Search Blogs
Enterprise Risk Management in Nonprofit Organizations – 2024 Workshop Takeaways
On February 22-23, 2024, GRF and NC State University’s Enterprise Risk Management Initiative convened over 100 nonprofit executives and board members to discuss enterprise risk management strategies and tactics. This 5th annual workshop, “Navigating the World of Uncertainties Impacting Nonprofit Organizations,” aims to fill a gap in the resources available to tax-exempt organizations seeking to…
Fraud Awareness Tips and Resources
International Fraud Awareness Week takes place November 12 – 18, 2023 Fraud Awareness Week highlights how crucial it is for organizations to pause and reflect on the evolving landscape of fraud risks. In an era where the convergence of technology and human ingenuity continues to shape our world, the need for proactive risk management is…
ESG for Non-Profit Risk Managers
Bottom Line: ESG is becoming more important to donors, employees, partners, and other stakeholders. Non-profit risk managers need to be prepared to answer tough questions about how their organization is managing critical ESG risks. ESG Basics for Non-Profits ESG refers to environmental, social, and governance factors in an organization’s operations. There is no universal definition…
Mitigate Online Donation Risks with PCI Compliance and Third-Party Risk Management
Taking donations online is a huge benefit to nonprofit organizations, but online payments also expose potential risks. To safeguard their operations and donors’ financial information, nonprofits must prioritize Payment Card Industry (PCI) compliance and third-party risk management. Nonprofits are at a higher risk of credit card test attacks than other organizations due to certain functionality…
Cybersecurity and Privacy Become Key ESG Imperatives
Cybersecurity and privacy issues have become prominent ESG concerns as organizations frequently manage sensitive information concerning their beneficiaries, employees, third parties, and other stakeholders. Protecting this data from cyber threats and ensuring privacy is a crucial responsibility, as stakeholders expect organizations to have robust cybersecurity measures in place to safeguard their personal information. Failure to…
Risk Management is on the Rise at Not-For-Profit Organizations
2023 State of Risk Oversight Survey Results By Amy Wares, CPA, MBA, Enterprise Risk Management Specialist Managing risk is more challenging than ever. New research reveals that not-for-profit organizations are responding by expanding their risk management practices. On July 11, 2023, the Enterprise Risk Management (ERM) Initiative at NC State University published the 14th edition…
Optimize Risk Management Efforts with Enhanced Collaboration
To some extent, all business functions are responsible for managing risks. However, certain departments have direct responsibilities in risk management, such as Internal Audit, Enterprise Risk Management (ERM), and Fraud Risk Management. Integrating and fostering collaboration between these functions can result in more effectively addressing risks and protecting against fraudulent activities. This is particularly critical…
Best Practices for Mitigating Risk in Expense Reporting Platforms
Expense reporting platforms have simplified the review and approval processes, making it easier to submit documentation for payment. However, this convenience can also lead to less stringent review of submitted documents and opportunities for changing electronic receipts. As a result, organizations need to implement best practices to reduce the risk associated with these reporting systems….
How Internal Audit Can Support Whistleblower Investigations
By Melissa Musser, Partner and Director GRF Risk & Advisory Services, President of the IIA Washington DC Chapter. Do you know if an employee is stealing from your company? Quite often, the first hint of a problem comes from an insider tip. Having a comprehensive whistleblower program in place is a powerful early warning mechanism…
Essential stages of a third party risk management program
Developing and maintaining a third party risk management (TPRM) program can help to reduce the overall risk to your organization. What is TPRM? In short, it is the process of analyzing and mitigating risks associated with working relationships with outside entities. These parties can include everyone from contractors providing janitorial services to suppliers of a…