By Elinor Litwack, Partner, Outsourced Accounting & Advisory Services As the 2023 banking crisis unfolds with the recent collapse of Silicon Valley Bank (SVB) and Signature Bank, all eyes are on what happens next. Fueled by the “blame game” and the media frenzy around vulnerabilities in the banking system, many businesses and consumers have lost…
By: Melissa Musser, CPA, CITP, CISA, Risk & Advisory Services Principal, and Darren Hulem, IT and Risk Analyst The COVID-19 crisis, with a new reliance on working from home and an overburdened healthcare system, has opened a new door for cybercriminals. New tactics include malicious emails claiming the recipient was exposed COVID-19, to attacks on…
Nonprofits are more reliant on technology than ever before to deliver on their mission. The integration of digital technology into all aspects of the organization, or digital transformation, provides a number of new opportunities, but it also provides the possibility for additional security issues. Not only are there more ways to be attacked than ever…
By Melissa Musser, CPA, CITP, CISA | Principal, Risk & Advisory Services For years, associations have taken a siloed approach to risk management, focusing on areas like cybersecurity. More are now widening their nets, using ERM to ensure unexpected dangers don’t derail their association. When it comes to risk management, some may think of areas…
By Melissa Musser, CPA, CITP, CISA | Risk & Advisory Services Principal Corporations and organizations have long understood the value of systematic planning for worst-case scenarios to avoid unwelcome surprises, known as enterprise risk management (ERM). ERM is a proactive, multidimensional process of identifying, assessing, cataloguing, and preparing for potential negative organizational outcomes in order…
By Darren Hulem | Network Administrator Auditor GDPR, also known as General Data Protection Regulation (EU) 2016/679, was a regulation passed by the European Union (EU) in 2016 aimed at data protection and privacy for individuals within the EU. Enforcement, which began on May 25, 2018, has the potential to affect companies outside of the…
By Mac Lillard, CPA, CFE, CITP, CISA, | Manager, Audit and Risk Advisory Services Fraud prevention is one of the most important aspects of an effective organizational risk management strategy. According to the Association of Certified Fraud Examiners (ACFE) 2018 Report to the Nations, there were 2,690 cases of occupational fraud, resulting in $7+ billion…
By Darren Hulem | Network Administrator Auditor In the movies, hackers sit in front of a computer typing a few lines of code and suddenly they have access to all of the victim company’s systems. While cybercrime does not happen like it is portrayed in the movies, it has become a common theme in recent…
By Mac Lillard, CPA, CITP, CISA, CFE | Audit Senior Accountant According to the Payment Card Industry Data Security Council (PCD DSC) any organization that stores, processes, and/or transmits cardholder data is required to be compliant with Payment Card Industry Data Security Standard (PCI DSS). There is a common misconception that use of a third-party provider…
For smaller or start-up nonprofits, infrastructure elements like information technology (IT) are often small and uncomplicated allowing the greatest flexibility and economy. The bad news is that while the organization is saving money, aging IT systems lack critical security features as well as the strategic and functional advantages enjoyed by peers who have prioritized IT…