First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

cyber risk management

A proactive approach to cyber risk management

It is not sufficient to say that cyber risk is high, medium, or low. The leaders of the organization need to be able to figure out what is the right level of resources to allocate to cyber defense and response; what is the right level of attention at board and executive committee level; and what should be communicated to shareholders and others.

 

, ,

Making intelligent and informed decisions around cyber

The experts continue to bombard us with their advice, insight, and guidance for addressing cyber.

 

, , , ,

Ten considerations for a cybersecurity incident response plan

If you ask a group of cybersecurity experts what should be included in a Cybersecurity Incident Response Plan (“CIRP”), you will get a wide variety of answers. Happily, many of those answers contain similar themes including these ten important considerations your organization should be aware of when creating and managing a CIRP.

 

, , , , ,

Internal audit and cyber risk

Deloitte has published good work. One of my favorites is their risk-intelligent white paper series. Recently, they released Cybersecurity and the role of internal audit. It has both superior and inferior advice. Let me walk through it.

 

, , , , , , , , , ,

Risk management in a digital world – Addressing cyber-security threats at the board level

The role of the Board of Directors has necessarily adapted to include an increased focus on risk management. In our digital world, cyber-attacks are now a pervasive risk and the perceived lack of board oversight has garnered scrutiny by consumers, regulators, legislators, litigants and the media.

 

, , , , , , , , , , , , , , , , ,