First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

IT risk assessment

My cyber confession

Should we give up auditing information security and the management of cyber risk? Not at all. But we should do so with eyes wide open. We should recognize the limitations of our knowledge, tools and techniques and the likelihood that hackers have new techniques that are unknown both to auditors and management.


, , , , , , , , , ,

Is it really possible to control employees’ use of company computers?

Policies can help you manage employees’ and others’ use of company IT resources, and dramatically reduce the potential risk to you and your assets.


, , , , , , , , , , , , , , , , ,