This column provides updates and adds perspective on SOC and reflects on changes in the reports and their attestation standards.
Mark Pearson, who works in supply chain forensics for Deloitte, explains how companies can probe one of the top risks—third-party expense categories—and avoid overpaying.
The principles outlined in a popular internal control framework can help organizations manage their cybersecurity.
In a business environment where a damaging Twitter post can have disastrous effects on a company’s financials, reputational risk remains the top nonfinancial concern for corporate directors, according to a new survey report. Another risk rooted in technology—cybersecurity and information technology risk—is rising quickly among directors’ concerns, according to the
CPAs can assess the effectiveness of their organization’s information technology controls by using Principle 11 of the newly updated internal control framework of the Committee of Sponsoring Organizations of the Treadway Commission (COSO). See a step-by-step procedure for applying Principle 11 to IT controls.