Baker Tilly
Contact us
Climbers move forward avoiding risks to reach their goal, the summit

Risk Advisory

Baker Tilly addresses the full spectrum of risk, governance and compliance considerations in the context of industry, operations and culture.

Risk Advisory

  1. Webinar
    College and university auditors can implement an effective cybersecurity incident response

    How to audit cyber incident response

  2. Case Study
    healthcare phishing campaign

    Healthcare organization tests technical security controls and internal security awareness training with phishing campaign

  3. Article
    ai phishing threat to organizations

    Bad actors using AI to target businesses via business email compromise (BEC)

  4. Article
    Risks of artificial intelligence on a laptop

    Understanding the business uses, risks and rewards of artificial intelligence

  5. Article
    doctor looking at tablet healthcare technoogy

    10 reasons internal audit can help manage risk associated with the internet of medical things (IoMT)

  6. Webinar
    hitrust concepts from the field

    Lessons from the field: Concepts to know for sustainable success in your HITRUST journey

  7. Resource
    Construction project leaders review the construction contracting process

    Construction audit webinar series

  8. Webinar
    crane and buildings with clouds

    Construction audit: what we've learned since COVID-19

  9. Resource
    Construction resources being reviewed

    Construction audit resource center

  10. Article
    internal audit asking questions

    Flipping the script on internal audit

  11. Webinar
    navigating cybersecurity nfp

    Navigating cybersecurity: A 360° perspective from NFP, Baker Tilly and the C-Suite

  12. Article
    Closeup of hands holding smartphone in cafe

    Get in control with a tax control checkup

  13. Article
    Pacific coastline, view from Highway number 1, California

    New California climate law pulls in private companies

  14. Article
    People crowd on a busy city street and crosswalk

    ESG and its importance in the insurance industry

  15. Article
    Healthcare professional meeting and discussing with information technology specialist

    How healthcare providers can implement a denials management program utilizing internal audit

  16. Article
    Emerging trends in not-for-profit fraud

    Faking it for the funds: financial aid fraud risk

  17. Webinar
    due diligence with a SOC 2 examination

    How to bolster vendor due diligence with a SOC 2

  18. Article
    Team meeting outside looking over data on tablet

    Navigating ESG: strengthening governance for long-term success

  19. Article
    Team working on laptops

    Maintaining effective internal controls in a compliance-driven world

  20. Article
    common challenges key considerations SOC report

    Common challenges and key considerations when using or reviewing a SOC report

  21. Article
    Capitol building reflection at sunrise

    Strategies to address the new SEC cyber disclosure rule (and how to do it!)

  22. Whitepaper
    Risk management guide for life sciences companies

    Risk management guide for life sciences companies

  23. Article
    Sun reflecting off of colorful building

    The rise of proactive assurance, and why it’s here to stay

  24. Article
    U.S. Capitol Building reflecting on water in Washington, D.C.

    New SEC cyber incident disclosure marks first-time cybersecurity disclosure requirement across the capital markets

  25. Article
    Cars pass tree farm on highway

    ESG: Where do I start?

  26. Article
    woman working at computer

    Navigating Colorado’s SB21-169 new and revised algorithm and predictive model governance regulation for life insurers

  27. Article
    zero trust security model verify

    Never trust, always verify. But how?

  28. Case Study
    private jet company undergoes network scanning’

    Network scanning tools test prove private jet charter company's wireless network is secure

  29. Case Study
    grocery stores undergo vulnerability scanning

    Multilocation grocery store enhances internal IT practices as a result of vulnerability scan

  30. Case Study
    financial services company confirms security to minimize risk

    Financial services company confirms security of web-facing applications and minimizes risk

  31. Case Study
    city external penetration test

    City identifies weaknesses in security protections after external penetration test

  32. Article
    Cannabis cash

    Risks in cannabis, where cash and compliance rule

  33. Article
    Risks and controls RPA solutions

    Identifying risks and controls when implementing RPA solutions in a SOX environment

  34. Podcast
    Team high fiving

    Healthy Outcomes: Key insights for not-for-profit leaders in behavioral health 

  35. Webinar
    Construction workers working on building during sunset

    What the Inflation Reduction Act means for the real estate and construction industries

  36. Article
    IT professionals working at table together in office on cybersecurity

    The missing piece of your network security

  37. Article
    Team members discuss strategy in a meeting

    HITRUST FAQ

  38. Podcast
    Closeup view of cables in server room protecting from cyber attacks

    Healthy Outcomes: The current state of cybersecurity in the healthcare industry 

  39. Article
    Business meeting at conference table with professionals walking by

    SOC FAQ

  40. Webinar
    Advisor meets with clients

    Women in white collar crime

  41. Webinar
    handshake

    The importance of KYC in today's risk landscape

  42. Webinar
    Conference attendees access data on mobile devices during session break

    The art of profiling

  43. Webinar
    IT professionals working at table together in office on cybersecurity

    Renewing focus on internal controls

  44. Webinar
    Lights and cables running through server room

    Mounting a defense against ransomware: how to manage your risk

  45. Webinar
    Lights and cables running through server room

    Modern compliance

  46. Webinar
    typing on computer

    Taking the blinders off: the importance of an effective compliance program

  47. Webinar
    business professional people talking

    Why good people do bad things and how to spot a moral meltdown

  48. Webinar
    Building facade

    Fraud fight: the growing pressure to do better at finding fraud

  49. Webinar
    Team of IT professionals working on program in office

    Cash flow, gender and internal controls

  50. Webinar
    Office building courtyard with trees

    Environmental, social and governance (ESG) discussion

  51. Webinar
    Woman interacts with data

    Digital asset governance

  52. Webinar
    Digital tools: phone, computer and notepad

    Compliance: from caremark to certification

  53. Webinar
    Team of professionals working on computer

    Crisis management: ensuring business resiliency through crisis preparedness

  54. Resource
    Baker Tilly Fraud Summit

    Baker Tilly Fraud Summit 2023

  55. Webinar
    Consultants review software development code

    Strategy check: evaluating your cyber program to strengthen assurance

  56. Article
    Facade of the U.S. Capitol Building at night

    SEC steps up enforcement on ESG reporting with climate disclosure rules looming

  57. Resource
    Professional walking through office using digital tablet

    Governance dashboard for market intelligence

  58. Webinar
    Digital connectivity displays on world map

    Data analytics as the silent whistleblower

  59. Article
    Office building courtyard with trees

    Identify emerging internal audit risks to prepare for tomorrow’s insurance world

  60. Article
    University campus during the daytime

    How higher education and research institutions may benefit from using HITRUST to navigate research data security requirements

