- Credit union aligns internal audit and risk management by working with Baker Tilly’s risk, internal audit, and financial institution specialists.
- Data classification is an important first step in establishing a cybersecurity management program, as it allows an organization to make managerial decisions about resource allocation to secure data from unauthorized access.
- The AICPA recently released an exposure draft of the proposed revisions to the Trust Services Principles and Criteria. The most significant change in the proposed revisions is the integration of the privacy principles and criteria into the common criteria.
- Since the Committee of Sponsoring Organizations (COSO) issued its Internal Control — Integrated Framework (2013 Framework) in May 2013, many organizations have implemented the new framework to comply with the initial December 15, 2014 transition deadline. The 2013 Framework requires management to assess whether 17 principles are present and functioning, which is a change from the previous framework. Further, the 2013 Framework includes points of focus, which are important characteristics of the 17 principles and assist management with determining whether controls are properly present and functioning.
- The heightened complexity of vendor risk management for US banks was evident at a conference sponsored by Marcus Evans in Chicago on June 3-4. Need for resources, maintaining oversight, and how organizations are managing the process internally were all hot topics of conversation.
- Previous Next