Tag: Risk Management

2024 Update on Retirement Plans: Cyber Best Practices

Cybersecurity remains a crucial concern for retirement plan administrators and sponsors. Ensuring the security of sensitive data and maintaining compliance with regulatory requirements is essential to protect plan participants and maintain trust. GRF hosted a 2024 Update on Retirement Plans webinar on May 16th, 2024, which outlined key cybersecurity best practices recommended by the Department…

Read more ›

Cybersecurity and Privacy Become Key ESG Imperatives

Cybersecurity and privacy issues have become prominent ESG concerns as organizations frequently manage sensitive information concerning their beneficiaries, employees, third parties, and other stakeholders. Protecting this data from cyber threats and ensuring privacy is a crucial responsibility, as stakeholders expect organizations to have robust cybersecurity measures in place to safeguard their personal information. Failure to…

Read more ›

Optimize Risk Management Efforts with Enhanced Collaboration

To some extent, all business functions are responsible for managing risks. However, certain departments have direct responsibilities in risk management, such as Internal Audit, Enterprise Risk Management (ERM), and Fraud Risk Management. Integrating and fostering collaboration between these functions can result in more effectively addressing risks and protecting against fraudulent activities. This is particularly critical…

Read more ›

Elements of Successful Nonprofit Cybersecurity

Nonprofits are more reliant on technology than ever before to deliver on their mission. The integration of digital technology into all aspects of the organization, or digital transformation, provides a number of new opportunities, but it also provides the possibility for additional security issues. Not only are there more ways to be attacked than ever…

Read more ›

The Bow Tie Method Addresses Risk Holistically

By Jay Mui, PMP, MBA | Supervisor, Risk & Advisory Services Well if you are being literal, 17th century Croatian mercenaries would use a scarf to hold together the openings at the neck of their shirts. King Louis XIII, a great employer of these mercenaries, so enjoyed and promoted this look that it soon became…

Read more ›

Why Associations Are Implementing Enterprise Risk Management (ERM)

By Melissa Musser, CPA, CITP, CISA | Principal, Risk & Advisory Services For years, associations have taken a siloed approach to risk management, focusing on areas like cybersecurity. More are now widening their nets, using ERM to ensure unexpected dangers don’t derail their association. When it comes to risk management, some may think of areas…

Read more ›

Be Prepared: Why Enterprise Risk Management is Essential for Nonprofits

By Melissa Musser, CPA, CITP, CISA | Risk & Advisory Services Principal Corporations and organizations have long understood the value of systematic planning for worst-case scenarios to avoid unwelcome surprises, known as enterprise risk management (ERM). ERM is a proactive, multidimensional process of identifying, assessing, cataloguing, and preparing for potential negative organizational outcomes in order…

Read more ›

The EU’s GDPR is Applicable to US Companies. Is Your Organization in Compliance?

By Darren Hulem | Network Administrator Auditor GDPR, also known as General Data Protection Regulation (EU) 2016/679, was a regulation passed by the European Union (EU) in 2016 aimed at data protection and privacy for individuals within the EU. Enforcement, which began on May 25, 2018, has the potential to affect companies outside of the…

Read more ›

Forensic Auditing and Artificial Intelligence Help Detect Fraudulent Activity

By Mac Lillard, CPA, CFE, CITP, CISA, | Manager, Audit and Risk Advisory Services Fraud prevention is one of the most important aspects of an effective organizational risk management strategy. According to the Association of Certified Fraud Examiners (ACFE) 2018 Report to the Nations, there were 2,690 cases of occupational fraud, resulting in $7+ billion…

Read more ›

Internal Audit is a Critical Investment for Nonprofit Organizations

By their nature, tax-exempt entities are under extraordinary scrutiny. With the IRS, external auditors, donors, watchdogs and stakeholders all analyzing their finances, nonprofit organizations must implement effective internal controls that decrease the likelihood of fraud, accounting mistakes or other inappropriate accounting practices that could impact the organization’s finances and reputation. Many organizations who have established…

Read more ›