Elements of Successful Nonprofit Cybersecurity
By Darren Hulem, IT & Risk Analyst Nonprofits are more reliant on technology than ever before to deliver on their mission. The integration of digital technology into all aspects of the organization, or digital transformation, provides a number of new opportunities, but it also provides the possibility for additional security issues. Not only are there…
The Bow Tie Method Addresses Risk Holistically
By Jay Mui, PMP, MBA | Supervisor, Risk & Advisory Services Well if you are being literal, 17th century Croatian mercenaries would use a scarf to hold together the openings at the neck of their shirts. King Louis XIII, a great employer of these mercenaries, so enjoyed and promoted this look that it soon became…
Why Associations Are Implementing Enterprise Risk Management (ERM)
By Melissa Musser, CPA, CITP, CISA | Principal, Risk & Advisory Services For years, associations have taken a siloed approach to risk management, focusing on areas like cybersecurity. More are now widening their nets, using ERM to ensure unexpected dangers don’t derail their association. When it comes to risk management, some may think of areas…
Be Prepared: Why Enterprise Risk Management is Essential for Nonprofits
By Melissa Musser, CPA, CITP, CISA | Risk & Advisory Services Principal Corporations and organizations have long understood the value of systematic planning for worst-case scenarios to avoid unwelcome surprises, known as enterprise risk management (ERM). ERM is a proactive, multidimensional process of identifying, assessing, cataloguing, and preparing for potential negative organizational outcomes in order…
The EU’s GDPR is Applicable to US Companies. Is Your Organization in Compliance?
By Darren Hulem | Network Administrator Auditor GDPR, also known as General Data Protection Regulation (EU) 2016/679, was a regulation passed by the European Union (EU) in 2016 aimed at data protection and privacy for individuals within the EU. Enforcement, which began on May 25, 2018, has the potential to affect companies outside of the…
Forensic Auditing and Artificial Intelligence Help Detect Fraudulent Activity
By Mac Lillard, CPA, CFE, CITP, CISA, | Manager, Audit and Risk Advisory Services Fraud prevention is one of the most important aspects of an effective organizational risk management strategy. According to the Association of Certified Fraud Examiners (ACFE) 2018 Report to the Nations, there were 2,690 cases of occupational fraud, resulting in $7+ billion…
Internal Audit is a Critical Investment for Nonprofit Organizations
By Mark Tessar, CPA, CIA | Nonprofit Audit Supervisor By their nature, tax-exempt entities are under extraordinary scrutiny. With the IRS, external auditors, donors, watchdogs and stakeholders all analyzing their finances, nonprofit organizations must implement effective internal controls that decrease the likelihood of fraud, accounting mistakes or other inappropriate accounting practices that could impact the…
Vulnerability Scanning and Penetration Testing Offer Tools for a Strong Security Posture
By Darren Hulem | Network Administrator Auditor In the movies, hackers sit in front of a computer typing a few lines of code and suddenly they have access to all of the victim company’s systems. While cybercrime does not happen like it is portrayed in the movies, it has become a common theme in recent…
Keeping Your Nonprofit’s Technology Modern, Safe and Cost-Efficient with an IT Audit
For smaller or start-up nonprofits, infrastructure elements like information technology (IT) are often small and uncomplicated allowing the greatest flexibility and economy. The bad news is that while the organization is saving money, aging IT systems lack critical security features as well as the strategic and functional advantages enjoyed by peers who have prioritized IT…