  61. Article
    Glass facade of a modern office building

    Implementing an effective ERM program

  62. Case Study
    software automation data screen

    Testing of software company's web portal boosts confidence in security measures

  63. Case Study
    Data dashboard coming out of laptop

    Multinational government contractor updates training after phishing prevention campaign uncovers vulnerabilities

  64. Case Study
    Cookies being produced in factory

    Food producer improves network security after disabling unused networks

  65. Case Study
    Rising interest rates, financial growth

    Debt consolidation company closes security vulnerability after successful external penetration testing

  66. Article
    Two professionals meeting at a table with computer outside office building with trees

    Is your internal audit function ready for ESG?

  67. Case Study
    Cars lined up on display at dealership

    Multilocation car dealership updates patching inventory after internal vulnerability scan

  68. Webinar
    Thumbprint used for increased security

    How your NFP can manage cyber risk when cyber insurance costs rise

  69. Article
    Energy plant with abstract data points

    Energy and utilities sector faced with cybersecurity risks

  70. Article
    diverse group of coworkers

    Three ways internal audit can outmaneuver the talent problem – and win

  71. Article
    Woman at a computer analyzing data

    NIST 800-53 Revision 4 to Revision 5 comparison tool

  72. Article
    Two professionals meet at a computer to review analytics

    Four key concepts to consider when using advanced reporting solutions in your SOX program

  73. Article
    Together, team members climb a mountain to reach the summit

    Getting risk appetite right in uncertain times

  74. Article
    Abstract circle arches

    Dynamic risk landscape creates challenges regarding talent, cybersecurity and ESG

  75. Article
    Man looking at data points

    Data mapping: building a strong foundation for cybersecurity and data privacy

  76. Case Study
    Forest of green trees on a sunny day

    Controlled Thermal Resources builds a foundation to align ESG strategy with business strategy

  77. Webinar
    Data dashboard coming out of laptop

    Cybersecurity trends: what to expect in 2023

  78. Resource
    Cybersecurity data on computer

    CHIPS Act aims to support thriving semiconductor sector

  79. Article
    casual work space office

    How to build an effective IT audit team during a time of skilled resourcing shortages

  80. Article
    ESG risks - Looking up at sunlight shining through trees

    Aligning ESG risks with existing ERM program key for creating value, attracting talent

  81. Article
    Data-driven manufacturing

    Top 5 manufacturing and distribution cybersecurity risks

  82. Article
    Consultants review software development code

    Cybersecurity risks affecting software and technology companies

  83. Article
    Man looking at window of data

    Are you overlooking a key component to cybersecurity risk management? 

  84. Article
    Two women planning together on a laptop

    2022 year-end asset management updates

  85. Article
    cyber risk manufacturing distribution

    Reducing cyber risk and protecting against a ‘perfect storm’

  86. Article
    team member talking digital screen

    Panel discussion: Smart buildings ARE networked systems

  87. Article
    Tax reform: The Senate bill passes

    Baker Tilly’s year-end banking webinar: key takeaways heading into 2023

  88. Article
    Colleagues walk down the stairs in discussion

    What's changed with SOC 2?

  89. Article
    people office

    Top five cybersecurity and IT audit trends that most impact an organization’s ability to respond to today’s challenges

  90. Whitepaper
    Building courtyard with trees

    The evolving risk landscape

  91. Article
    doctor looking at tablet healthcare technoogy

    How to minimize risk in the charge capture process of telehealth services

  92. Article
    risk_touching_gears

    Utilizing penetration testing to enhance internal audit activities

  93. Webinar
    Project Management Team and Construction Site with tower crane background

    Maximize ROI with proficient project controls

  94. Article
    Team collaborates on client project

    Easing cyber insurance woes using key controls 

  95. Article
    Baker Tilly Digital AI network

    White House framework on digital assets points to importance of continuous monitoring by companies, investors

  96. Article
    Team strategy meeting in conference room overlooking city

    How to manage cyber risks when cyber insurance costs rise

  97. Multimedia
    Man looking out from a mountaintop

    Agents of Change with Richard Chambers and Heather Acker

  98. Article
    Looking up at sunlight shining through trees

    The future of SOX and internal controls: incorporating ESG

  99. Article
    Health plan achieving interoperability compliance

    Healthcare organizations face a daunting cybersecurity landscape

  100. Article
    Medical management team discusses strategy in a conference room

    Leverage internal audit to minimize risk in medical leadership contracting and compensation processes

  101. Press Release
    Group meets in a conference room

    Baker Tilly partners with AuditBoard to help organizations streamline risk management processes and compliance reporting

  102. Resource
    hands working on report

    Which SOC report is right for your organization?

