscape, risk management leaders need to regularly reassess the priority of the risks impacting their organization. Reprioritizing requires awareness of the risks already present, emergent risks on the horizon, and risk intersections that lead to unexpected impacts.

Technology 52

Technology Compliance Finance 52

Audit Board

NOVEMBER 16, 2023

Today’s organizations face a risk environment best described as permacrisis, a new term to define our “extended period of instability and insecurity.” In permacrisis, risk is growing, accelerating, and evolving, becoming more interconnected and complex — but organizational capacity to manage risk isn’t keeping up.

Technology 52

Technology Compliance 52

Audit Board

JULY 19, 2023

Nine out of ten organizations are maintaining or increasing technology investments across all risk objectives. However, as investment in digital transformation proliferates, so does digital risk. Approximately 1 in 5 organizations (21%) are not managing and monitoring third-party digital risk.

Compliance 52

Compliance Technology 52

Audit Board

MAY 24, 2022

Through both audits and best practice guidance, the Department of Labor (DOL) is encouraging businesses that sponsor retirement plans to pay attention to managing cybersecurity risk. Cybersecurity best practices related to employee benefit plans for plan sponsors, plan service providers, and plan participants.

Start-ups 52

Start-ups Marketability 52

Audit Board

MARCH 9, 2023

Surviving today’s chaotic risk environment demands that companies find new ways to get ahead of risk. Business leaders need to be more effective in identifying, understanding, and measuring the risks and risk priorities most relevant to their businesses, enabling them to make better, more risk-informed decisions.

Technology 52

Technology Compliance Marketability 52

Audit Board

AUGUST 16, 2023

Effective risk management takes a proactive and preventative stance to risk, aiming to identify and then determine the appropriate response to the business and facilitate better decision-making. What Are Risks? Nevertheless, we choose to take on those risks, and may benefit from doing so.

Start-ups 52

Start-ups Compliance Technology Specific Risk 52

Audit Board

AUGUST 8, 2023

Enterprise risk management is a methodology of risk management, taking a top-down approach to the risk management process, and taking into account the organization and senior management’s business objectives and strategic objectives.

Compliance 52

Compliance Start-ups Technology Marketability 52

Audit Board

APRIL 13, 2023

Facing a constantly expanding risk spectrum, today’s business leaders are prioritizing efforts to improve and connect risk management efforts. Measures of business success are evolving beyond financial performance, combining the quantitative and qualitative to more holistically explain risk and value creation over time.

Compliance 52

Compliance Start-ups Technology Specific Risk 52

ThomsonReuters

AUGUST 5, 2021

Summer 2021 Cybersecurity Newsletter—Controlling Access to ePHI: For Whose Eyes Only? OCR has released its Summer 2021 Cybersecurity Newsletter, emphasizing the importance of regulating access to PHI using the HIPAA security rule’s standards for information access management and access control. Newsletter. Ransomware.

Compliance 52

Compliance 52

ThomsonReuters

FEBRUARY 4, 2021

Covered entities were audited either on (1) aspects of the Notice of Privacy Practices, the individual access right, and breach notification; or (2) their risk analysis and risk management policies and procedures under the security rule. Business associates were audited on risk analysis, risk management, and breach notification.

Compliance 52

Compliance 52

Audit Board

MARCH 23, 2023

In CyberRisk Alliance Business Intelligence’s November 2022 Third-Party Risk Survey, more than half (57%) of respondents reported they were victims of an IT security incident — either an attack or a breach — related to a third-party partner in the past 24 months.

Compliance 52

Compliance Technology 52

Audit Board

MARCH 22, 2023

Enterprise risk encompasses regulations, finance, operations, technology, reputation, strategy, and many more — and losing control over any one of these risk areas could mean disaster. Lately, with the increased focus on strong governance requirements, there is more scrutiny over risk management programs.

Compliance 52

Compliance Treasury Technology Finance 52

Audit Board

JANUARY 11, 2023

The frequency and severity of third-party breaches are on the rise: 90% of organizations were impacted by a supply chain cybersecurity breach in 2022. Benefits of Automating Third-Party Risk Management. These initiatives are targeting third-party risk at regional, national, and supranational levels. How to Respond.

Compliance 52

Compliance 52

Audit Board

SEPTEMBER 19, 2023

What are your top priorities when developing a strategic IT risk program? Must-haves of effective IT and cyber risk functions, and transformative technologies for IT risk organizations. How have you seen IT risk change over the last few years, and how do you see it continuing to evolve today?

Compliance 52

Compliance Technology 52