A Look at Data Safety and Third-Party Technology Risk Management
Please note: CPE is not available for webinars on-demand. CPE is available only for live events. Presented by: Carly Devlin and Stephen Chasser As organizations are increasingly relying on third-parties for various business processes and services, it’s important, from an information security and regulatory perspective, to understand how the organization’s data is being handled by […]
Are you ready for a catastrophe?
Disaster planning is critical for all companies to help ensure that normal business activities can resume as soon as possible after a disaster strikes. However, dealerships face unique risks when it comes to preparing for catastrophes. Unlike most businesses, the bulk of your inventory is sitting outside, where it’s exposed to the elements. Natural disasters […]
Introduction to the NIST SP 800-171 Framework
Presented By: Richard Collins and Chris Heitkamp In an effort to improve data protection, regulators are increasingly requiring organizations to comply with IT Security best practices. From Department of Defense (DoD) contractors to colleges and universities, NIST SP 800-171 has been breaking out as the baseline standard for such initiatives. This presentation will provide an […]
Internal Controls: an effective line of defense against fraud and business losses
Article by CSH’s Melissa Meeker How would you assess the strength of your existing internal controls system? Many people who work in an operational capacity for a healthcare practice would guess that their internal control system is strong. Others would acknowledge that their system needs improvement. And then there are those folks who genuinely have […]
SOC and the Cybersecurity Threat
Organizations are under increased pressure to demonstrate that they are managing cybersecurity threats, and that they have effective processes and controls in place to detect, respond to, mitigate and recover from breaches and other security events. With these threats in mind, the AICPA has developed a new System and Organization Controls (“SOC”) for Cybersecurity engagement. […]
Three Lines of Defense in Effective Risk Management
In this day and age, it’s not uncommon to find internal auditors, enterprise risk management specialists, compliance officers, fraud investigators, and other risk and control professionals working together to help their organizations manage risk. Each of these specialties has a unique perspective and specific skillset that can be invaluable to the organization, but since risk […]
Four Keys to Managing Interest Rate Risk for Community Banks
After a prolonged period of near-zero-percent short-term interest rates following the financial crisis in 2008, the Federal Reserve is poised to continue raising interest rates as the U.S. economy continues to expand. The Fed has raised its benchmark rate four times since December 2015 (three of which have come since December 2016), and many expect […]
Cybersecurity and Healthcare: Protect Your Patients and Your Organization
By Melissa Meeker Data breaches maintain their reign in the headlines as cyberattacks continue to happen at a disturbingly high frequency. Consumer information has never been more vulnerable, and no industry is immune to the threat of an attack. In an environment where no organization is safe, healthcare providers are especially vulnerable. Fortunately, established regulatory […]
Internal Audit Best Practices for Community Banks
Internal Audit Best Practices for Community Banks Clark Schaefer Hackett developed this white paper to help you evaluate – and strengthen – your internal audit program. This guide covers risk management’s three lines of defense, regulatory expectations, key elements of an effective internal audit program and more.
Is your Company Prepared for a Cyberattack?
Cyberattacks on the Rise Cyberattacks are happening at an alarmingly high frequency. While these attacks are typically aimed at larger and internet-based companies, we are also seeing an increase in activity among privately held and family-owned businesses. Unfortunately, these smaller businesses are perceived to be easier targets for cyberattacks because resources devoted to prevention, detection […]