  103. Press Release
    web network of lines tech cyber

    Baker Tilly and Workiva help organizations streamline their financial and non-financial reporting

  104. Article
    Woman interacts with data

    Combating the rising costs of cyber insurance: how we got here, and what organizations can do

  105. In the News
    cyber cords crossing

    Pointers on Preventing Ransomware

  106. Multimedia
    Advisors meet to discuss a client project at a computer

    How the FTC safeguard rules update impacts your dealership

  107. Article
    Team of healthcare IT professionals meeting to discuss new initiatives

    Leveraging internal audit to minimize risk of third-party vendors in healthcare

  108. Article
    Business professionals works at office computer

    CMMC 2.0: five key changes for government contractors

  109. Multimedia
    Team of advisors analyzes data

    Understanding risk mitigation strategies for dealerships

  110. In the News
    Cybersecurity professionals performs a risk assessment at a computer

    Fighting an unrelenting war – how business can be safe from cyberattack

  111. Article
    panel discussion

    Model Audit Rule panel: life and P&C insurers

  112. Article
    Thumbprint used for increased security

    Public sector internal auditors most concerned by cybersecurity, data and talent risks

  113. Podcast
    Programmer performs systems testing on software

    BuzzHouse: How to protect your company from cyber threats

  114. Article
    Abstract data storage

    How NIST 800-171 Revision 3 may impact CMMC

  115. Article
    Men shake hands in a corporate office building

    Importance of obtaining a SOC 2 for your customers

  116. Article
    Consultants review an audit report prior to a finance committee meeting

    Leveraging data to drive agility in internal audit

  117. Article
    people overlayed on city outline

    Thriving innovation culture supports effective change throughout the organization

  118. Case Study
    Group meets in a conference room

    Private equity firm packages existing initiatives to build ESG strategy

  119. Case Study
    Food service professionals analyze data on a tablet

    Manufacturing and kitchen design company begins their ESG journey

  120. Webinar
    innovation culture

    Innovation culture – how to create value and make innovation an essential part of your organization

  121. Article
    securing your family office from a ransomware attack

    Managing your family office's risk against a ransomware attack

  122. Article
    Closeup of circuitry on computer

    Cybersecurity and data privacy: recognizing the risks facing NFP organizations

  123. Webinar
    Office lobby with windows

    Post occupancy construction audit: closeout and turnover

  124. Article
    cybersecurity businessman touching web

    SEC proposes improved uniformity and comparability of cybersecurity disclosures

  125. Webinar
    people walking

    The rise of the SEC Whistleblower Program

  126. Webinar
    Data server center

    Fraud Summit: Managing your risk against a ransomware attack

  127. Webinar
    Business professional viewing data and graphs on tablet

    Leveraging data in investigations

  128. Webinar
    Magnifying glass

    Important trends in white collar criminal investigations and prosecutions

  129. Webinar
    Conference room in advance of a board meeting

    Fraud and corporate governance: the board’s role in preventing and dealing with fraud

  130. Webinar
    people raising hands for Q&A

    Fraud allegations and the media: a guide to surviving the spotlight

  131. Webinar
    Government building with waving flag

    Deciphering Elizabeth Holmes: what went wrong?

  132. Webinar
    Woman at a computer analyzing data

    Cybersecurity: to infinity and beyond

  133. Webinar
    Team discusses client needs in an office

    Control activities vs. control environment: how the latter drives the former

  134. Webinar
    Consultants review an audit report prior to a finance committee meeting

    Continuous auditing within the compliance program

  135. Webinar
    Conference room in advance of board meeting

    Caremark and the impact on compliance

  136. Webinar
    abstract_people_technology_city

    Beyond three lines: the collaboration imperative for connected risk

  137. Webinar
    Finance executive analyzes cash on hand report

    AML and KYC emerging trends

  138. Webinar
    man analyzing computer data

    A deeper dive into cyber crime, cryptocurrency and illicit finance

  139. Article
    Team working to analyze data and software

    New HITRUST assessments rise to meet the need for varying assurance levels

  140. Podcast
    Cybersecurity data screen

    Healthy Outcomes: The value of cybersecurity in the healthcare industries

  141. Webinar
    Woman looking at data visualization on tablet

    Demystifying HITRUST assessment types: bC, i1 and r2

  142. Whitepaper
    Team members work together on technology innovation

    Innovation culture – jumpstarting new ideas to drive organizational success

  143. Podcast
    Data analyst performs market research from various sources

    Higher Ed Advisor: Lehigh University: how cybersecurity and compliance enable revenue generation in higher education

  144. Podcast
    Advisor reviews operating reports

    Healthy Outcomes: The role of internal audit in healthcare

  145. Article
    risk two people climbing a mountain

    Fraud risks in the cannabis industry

  146. Article
    Woman works on computer at night

    Mitigating cyber risk with HCM Advanced Controls

  147. Article
    Winding road leads to to the future

    Going public: a path for success

  148. Article
    Capitol building with bright sky

    ESG matters: an ESG primer for state and local government leaders

  149. Webinar
    Board meeting at a conference table

    Managing NFP cybersecurity risks through board governance

  150. Webinar
    Cybersecurity data screen

    Leveraging SOC 2 and CMMC reporting to assess compliance of your security environment

  151. Article
    abstract data

    Data Privacy Day 2022: Resolve to be in front of privacy ... not behind it

  152. Podcast
    Construction blueprints

    BuzzHouse: Have a positive construction experience—the dos and don’ts of construction audits and the draw process

