Author: Anne Strong

Best Practices for Mitigating Risk in Expense Reporting Platforms

Expense reporting platforms have simplified the review and approval processes, making it easier to submit documentation for payment. However, this convenience can also lead to less stringent review of submitted documents and opportunities for changing electronic receipts. As a result, organizations need to implement best practices to reduce the risk associated with these reporting systems….

Read more ›

How Internal Audit Can Support Whistleblower Investigations

By Melissa Musser, Partner and Director GRF Risk & Advisory Services, President of the IIA Washington DC Chapter. Do you know if an employee is stealing from your company?  Quite often, the first hint of a problem comes from an insider tip. Having a comprehensive whistleblower program in place is a powerful early warning mechanism…

Read more ›

Top 5 Tax Tips for Small Business Owners

By Jennifer Galstad-Lee, Senior Manager, Tax Services Small business owners have double-duty during tax season – preparing and filing their own taxes as well as taxes for their small business. With so many demands on their time already, tax season can be cause for dread, but advance planning and organization can make life a little…

Read more ›

Essential stages of a third party risk management program

Developing and maintaining a third party risk management (TPRM) program can help to reduce the overall risk to your organization. What is TPRM?  In short, it is the process of analyzing and mitigating risks associated with working relationships with outside entities. These parties can include everyone from contractors providing janitorial services to suppliers of a…

Read more ›

Four Things You Can Do Today to Improve Your Cybersecurity Posture

Cybersecurity is always changing and evolving as threats grow. Here are ideas that you can start on today that will help reduce your risk and improve your cybersecurity posture: 1. Require Multi-Factor Authentication Having multi-factor authentication (MFA) is essential for granting access to confidential data. It helps to reduce the risk of credential loss and…

Read more ›

Workshop Highlights: Navigating the World of Uncertainties Impacting Non-Profit Organizations

The 4th Annual GRF /NC State ERM Workshop for Nonprofits was held on February 23 and 24, 2023. Nonprofit executives and board members from across the U.S. came together to share their experiences and discuss strategies and tactics for strengthening enterprise risk management at tax-exempt organizations. Melissa Musser, Partner and Director of GRF’s Risk Advisory…

Read more ›

State-Mandated Retirement Plans: An Overview for Businesses

By Jennifer Galstad-Lee, CPA, JD, Senior Tax Manager Many Americans are not saving enough for retirement – in fact, a recent survey by the Federal Reserve found that a quarter of working adults have no retirement savings at all. To address this growing crisis, a number of states are enacting laws that require private businesses…

Read more ›

Tax Benefits of “Going Green”

By Jennifer Galstad-Lee, Senior Manager, Tax From electric vehicles to solar panels, “going green” can offer both environmental and financial benefits. With global conflicts and increased gas prices, now may be the time to explore reducing your carbon footprint to better the Earth and save you money. In addition, with more emphasis on environmental, social…

Read more ›

IRS Issues Penalty Relief for Many Taxpayers

The Internal Revenue Service recently issued a notice (IRS Notice 2022-36) that provides broad penalty relief for specified delinquent 2019 and 2020 tax returns. For U.S. taxpayers who qualify, this relief will waive and refund delinquent filing penalties for many who filed their 2019 and/or 2020 tax returns late. Notably, certain penalties for international reporting…

Read more ›

Getting Started with Cybersecurity Training

By Darren Hulem, CISA, CEH, Security+, Supervisor and Tom Brown, CAPM, Security +, Senior Risk Analyst TLDR: End user cybersecurity training is essential for preventing malicious actors from gaining unauthorized access to your organization’s network. Creating a risk-averse organization involves making your staff aware of best-practices for identifying common attacks, like phishing scams. At the…

Read more ›