• Cybersecurity: Steps to take now

    The federal government expects banks to get a lot more serious about cybersecurity. For the first time in history, the US Treasury Secretary has criticized the nation’s safeguards to protect against cybersecurity attacks on our financial infrastructure. In response, the Federal Financial Institutions Examination Council (FFIEC) took three initial steps to increase awareness in the US banking system.
  • Form 990: Top ten areas of focus for board members

    With the proliferation of nonprofit organizations comes the need for more individuals willing to step into the important role of a board director. A board director serves to shepherd the organization to long-term sustainability. The board director role carries risk if individuals are not aware of their obligations related to the issues and concerns that the Internal Revenue Service (IRS) has attempted to address in the newly designed information reporting form, the Form 990.
  • New NIST Cybersecurity Framework

    In February 2014, the NIST Cybersecurity Framework was introduced as a response to Executive Order 16363, ordered by President Obama in 2013. The Executive Order was a White House initiative to improve cybersecurity of critical infrastructure by developing a framework which incorporates a consensus of industry standards and best practices.
  • Manage mobile device risks holistically

    Mobile devices transform the way your organization serves customers and generates business, as well as communicates with your employees and stakeholders. These same devices bring new and increased risks to your organization’s data, competitive advantage/intellectual property, and reputation. Managing these risks requires a holistic approach, which goes beyond just securing the software on a device.
  • ORSA – Why should exempt companies care?

    Over the last few years the NAIC has established its expectations for insurance companies to maintain a risk management framework and conduct an Own Risk and Solvency Assessment (ORSA), including the filing of an ORSA Summary Report with state regulators. In 2012, the NAIC issued a Guidance Manual to provide insurers guidance with respect to reporting on ORSA, and later the NAIC adopted an ORSA Model Act. In 2012 and 2013 the NAIC conducted two separate feedback pilot projects and provided feedback and observations in a memo to the industry.