Blog library

The big picture: Aligned assurance can create multiple benefits, including:Giving stakeholders a common view of risks and issues across the organisationReducing repetitive, manual testing, which allows more focus on high-value activitiesBy the numbers: In a recent Protiviti webinar on aligned assurance, only 14% of the audience members reported that collaboration across the three lines is “highly…

When leaders consider how technology has enabled transformation of business models over the past several years, few would disagree that the world has changed dramatically. Retail, entertainment, music and banking have largely moved online. It’s a familiar story: Netflix beat Blockbuster; Amazon beat Borders. More recently, Tesla has transformed the experience of buying, owning and driving a car.

Penetration testing and red teaming are essential cybersecurity practices that bolster an organisation’s security posture by uncovering vulnerabilities within their systems, networks, and people or business processes. These methodologies have distinct objectives, scopes, approaches and technologies employed.

Access to artificial intelligence (AI) and the drive for adoption by organisations is more prevalent now than it’s ever been, yet many companies are struggling with how to manage data and the overall process. As companies open this “pandora’s box” of new capabilities, they must be prepared to manage data inputs and outputs in secure ways or risk allowing their private data to be consumed in public AI models. Through…

What’s it like to change professions and gain a variety of experience? Amie Pinder, director of technology resilience risk at the London Stock Exchange Group, started her career in audit, but realised the world of technology was waiting for her. She speaks to Simran Sadhra and Rhianne Williams from Protiviti’s iGROWW network about her journey.

Ever since Steven Spielberg put the metaverse on the mainstream map in 2018 with his science-fiction adventure film, Ready Player One, based on Ernest Cline's novel of the same name, there has been a slow but steady drumbeat of momentum building around the potential and possibilities of this brave, new, immersive world. Sure, the metaverse had been talked about long before 2018, but once Spielberg made a…

Modern business is often defined not only by change, myriad projects and increasing regulation but also by culture, employee experience and well-being. Somewhere in the middle is the sweet spot of positive performance. Julie Wacker, occupational psychologist at Robertson Cooper, spoke to Matt Duncan, a managing director at Protiviti, about finding the balance.

Cybersecurity governance should do more than manage cyber risk. Good cybersecurity governance creates efficiencies by clarifying the outcomes expected from its processes and establishing boundaries of responsibility among cybersecurity practitioners, frontline operational areas, senior leaders and board members. Recently, numerous crises have drawn senior leaders and board members down into cybersecurity’s…

Last Thursday, the Committee of Sponsoring Organisations of the Treadway Commission (COSO) released interpretive guidance on how to effectively apply the 2013 Internal Control — Integrated Framework (ICIF) — which is currently applied to financial reporting — to sustainability reporting. The guidance results from a project approved by the COSO board a year ago with…

Senior leaders focused on cybersecurity recognise there is considerable guidance, best practices, frameworks, regulations and varied opinions on how programmes should design defensive capabilities. In addition, depending on the day, the various pressures in the organisation’s macro-environment may be greater or lesser and invite different priorities for time, team and budget. Despite these various pressures and…