IT Governance, Risk & Controls

Topics

May 16, 2019

4 key steps for auditors in assessing technology risks

The business risks associated with new technology seem almost endless. But a new resource can help auditors, management and audit committees discharge their responsibilities associated with those risks.

January 1, 2019

Cyber liability: Managing evolving exposures

Cyber liability exposures and regulations impacting CPA firms’ duties to protect confidential information have evolved significantly in recent years.

April 12, 2018

How board members can perform oversight of cybersecurity risks

A new tool can help board members understand what questions to ask in their oversight of cybersecurity risk management.

November 3, 2017

Cybersecurity tips from the ‘Shark Tank’

Shark Tank star and cybersecurity expert Robert Herjavec said CPAs have an important role to play as trusted advisers on cybersecurity.

November 1, 2017

Expect the unexpected: Risk assessment using Monte Carlo simulations

Modern computing power, combined with software including Microsoft Excel, can produce advanced statistical models to analyze the risks of business opportunities.

July 1, 2017

New model created for cybersecurity risk management

The AICPA framework enables organizations to communicate and creates a new engagement for CPAs to report.

April 1, 2017

Using Excel and Benford’s Law to detect fraud

This Technology Workshop shows how to use Microsoft Excel to determine whether the numbers in a data set follow Benford’s curve or point to possible malfeasance.

November 1, 2016

New path for CPAs in cyber risk management

AICPA proposals would guide design and evaluation of cyber risk management.

September 6, 2016

Technology risk: It’s more than cybersecurity

This column discusses the “silent killers” of technology risk that organizations must master to protect their business.

August 1, 2016

Bolster your data defenses

These steps can help close holes in your cybersecurity setup.

June 13, 2016

Explaining the 3 faces of SOC

This column provides updates and adds perspective on SOC and reflects on changes in the reports and their attestation standards.

May 15, 2016

Be vigilant about cybersecurity, warns former FBI agent

Chris Tarbell led FBI investigations that resulted in multiple high-profile cybercrime arrests. He shared his tips for cybersecurity during a presentation at the AICPA spring Council meeting.

April 1, 2016

5 steps CPAs can take to fight hackers

See what CPAs can do to fight cybercriminals’ threat.

September 7, 2015

How to mitigate vendor risk in a cybersecurity environment

Vendors represent one of the highest risk areas in an organization’s cybersecurity structure.

August 27, 2015

Use a layered cybersecurity approach to protect crown jewels

Layers of defense should exist in an organization’s systems, with the most sensitive information protected by the most layers.

August 26, 2015

How internal audit can help manage 10 top technology risks

Internal auditors can play a pivotal role in managing technology risks ranging from cybersecurity to social media. The risks are ranked in a new report that shows how internal audit can help manage them.

May 15, 2015

Cyber concerns show no signs of cooling off, former Homeland Security chief says

The digital sun will never set, which means that digital threats to business and government will only grow in the future, Tom Ridge said Friday.

April 13, 2015

Monitoring fraud risks in the supply chain

Mark Pearson, who works in supply chain forensics for Deloitte, explains how companies can probe one of the top risks—third-party expense categories—and avoid overpaying.

January 28, 2015

How to manage risks connected with the “internet of things”

Although web-connected products and the “internet of things” provide opportunities for transformative growth, they also may carry substantial risks.

January 14, 2015

Viewing cybersecurity through a COSO lens

The principles outlined in a popular internal control framework can help organizations manage their cybersecurity.

FROM THIS MONTH'S ISSUE

Promises of ‘fast and easy’ threaten SOC credibility

CPAs who provide Service and Organization Control (SOC) examinations warn that an ongoing push for high-volume SOC services may come at the cost of quality and objectivity.