First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

cyber attack

Cyber risk and audit

Clearly, cyber risk and audit is the topic of the day, if not the year and decade. The leader of Protiviti’s IT audit practice, David Brand, has weighed in with “Ten Cybersecurity Action Items for CAEs and Internal Audit Departments”. He has some valuable ideas that merit consideration, not only by internal auditors, but by security professionals, boards, risk officers, and more broadly among the executive group. I will let you read his post and suggested action items.

 

, , , , , , , ,

Good cybersecurity means good info governance

Cybersecurity: the word conjures up images of software engineers in lab coats feverishly analyzing cryptographic code in an effort to thwart an attack from a country somewhere on the other side of the globe. Seemingly daily reports of major data breaches are now coupled with warnings about a cybersecurity “talent gap,” meaning that there is […]

 

, , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Information security guidance

According to Deloitte, IT now plays many fundamental and highly beneficial roles in businesses, including:

 

, , , , , , , , , , , , , , , ,