  153. Webinar
    Car lights speed through valley

    Industry perspectives on CMMC 2.0

  154. Podcast
    Fed Talks podcast series

    Fed Talks: CMMC 2.0

  155. Article
    cybersecurity of personal health information

    COVID business shifts change but don’t stop robust HITRUST evaluations

  156. Webinar
    Professionals collaborate in team meeting

    CMMC 2.0: five changes to navigate

  157. Webinar
    NIST Cybersecurity (CSF) assessment

    How to perform a NIST Cybersecurity (CSF) assessment in seven easy steps

  158. Webinar
    trees growing in a forest

    Going public via SPAC: what you need to know

  159. Webinar
    protected health information

    HITRUST panel: lessons learned from a year of remote HITRUST validations

  160. Resource
    Man consults on the phone while working on the computer

    Ransomware prevention guide

  161. Article
    people working in offfice

    Control rationalization is key to optimizing SOX compliance

  162. Article
    information traveling to the cloud

    How to mitigate your risk when doing business on the cloud

  163. Article
    doctor working on pricing on a computer

    Price transparency compliance

  164. Webinar
    Woman looking toward the future

    Utility University: Putting “now, for tomorrow” into practice

  165. Webinar
    large equipment on job site

    Auditing direct labor in construction projects

  166. Article
    Hand reaching for the sky

    Agile auditing – why it is more important now than ever

  167. Article
    Woman works on computer at night

    Ransomware: understanding the risks and recognizing the threats

  168. Article
    aerial view of a fort

    Mounting a defense in the ransomware war

  169. Article
    Team members review successful project on a tablet

    Elevating IT SOX programs through PCAOB inspection results and staff outlooks

  170. Webinar
    board room with view

    ESG in private equity: what's coming and how can you be ready?

  171. Webinar
    Concrete materials for bridge

    Mitigating construction project price risk in a volatile market

  172. Webinar
    ransomware attack at a business

    Managing your risk against a ransomware attack

  173. Article
    Empty conference room in New York City

    ASC 842 compliance: What non-public entities can expect

  174. Webinar
    long road in green environment

    Top ESG reporting trends and their impact on private equity

  175. Article
    woman visualizing data on computer

    Using construction audit and review techniques to evaluate and mitigate project risk

  176. Webinar
    People looking at cybersecurity screens

    Cybersecurity risk management: mitigating vulnerabilities in the cloud

  177. Resource
    Road along the cost at sunrise, new opportunities

    Deal breakers and opportunity makers: the role of environmental, social and corporate governance (ESG) in M&A

  178. Article
    team meeting in office

    Internal audit: understanding co-sourcing and outsourcing models

  179. Webinar
    Real estate developer looks up at buildings in a city

    Real conversations: going public via SPAC

  180. Case Study
    Campus university with students walking to class

    Pre-construction audit services save a public university over $70,000 on construction contract value

  181. Article
    Man analyzes data on the computer

    New SCCs published for international data transfers under the GDPR

  182. Article
    a pharmacy at a healthcare facility

    What pharmacists should know about drug diversion

  183. Article
    business associates reviewing a business continuity plan

    Leveraging after action reviews in the midst of a pandemic

  184. Article
    car lights speeding through abstract tunnel

    Agile auditing: unpacking today’s key trends across industries

  185. Article
    data privacy across the globe

    GDPR: three years of setting the standard for data privacy

  186. Webinar
    tax_papers_on_desk

    Auditing change orders, contingency and allowances

  187. Webinar
    global data exchange

    Data privacy reset for 2021: seeing past the headlines

  188. Press Release
    Two women discuss data on a computer

    Baker Tilly Selected as Candidate CMMC Third-Party Assessor

  189. Article
    View of a computer server room

    Cybersecurity considerations across the life cycle of a deal

  190. Webinar
    Man consults on the phone while working on the computer

    Identifying unfavorable billing conditions

  191. Article
    Man analyzes a report at a computer

    As SPACs remain popular, here’s what you need to know

  192. Resource
    Abstract data

    Baker Tilly Fraud Summit 2022

  193. Article
    Healthcare data and cybersecurity risk management on an ipad

    HIPAA: get serious about identifying your organizational cybersecurity risks

  194. Webinar
    Team meeting at a computer

    NIST 800-53 Revision 5: preparing for the transition

  195. Article
    Consumer data privacy

    Virginia swiftly passes Consumer Data Protection Act

  196. Resource
    Video conference of a medical professionals

    Baker Tilly’s first annual fraud summit

  197. Webinar
    Managing healthcare risks through internal audit

    Using internal audit as a catalyst to help mitigate fraud risk

  198. Webinar
    Emerging trends in not-for-profit fraud

    Incorporating continuous auditing into your fraud toolbox

  199. Webinar
    Fraud and corporate governance: What boards can do to help prevent fraud

    Fraud and corporate governance: what boards can do to help prevent fraud

  200. Webinar
    Digital values of financial report

    Data and compliance: what you don’t know can hurt you

  201. Webinar
    Compliance lessons from the Department of Justice in 2020

    Compliance lessons from the Department of Justice in 2020

  202. Webinar
    The White House, the U.S. presidential residence, at night

    White collar crimes enforcement under a new administration

  203. Webinar
    ERP software evaluation positions manufacturer to undertake and execute business transformation and process improvements

    Triggers and internal controls: how to develop strong processes

  204. Webinar
    IRS releases final regulations for country-by-country reporting

    The threat beyond the Foreign Corrupt Practices Act (FCPA)

  205. Webinar
    Man working at a computer from home

    Recent developments in investigations: what we’ve learned from a year of remote investigations and implications for the future

  206. Webinar
    View of greater London skyline

    Compliance in a pandemic – the view from Europe

  207. Webinar
    Pitfalls of a commercial crime insurance policy

    Pitfalls of a commercial crime insurance policy

  208. Webinar
    Performance incentives: the devil you need to know

    Performance incentives: the devil you need to know

  209. Webinar
    Gentleman accesses financial resources on his smart phone

    Outsourcing compliance

  210. Webinar
    Mapping ethical risk

    Mapping ethical risk

  211. Webinar
    2020 Foreign Corrupt Practices Act (FCPA) update

    2020 Foreign Corrupt Practices Act (FCPA) update

  212. Article
    Bird's eye view of a college campus

    Emerging technologies’ impact on construction audits

  213. Webinar
    Man working on risk management

    Supply chain risks: responding to new federal demands after “SolarWinds”

  214. Resource
    Conference room in advance of a board meeting

    NACD (National Association of Corporate Directors)

  215. Article
    Data security man looking at data analytics screen

    The Brexit transition period has ended – now what?

