graph showing increasing added value

4 C’s to Increase the Value of Internal Audit

Posted by - July 20, 2018
Ensuring the Effectiveness of a Risk-Based Audit Plan Protiviti’s Jim DeLoach explores how to bolster internal audit’s efforts in providing recommendations that are strong, actionable and in keeping with the board’s expectations. We’ve always believed that boards should ensure that their organizations maximize the full potential of internal audit. There…
blur of audience in crowded auditorium

“Gone are the Days of Rigid Lines of Defense”

Posted by - July 17, 2018
Key Insights and Trends from the MetricStream GRC Summit 2018 MetricStream’s 2018 Summit in Baltimore saw several hundred business executives, government leaders, GRC practitioners and industry analysts gather to talk GDPR, strategies and solutions for building better governed, more compliant organizations and more. Gaurav Kapoor, MetricStream’s Chief Operating Officer, shines…
two Kings in chess: one upright, one lying down

ERM is Dead! Long Live ERM!

Posted by - July 16, 2018
Driving Change to Improve Resilience and Agility Enterprise risk management (ERM) is a framework organizations use to manage risks and seize opportunities related to the achievement of their objectives. More and more frequently, upper-level management refuses to acknowledge ERM properly, which leads to missed opportunity and lost revenues. Read more to…
closeup of an Excel spreadsheet on a computer screen

Breaking the Cycle of Spreadsheet Hell

Posted by - June 27, 2018
Solving Spreadsheet Risks and Errors is Easier Than You Think A decade ago, a professor of IT management and an authority on bad spreadsheet practices released an analysis on spreadsheet errors. It suggested that at the time, close to 90 percent of spreadsheet documents contained errors. But since then, spreadsheets…
man holding megaphone with dozens of purple speech bubbles

The Auditor’s Role in Advancing Communications

Posted by - October 26, 2017
Part 3 in a Series Exploring the “Auditor of the Future” In this series, Protiviti’s Jim DeLoach and Brian Christensen have put forth 20 potential ways the Chief Audit Executive or internal audit lead can advance his or her relationship with the audit committee. Parts 1 and 2 focused on…
man drawing line graph showing increase

9 Ways Auditors Deliver Tangible Value

Posted by - October 19, 2017
Part 2 in a Series Exploring the “Auditor of the Future” Part 2 of this series from Protiviti’s Jim DeLoach and Brian Christensen discusses several ways auditors can add value to the organization beyond the scope of the audit plan. with co-author Brian Christensen Read Part 1 here. Last week,…
woman working with binder and calculator in foreground

Audit’s Increasingly Critical Role in GRC

Posted by - October 13, 2017
The Need for Aligned Assurance Today’s changing risk landscape has put increased pressure on assurance functions to simplify their requirements and to provide the board, senior management and other key stakeholders with a complete risk and assurance picture. To do so requires coordinating on the risk universe, risk terminology and…
Increased risk of ransomware attacks coupled with confusing guidance from regulators

How the OCR’s New Guidance Rule Re-Examines Ransomware

Posted by - August 29, 2016
A “breach” is defined as “the acquisition, access, use or disclosure of PHI in a manner not permitted under the HIPAA Privacy Rule.” In opposition to a traditional breach, ransomware causes the data to be too secure, even from its authors and users. The OCR’s guidance provides intel on the…
Who should take charge of data privacy?

Privacy is Too Important to Be Left to the Lawyers

Posted by - July 21, 2016
Privacy has become a critical business function. But companies go wrong when lawyers – rather than operations/IT and marketing personnel – take the lead. The nuts and bolts of privacy involve operational, technical and customer-engagement decisions – and it’s business leaders from these disciplines who must make and implement such…