Tag: Cybersecurity and IT Risk

Consider a Virtual CISO to Meet Your Current Cybersecurity Challenges

By: Melissa Musser, CPA, CITP, CISA, Risk & Advisory Services Principal, and Darren Hulem, IT and Risk Analyst The COVID-19 crisis, with a new reliance on working from home and an overburdened healthcare system, has opened a new door for cybercriminals. New tactics include malicious emails claiming the recipient was exposed COVID-19, to attacks on…

Read more ›

Elements of Successful Nonprofit Cybersecurity

By Darren Hulem, IT & Risk Analyst Nonprofits are more reliant on technology than ever before to deliver on their mission. The integration of digital technology into all aspects of the organization, or digital transformation, provides a number of new opportunities, but it also provides the possibility for additional security issues. Not only are there…

Read more ›

Why Associations Are Implementing Enterprise Risk Management (ERM)

By Melissa Musser, CPA, CITP, CISA | Principal, Risk & Advisory Services For years, associations have taken a siloed approach to risk management, focusing on areas like cybersecurity. More are now widening their nets, using ERM to ensure unexpected dangers don’t derail their association. When it comes to risk management, some may think of areas…

Read more ›

Be Prepared: Why Enterprise Risk Management is Essential for Nonprofits

By Melissa Musser, CPA, CITP, CISA | Risk & Advisory Services Principal Corporations and organizations have long understood the value of systematic planning for worst-case scenarios to avoid unwelcome surprises, known as enterprise risk management (ERM). ERM is a proactive, multidimensional process of identifying, assessing, cataloguing, and preparing for potential negative organizational outcomes in order…

Read more ›

The EU’s GDPR is Applicable to US Companies. Is Your Organization in Compliance?

By Darren Hulem | Network Administrator Auditor GDPR, also known as General Data Protection Regulation (EU) 2016/679, was a regulation passed by the European Union (EU) in 2016 aimed at data protection and privacy for individuals within the EU. Enforcement, which began on May 25, 2018, has the potential to affect companies outside of the…

Read more ›

Forensic Auditing and Artificial Intelligence Help Detect Fraudulent Activity

By Mac Lillard, CPA, CFE, CITP, CISA, | Manager, Audit and Risk Advisory Services Fraud prevention is one of the most important aspects of an effective organizational risk management strategy. According to the Association of Certified Fraud Examiners (ACFE) 2018 Report to the Nations, there were 2,690 cases of occupational fraud, resulting in $7+ billion…

Read more ›

Vulnerability Scanning and Penetration Testing Offer Tools for a Strong Security Posture

By Darren Hulem | Network Administrator Auditor In the movies, hackers sit in front of a computer typing a few lines of code and suddenly they have access to all of the victim company’s systems. While cybercrime does not happen like it is portrayed in the movies, it has become a common theme in recent…

Read more ›

Payment Card Industry (PCI) Compliance and Your Nonprofit Organization

By Mac Lillard, CPA, CITP, CISA, CFE | Audit Senior Accountant According to the Payment Card Industry Data Security Council (PCD DSC) any organization that stores, processes, and/or transmits cardholder data is required to be compliant with Payment Card Industry Data Security Standard (PCI DSS). There is a common misconception that use of a third-party provider…

Read more ›

Keeping Your Nonprofit’s Technology Modern, Safe and Cost-Efficient with an IT Audit

For smaller or start-up nonprofits, infrastructure elements like information technology (IT) are often small and uncomplicated allowing the greatest flexibility and economy. The bad news is that while the organization is saving money, aging IT systems lack critical security features as well as the strategic and  functional advantages enjoyed by peers who have prioritized IT…

Read more ›

Leveraging an IT Assessment Can Protect Nonprofits from Cybercrime

“Cybercrime keeps climbing” was the key finding of the 2016 Global Economic Crime Survey recently completed by PwC. In fact, the survey results show cybercrime “jumping from 4th to 2nd place among the most-reported types of economic crimes.” While organizations are embracing new ways to make their operations digital for efficiency and effectiveness, criminals are…

Read more ›