  216. Webinar
    SOC lessons learned

    SOC: lessons learned from a year of remote engagements

  217. Case Study
    Consultants review an audit report prior to a finance committee meeting

    Risk assessment for health plan’s member letters and notifications

  218. Article
    People in meeting with data background

    EU data transfers: transitioning to standard contractual clauses in 2021

  219. Webinar
    Team meeting analyzing data

    SOC 2 for startups: what you need to know to be prepared for a SOC 2 audit

  220. Case Study

    Not-for-profit gains validated business continuity and disaster recovery plans to support continuous operations

  221. Case Study
    Facade of government building

    Government contractor improves business continuity after plan review

  222. Article
    Students walk on campus at night

    Affiliation agreements – add value with a critical assessment

  223. Article
    Cybersecurity on laptop with mobile icons

    Taking a risk-based approach to cybersecurity

  224. Webinar
    CMMC what to expect during official assessment

    CMMC: What to expect during an official assessment

  225. Webinar
    Business professional viewing data and graphs on tablet

    Insurance hot topics virtual series: Keeping up with change: 2021 Internal audit risk assessment perspectives

  226. Webinar
    IT general controls and cybersecurity for public sector

    Stay in control: IT general controls and cybersecurity for public sector

  227. Article
    Agile internal auditing during a pandemic

    Agility and internal audit – four ways to do more with less

  228. Article
    Healthcare organizations should address top risk and control areas

    Preparing your healthcare organization for the next disruptive event: top 8 risks and controls to address

  229. Webinar
    construction contracts

    Construction audit program fundamentals

  230. Article
    risk two people climbing a mountain

    Top risk considerations for private equity

  231. Article
    data privacy points across the globe

    Five things you need to know to optimize your company’s approach to data privacy and cybersecurity

  232. Article
    Cyber risk management framework in a virtual environment

    NIST releases SP 800-53 Revision 5 and SP 800-53B

  233. Article
    Healthcare professionals discussing cybersecurity and ransomware attacks

    Healthcare industry seeks enhanced cybersecurity controls in the face of rising ransomware attacks

  234. Article
    Business meeting in conference room

    Successfully navigating the CMMC and DoD's new interim DFARS rule

  235. Article
    Ship is loaded with shipping containers as part of the supply chain

    The changing landscape of political risk

  236. Article
    CMMC and internal audit connections

    CMMC and the role of the internal audit

  237. Article
    Healthcare internal audit: an enabler of change in an age of disruption

    Healthcare internal audit: an enabler of change in an age of disruption

  238. Webinar
    Construction fraud and its impacts

    Construction fraud prevention

  239. Webinar
    hands typing on laptop

    Agile auditing: getting more from your internal audit function

  240. Webinar
    Consultants review an audit report prior to a finance committee meeting

    Leveraging the updated Three Lines Model for greater organizational resiliency

  241. Webinar
    Data transfers from one point to another providing analytics for decision makers

    CMMC is coming – Are you ready?

  242. Webinar
    Men working on construction planning

    Performing construction audits during COVID-19 and post-pandemic

  243. Webinar
    CMMC cybersecurity success hands

    Ensure CMMC success: seven common scoping mistakes to avoid

  244. Article
    papers on desk

    SOX readiness: preparing for an IPO

  245. Article
    Cybersecurity risk management reporting framework can provide a key component of an organization’s risk management program

    Now, more than ever – the importance of ERM in a crisis environment

  246. Article
    Minneapolis, Minnesota skyline

    Rethinking internal audit

  247. Article
    Taking notes while working at a computer

    Section 889 Part B is now in effect – are you ready to respond on day one?

  248. Article
    Man working on a tablet at night

    CMMC: preparation is paramount

  249. Article
    group walking fast

    Risk-based internal audit plans - sharpen your risk assessment focus

  250. Article
    Data privacy

    Privacy Shield no longer a valid mechanism for cross-border transfer of personal data

  251. Article
    Factory plant

    Pressure testing supply chain management: What do today’s challenges mean for government contractors?

  252. Article
    Advisor shares data analytics with client

    Managing healthcare risks through internal audit

  253. Webinar
    Dark Web: cybersecurity and the biggest threat facing your organization

    Cybersecurity Maturity Model Certification (CMMC) readiness series – Part II

  254. Article
    office building windows in the city

    Cybersecurity Maturity Model Certification (CMMC) impacts on the research enterprise at higher education and research institutions

  255. Webinar
    IT audit consultant analyzes data on a computer

    Critical cybersecurity considerations with a remote workforce

  256. Webinar
    Students walk to class on campus

    Understanding the Final Title IX Regulations

  257. Article
    Buildings reaching towards the sky

    SOC reporting in a COVID-19 environment

  258. Webinar
    Blue lighting in server room

    SOC considerations through the COVID-19 lens

  259. Article
    Professional works remotely on his computer and phone

    The impact of COVID-19 on SOC

  260. Article
    tax reform resource center

    Board business during the COVID-19 pandemic

  261. Article
    Medical professionals walk down hospital hallway

    Hire a construction audit consultant; actively participate for best results

  262. Webinar
    Looking in on a board meeting

    Understanding CMMC and the implications for DoD contractors

  263. Article
    Woman reviews business plan on computer

    Agile auditing in an IT project environment

  264. Whitepaper
    Tree-lined campus sidewalk with lights

    Analyzing the updated Title IX regulations

  265. Article
    Ergonomic desk accessories with computer

    Providing internal audit value during COVID-19

  266. Webinar
    Woman working remote at table

    Higher education goes virtual: assessing oversight, academic continuity and integrity

  267. Podcast
    Baker Tilly relief funding podcast

    Navigating relief funding assistance for a stronger recovery

  268. Multimedia
    Webinar series hero

    Heather Acker shares insight to navigate relief funding assistance for a stronger recovery

