Results for Search Submit Filter by: Advanced Filter All results Solutions Industry People Client Story Insights/Blogs Filter Blog April 18, 2017 Fintech Perspective: Balancing Speed to Market With Sound Risk Management As financial institutions develop innovative technology, in-house or by partnering with fintech companies, they need to carefully consider regulatory requirements for both third-party risk management and information security. Protiviti hosted a Fintech Innovation webinar on April 5, which addressed the need for banks and other financial institutions to balance sound third-party risk management… Blog April 19, 2017 Cyber Safety Tips for Private Equity Managers Cybersecurity vendor FireEye, in March, reported an increase in fake emails targeting lawyers and compliance officers with malware disguised as a Microsoft Word document from the Securities and Exchange Commission. That, on the heels of a reported uptick in fake drawdown requests targeting private equity clients, prompted us to put together a list of ways private equity firms and portfolio… Blog April 24, 2017 IT Audit Webinar: Your Questions Answered Following up on a recent blog post discussing the results of the 6th Annual IT Audit Benchmarking Study from ISACA and Protiviti, I want to revisit the subject by answering some of the audience questions we were unable to address live during the webinar, which I co-hosted with my Protiviti colleague David Brand and ISACA director Ed Moyle. (I want to stress that we receive many great… Blog April 25, 2017 Proving Procurement’s Value to Stakeholders: Show Them the Money There is no doubt that procurement organizations deliver value, through strategic sourcing, category management and other means. What distinguishes procurement organizations perceived as top performers from the rest is how well they quantify the value they deliver to the company. Recently, I had the opportunity to moderate a panel discussion about the challenges of demonstrating procurement’s… Blog April 28, 2017 What's the Latest on Fintech Charters and What About That Russian Laundry? In the April edition of Compliance Insights, we discuss the Office of the Comptroller of the Currency's draft supplement, released in March, which further outlines the application guidelines for fintech bank charters (covered previously in our January issue). We also lay out previously unknown details of the "Russian Laundromat" money laundering scheme, as reported by the… Blog October 30, 2018 Quantifying Cyber Risk: Takeaways From FAIRCON18 At a time when cyber/information security risk looms large on the minds of directors and executives, quantitative risk assessments are gaining traction as a way to understand and measure that risk. While the need to measure this risk grows, most organizations are still at a low level of maturity regarding the proper use of risk terminology and risk modeling. Getting support and, more importantly… Blog October 31, 2018 Building Bot Boundaries: RPA Controls in SOX Systems There is often a tendency in RPA implementations to automate as much as possible, focusing more on the value the technology can deliver and less on what are the right things to automate or what risks may be introduced or increased in the process. This is the natural tension that exists between the pursuit of innovation and the need for controls. As seasoned business leaders know, innovation… Blog November 1, 2018 Trends in Tech: What Emerging Technology Firms Must Keep an Eye On What’s driving leaders of emerging technology companies and the venture capitalists (VCs) who back them? Here’s a look at three trends that were hot topics for discussion at the recent TechCrunch Disrupt SF 2018 conference: Trend #1: The shortage of skilled tech talent is prompting a search for new markets. Highly skilled technology talent is hard to find in today’s tight hiring environment —… Blog November 2, 2018 Recognizing the People Element in Data Security Implementations Implementing information security technology and creating related policies is relatively easy. Getting the organization to better manage risks through the use of that technology and embrace those policies is quite a bit harder. In a recent survey by ESI ThoughtLab, co-sponsored by Protiviti, untrained staff was seen as the greatest cyber threat by businesses because it can provide a conduit for… Blog November 5, 2018 Highlighting Recent Cyber-Related Financial Losses, the SEC Urges Public Companies to Revisit Internal Accounting Controls Even the best-intended internal controls are only as effective as the degree to which they are designed and executed. According to a recent FBI report, failure to adhere to payment and reconciliation controls has cost companies more than $5 billion over the past five years. In addition, a recent cyber threat investigation by the U.S. Securities and Exchange Commission (SEC) found widespread… Load More
