Artificial intelligence applications like ChatGPT are becoming common tools in the workplace to do everything from generating job descriptions, writing and editing reports, and to managing schedules (See related article, “How Employees Are Using ChatGPT on the Job“). But the apps aren’t perfect. In fact, they can be error prone Read More
Imagine this scenario: Your organization is hit with a sophisticated ransomware attack. The team reluctantly agrees to pay the ransom (in bitcoin, of course) and your data-recovery efforts spring into action to get the organization back up and running. But to everyone’s horror, much of the data is missing and Read More
The LSU Center for Internal Auditing, a university-based internal audit education program, is expanding to include a greater focus on cybersecurity risk and environmental, social, and governance (ESG) issues. In recognition of these changes, the program has been renamed the LSU Center for Internal Auditing & Cybersecurity Risk Management (LSUCIA&CRM). Read More
GUEST BLOG Over my long career, I have often heard, in one form or another, the phrase: “You just can’t audit that!” The first time I heard it came when I was an internal audit manager for a financial institution. The senior vice president for human resources said she was Read More
GUEST BLOG: One of the challenges when it comes to so-called “cybersecurity risk” is in accepting and then applying the idea that cyber is not an “IT risk.” No. It’s a business risk. That is easy to say, and it makes all the sense in the world. However, people tend Read More
Cyberattacks are among the most debilitating events that companies and other organizations can experience, and internal auditors and risk managers consistently rank them among the biggest risks to the business. They know that how companies respond and react to such attacks can be the difference between a small blip and Read More
The Securities and Exchange Commission has released its 2021 “Agency Rule List” to give companies an idea of the regulations in its pipeline and when they can expect them to move forward. The list includes a schedule of proposed and final rules on such topics such as climate change disclosures, Read More
President Biden signed an executive order Wednesday aimed at hardening the federal government’s cybersecurity defenses, as his administration tackles a slew of overlapping cyber hacks, including a ransomware attack on a major fuel artery that has caused gas shortages in at least seven states across the Southeast. The executive order Read More
The recent hack of the Colonial Pipeline, which has crippled the transmission of fuel in the Southeast United States, serves as a stark and alarming reminder to all businesses of the vulnerability of information systems to security breaches, hacks, and ransomware attacks. Over the last several years, most businesses have Read More
Amidst a wide range of challenges in 2020, including a global pandemic and social unrest, cybersecurity and data security risks remain top-of-mind for chief audit executives and audit committee members in Europe, the annual Risk in Focus survey from the Chartered Institute of Internal Auditors (IIA) finds. For the third Read More