  269. Article
    Blue architecture in a city

    AICPA releases new SOC for Supply Chain reporting framework

  270. Article
    Man analyzes a report at a computer

    Business continuity planning will help mitigate COVID-19-related losses

  271. Multimedia
    Webinar series hero

    Enterprise risk management, business continuity and resiliency in crisis and in recovery

  272. Article
    Viewing digital marketing data on tablet

    Don’t lose sight of privacy during COVID-19

  273. Webinar
    Tree-lined campus sidewalk with lights

    Providing internal audit value in this time of uncertainty

  274. Article
    Woman working at a computer

    IT audit for remote work environments during COVID-19 crisis, through recovery

  275. Resource
    Business district skyline at night

    COVID-19 construction audit FAQ for internal auditors and owners

  276. Article
    Executive boardroom overlooking the city

    Don’t lose control during COVID-19

  277. Podcast
    Baker Tilly Podcast

    Enterprise risk management: Ensuring business continuity and resiliency in crisis and in recovery

  278. Article
    Doctor reviews patient data on computer

    Technology due diligence in healthcare

  279. Article
    Office remains empty during a crisis event

    Coronavirus business continuity and crisis management discussion guide

  280. Case Study
    Aerial view of the ocean meeting the shoreline

    International university implements new change order control procedures after overrunning project budget

  281. Case Study
    Audit committee meets to oversee the reporting and disclosure process of an organization

    Major private university avoids over $2 million of overcharges

  282. Article
    Professional works remotely from home

    Cybersecurity hygiene for individuals working or learning remotely

  283. Article
    group walking fast

    Stay in compliance with regulatory requirements related to Title IV Aid as realities and regulations change amidst disruption due to COVID-19

  284. Webinar
    Cybersecurity maturity – enhancing your organization’s cyber risk management posture and program

    Cybersecurity maturity – enhancing your organization’s cyber risk management posture and program

  285. Multimedia
    People crowd on a busy city street and crosswalk

    Drug diversion risk mitigation practices vital for health care organizations

  286. Multimedia
    geometric ceiling

    Can your IT SOX program withstand the PCAOB?

  287. Multimedia
    students walkinng down the hallway

    Checking the pulse of your student wellness initiatives

  288. Webinar
    Keeping your organization aligned with the SEC's cybersecurity guidance

    Keeping your organization aligned with the SEC's cybersecurity guidance

  289. Resource
    Negotiations

    It’s risky doing business with you: an informed vendor risk management program

  290. Webinar
    Leveraging SOC 2® reports to meet stakeholder expectations

    Leveraging SOC 2® reports to meet stakeholder expectations

  291. Article
    Classroom

    Cybersecurity issues in research: can higher education institutions keep up with research data security requirements?

  292. Article

    NIST releases version 1.0 of its privacy framework

  293. Article
    Risky business: Protect your government from cyber threats

    Risky business: protect your government from cyber threats

  294. Webinar
    How Willis Towers Watson successfully moved its global HR operations to the cloud

    Healthcare and the cloud: utilizing cloud computing for more effective healthcare data security

  295. Article
    Team meeting in a conference room

    Scrum, Kanban and agile auditing project management methods applied to internal audit

  296. Multimedia
    Vascular Solutions testimonial

    System and Organization Controls (SOC) overview

  297. Webinar
    Secure server

    Operationalizing data privacy: leading practices for regulatory compliance

  298. Press Release
    Two women working together at a computer, discussing privacy and risk management

    Baker Tilly Partners with CENTRL to Help Clients Enhance Privacy Compliance and Risk Management

  299. Article
    Blue lighting in server room

    Are you a service provider under the California Consumer Privacy Act?

  300. Webinar
    Seminar attendees participate in session

    Climbing the ranks: best practices for preventing fraud and misreporting in admissions and institutional data reporting

  301. Podcast
    team members walk through office

    SOC 2 and data security’s impact on insurance companies

  302. Webinar
    The sides of two high-rise buildings in a city

    Enhancing risk management to increase and protect value for REITs

  303. Article
    Golden spiral staircase

    Applying the Agile manifesto and principles to internal audit

  304. Case Study
    People crowd on a busy city street and crosswalk

    Private university takes action to protect its admission integrity

  305. Case Study
    Healthcare professionals consult on patient care

    An agile approach to charge capture processes provides added value for not-for-profit healthcare organization

  306. Webinar
    System and Organization Controls (SOC) and the cloud

    System and Organization Controls (SOC) and the cloud

  307. Webinar
    ceiling lines

    Protecting your next investment: The importance of technology due diligence

  308. Webinar
    building and sun

    Agile Internal Audit: transforming internal audit to add greater value

  309. Article
    Internet cloud lights data

    FTC’s history-making settlement with Facebook spurs call for data privacy governance and transparency

  310. Resource
    Sun peeking through the clouds over vast landscape

    GDPR and CCPA comparison tool

  311. Article
    Lawyer reviewing California's privacy law

    Countdown to 2020 – what you need to know about California’s privacy law

  312. Article
    Long stretch of empty road

    Is your Sarbanes-Oxley (SOX) program efficient and effective? 

  313. Article
    Empty conference room

    Authentication: Do we really need to use crazy passwords?

