By Melissa Musser, Partner and Director GRF Risk & Advisory Services, President of the IIA Washington DC Chapter. Do you know if an employee is stealing from your company? Quite often, the first hint of a problem comes from an insider tip. Having a comprehensive whistleblower program in place is a powerful early warning mechanism…
Cybersecurity is always changing and evolving as threats grow. Here are ideas that you can start on today that will help reduce your risk and improve your cybersecurity posture: 1. Require Multi-Factor Authentication Having multi-factor authentication (MFA) is essential for granting access to confidential data. It helps to reduce the risk of credential loss and…
By Elinor Litwack, Partner, Outsourced Accounting & Advisory Services As the 2023 banking crisis unfolds with the recent collapse of Silicon Valley Bank (SVB) and Signature Bank, all eyes are on what happens next. Fueled by the “blame game” and the media frenzy around vulnerabilities in the banking system, many businesses and consumers have lost…
The 4th Annual GRF /NC State ERM Workshop for Nonprofits was held on February 23 and 24, 2023. Nonprofit executives and board members from across the U.S. came together to share their experiences and discuss strategies and tactics for strengthening enterprise risk management at tax-exempt organizations. Melissa Musser, Partner and Director of GRF’s Risk Advisory…
By Kristen Ocampo, CPA, Senior Internal Auditor Travel & Expense (T&E) reimbursement fraud can have a significant impact on your organization. The Association of Certified Fraud Examiners’ 2022 Report to the Nations found the average loss from an expense reimbursement scheme was $152,000. The report, which is based on a worldwide survey of Certified Fraud…
By Darren Hulem, CISA, CEH, Security+, Supervisor, IT and Risk & Advisory Services As cyberattacks grow in frequency and complexity, organizations are asking, “Is Cyber Insurance worth it?” The short answer is “Absolutely!” Before contacting an insurance company, we recommend some research and due diligence to position your organization for reasonable rates. Coverages can vary…
Enterprise risk management is becoming more common in the not-for-profit sector, but recent research finds that risk management practices are not keeping pace with the increased complexity of risks for nonprofits. On July 12, 2022, the Enterprise Risk Management (ERM) Initiative at NC State University published the 13th edition of its annual State of Risk…
By Darren Hulem, Senior IT and Risk Analyst An exponential increase in the number of ransomware attacks in 2021 has many businesses and nonprofits wondering whether they are next. In recent months, well-known ransomware victims made headlines when they elected to pay the ransom to quickly recover data and return to normal operations. Is your…
With ongoing concerns about economic recession, it is tempting to put strategic initiatives on the back burner. It may seem counterintuitive, but now is the ideal time to revisit your Board of Directors (Board) and determine if your organization is compliant and operating optimally. An effective Board is essential for surviving tough economic times, fulfilling…
By Yevgeniy Sukhenko, Senior Controller, Outsourced Accounting & Advisory Services The COVID-19 pandemic only accelerated the inevitable for accounting departments around the globe. In March 2020, businesses and nonprofits moved to the cloud quickly and abruptly, whether the organization was ready or not. The days of operating an accounting department with only software housed on…