  314. In the News
    Project team meets in lobby

    Carrier Management: Carrier Alert – InsurTechs Pose Third-Party Vendor Security Risks

  315. Article
    Professionals walk and talk in transit to the next business meeting

    Agile auditing: transforming internal audit to add greater value

  316. Webinar
    Various meeting notes pinned to a board

    Privacy compliance: ensuring compliance with CCPA and beyond

  317. Media

    Washington Business Journal: Industry veteran offers tips for succeeding through inclusion

  318. Media
    Bustle in the city with street lights and crowds of people on the sidewalk

    Baker Tilly’s Christine Anderson Named to NACD Directorship 100

  319. Article
    Stairs and columns outside government building

    New state data breach notification laws have near-term impact

  320. Webinar
    Commercial real estate properties in city

    Building construction audit templates

  321. In the News

    It only takes three seconds

  322. Press Release

    More than 25% of Healthcare Organizations Rate Cybersecurity as Their Greatest Concern

  323. Webinar
    Stack of papers

    The NAIC Insurance Data Security Model Law: Preparing for your state’s next cybersecurity examination

  324. Article
    Managing risk in healthcare

    Strategies for using internal audit to help healthcare organizations manage risk

  325. Webinar
    Managing healthcare risks through internal audit

    Managing healthcare risks through internal audit

  326. Press Release

    Baker Tilly Poll Shows Most Organizations Not Compliant with New SOC 2 Criteria

  327. In the News

    Investment in Cybersecurity is Key to Minimizing Risk and Gaining a Competitive Edge

  328. Webinar
    Concrete

    Building construction audit checklists

  329. In the News

    Cyber risks weaken links in supply chains

  330. Article
    Rethinking organizational relationships to strategically align compliance, audit, risk, ethics and ERM functions in higher education

    Rethinking organizational relationships to strategically align compliance, audit, risk, ethics and ERM functions in higher education

  331. Article
    Hospital groups threaten to sue over site-neutral payment cuts

    Navigating the NAIC Insurance Data Security Model Law

  332. Webinar
    weather radar indicates storm warning

    Understanding privacy regulations and compliance

  333. Webinar
    Software and technology

    Cybersecurity oversight: the board and C-suite’s perspectives

  334. Article
    Stack of white papers

    AICPA proposes guidance for new System and Organization Controls (SOC) Supply Chain report

  335. In the News

    Cyber Fraud Unplugged

  336. Webinar
    Bundle of fiber optic wiring

    Transitioning between System and Organization Control (SOC) reports

  337. Press Release

    Baker Tilly Poll Shows GDPR Compliance and Privacy Governance Still a Challenge for Most Organizations

  338. Article
    Long report

    Baker Tilly quoted in 2018 FEI Audit Fee Survey Report

  339. Press Release

    Baker Tilly and NACD Provide Corporate Directors with Insights on 2019 Strategic Risks in New Report

  340. In the News

    One of the largest ground beef recalls in US history grows to 12 million pounds

  341. Webinar
    Construction workers discussing blueprints

    Improving construction project ROI

  342. Webinar
    Construction contractor analyzing blueprints

    Why do construction projects go wrong?

  343. Webinar
    lighthouse at the end of a dock at night with water

    Preparing for SOC 2® changes: lessons learned from applying the new Trust Services Criteria

  344. Press Release

    Nearly 90 percent of Organizations Lack Holistic Cybersecurity Testing Program

  345. Article
    Professionals collaborate in team meeting

    Ten things that should trigger an internal controls review

  346. Press Release

    Majority of Insurers Have Not Adopted Agile Methodologies within Internal Audit Function

  347. In the News

    California law introduces new data concerns for healthcare organizations

  348. Webinar
    Construction blueprints

    Auditing public-private partnership (P3) contracts

  349. Webinar
    Construction equipment on dirt mound

    Auditing fixed price contracts

  350. Press Release

    Despite Impending Deadline, Most Organizations Remain Unprepared to Comply With GDPR

  351. Webinar
    Gathering of business professionals

    Performing construction contract risk analysis

  352. Webinar
    Team strategy meeting in conference room overlooking city

    CECL: 2017 financial statement requirements

  353. Webinar
    Skyscrapers

    Construction claims: Part 3: Settlement

  354. Press Release

    Baker Tilly Adds David Ross to Enhance National Cybersecurity Specialization

  355. Article
    Aerial view of the ocean meeting the shoreline

    Make sure your company is prepared for any disaster

  356. Webinar
    Business professionals gathered sitting around conference table

    Construction claims: Part 2: Accounting for financial impact

  357. Webinar
    Scaffolding

    Construction claims: Part 1: The fundamentals

  358. Case Study
    Automotive supplier improves its disaster recovery preparedness with risk assessment

    Automotive supplier improves its business continuity preparedness with Baker Tilly risk assessment and impact analysis

  359. Case Study
    Technology provider develops resilience through business continuity plan

    Seeking to avert operational threats from disruptive incidents, a technology provider taps Baker Tilly

  360. Webinar
    Fiber optic cables and lights

    The next big real estate challenge: cybersecurity and smart buildings

  361. Webinar
    Construction crane

    Avoiding construction claims and disputes

  362. Case Study
    Publicly traded manufacturer improves financial reporting control environment after SOX compliance review

    Publicly traded manufacturer improves financial reporting control environment after SOX compliance review

  363. Case Study
    REIT improves business processes and operations while ensuring SOX compliance with outsourced internal audit function

    REIT improves business processes and operations while ensuring SOX compliance with outsourced internal audit function

  364. Webinar
    Fast-moving lights in a city

    Auditing controlled insurance programs

  365. Webinar
    Storm clouds

    Accounting for a natural disaster during a construction project

  366. Article
    ASC 606 transition: Disclosures

    ASC 606 transition: Disclosures

  367. Webinar
    Consultants review an audit report prior to a finance committee meeting

    Construction project audit basics: reporting results

  368. Webinar
    Two business leaders meet to discuss a business transaction

    Construction project audit basics: transaction testing

  369. Webinar
    Man works on computer

    Construction project audit basics: developing an audit program

  370. Webinar
    Two professionals walking by a window

    Best practices for project accounting controls

  371. Webinar
    Construction crane at sunset

    Mitigating construction project risk with construction insurance products

  372. Webinar
    Bridge over water

    Construction contracting: tips, traps, and terms

  373. Article
    Advisor meets with clients

    Internal audit value optimization for insurance organizations

  374. Webinar
    Colorful lights at O'Hare Airport

    Detecting, testing, and reporting shifted costs

  375. Article
    Conference room in advance of board meeting

    Strengthening collaboration between internal audit and risk management

  376. Webinar
    Professionals having a discussion

    Understanding construction litigation strategy

  377. Article
    Gentleman accesses financial resources on his smart phone

    State and local governments are not immune from cyber-attacks

  378. Webinar
    Signing contract

    Analyzing contract terms: general requirements

  379. Webinar
    Board meeting

    Owner’s project controls review

  380. Article
    Drone flies within city limits

    New NIST Cybersecurity Framework

  381. Webinar
    Building beams in place at a construction site

    Qualitative analysis: the construction site visit

  382. Article
    Conference room in advance of a board meeting

    Enhancing board governance

  383. Webinar
    Team discusses client needs in an office

    Auditing mega projects: assessing project risk

  384. Webinar
    Construction crew gathered around a table with blueprints

    Auditing construction contract change orders

  385. Webinar
    Calculator and a financial statement

    Auditing engineer-procure-construct (EPC) projects

  386. Webinar
    Contractor pointing at work statement

    Auditing unit priced construction contracts

  387. Webinar
    Toolbox with an assortment of parts inside

    Direct construction cost audit toolbox

  388. Webinar
    Business professionals in a conference room

    Construction contract fundamentals

  389. Case Study
    digital abstract global factory manufacturing

    Manufacturing company successfully realigns its global control environment

  390. Article
    Tree-lined campus sidewalk with lights

    Ensuring athletics program integrity

  391. Article
    Teammates meeting in a conference room

    Annual Statement of Accounts (ASOA) certification required for music streaming service providers

  1. Heather Acker

    Heather Acker

    CPA

    Managing Partner

  2. Leo Alvarez

    Leo Alvarez

    CFCM, MA

    Principal

  3. Mark Boettcher

    Mark J. Boettcher

    CPA, CISA, CBCP

    Partner

  4. Derek Boyd

    Derek Boyd

    CPA

    Partner

  5. William Bressette

    William Bressette

    CPCM, CFCM, CCCM

    Principal

  6. Anthoney Casey

    Anthony Casey

    CIA

    Principal

  7. Jeff K. Clayton

    Jeff K. Clayton

    Principal

  8. Mike Cullen

    Mike Cullen

    CISA, CISSP, CIPP/US

    Principal

  9. Ashley Deihr

    Ashley Deihr

    CPA, CIA, CFE

    Partner

  10. Emily Di Nardo

    Emily Di Nardo

    CPA, CITP, HITRUST CHQP

    Partner

  11. Matt Gilbert

    Matt Gilbert

    CISA, CRISC

    Principal

  12. Garrett Gosh

    Garrett Gosh

    CPA, CITP

    Partner

  13. Daniel A. Hedden

    Daniel A. Hedden

    CPA

    Partner

  14. Christopher Jeffrey

    Christopher E. Jeffrey

    Partner

  15. Jeff Krull

    Jeff Krull

    CPA, CISA, CITP

    Partner

  16. Mark Laccetti

    Mark E. Laccetti

    CPA

    Partner

  17. Adrienne Larmett

    Adrienne Larmett

    CRA, MBA

    Principal

  18. Noah Leiden

    Noah Leiden

    CPA

    Partner

  19. Madhu Maganti

    Madhu Maganti

    CPA, CISA, M.S.

    Partner

  20. Joseph McCaffrey

    Joseph McCaffrey

    CPA

    Partner

  21. Andrew McCauley

    Andrew McCauley

    CPA, CISA

    Partner

  22. Brian Nichols

    Brian Nichols

    CISSP, CIPP/US

    Principal

  23. Ben Quigley

    Benjamin Quigley

    PMP

    Principal

  24. Anthony Ollmann

    Anthony Ollmann

    CPA, CCA

    Partner

  25. Greg Reda

    Gregory Reda

    Partner

  26. John Romano

    John Romano

    CPA, CIA, CFE, CITP, CSM

    Partner

  27. Joe Shusko

    Joe Shusko

    CISA, PMP

    Principal

  28. Baker Tilly Professional

    Julia Smith

    Principal

  29. Christopher J. Tait

    Christopher J. Tait

    MBA, CISA, CCSK, CFSA, CCSFP

    Principal

  30. Russ Sommers

    Russell Sommers

    CPA, CISA

    Partner

  31. Mallory Thomas

    Mallory Thomas

    CPA, MBA, CIA, CITP, CISA

    Partner

  32. Cassandra Walsh

    Cassandra Walsh

    CPA

    Partner

  33. Bosco Yuen

    Bosco Yuen

    CPA, CISSP, CISA, CIA, CSX, CCSA, PMP

    Partner

It’s about helping clients

Baker Tilly’s industry-specialized professionals understand the complexities of our clients. We recognize emerging issues and offer clients practical solutions with better outcomes aligned to their strategic objectives.

We help:

  • better manage risk and compliance
  • enhance governance and strategy
  • optimize operations
  • gain assurance around key functions and processes

Get started with a risk advisory specialistarrowCreated with Sketch.

Turn risk into competitive advantage

Today organizations manage ever-expanding priorities in a disruptive risk environment. It’s why organizations seek a trusted advisor that can address the full spectrum of risk, governance and compliance considerations in the context of industry, operations and culture.

Baker Tilly collaborates with leaders across functions – and at all levels – to facilitate grounded solutions from an enterprise-wide perspective. Using an integrated approach, we support our clients’ focus on the strategic landscape of the organization and its future.

Our solutions

Creativity, teamwork and ideas represented by lightbulbs
Connect with usarrowCreated with Sketch.

Our strategic alliances

AuditBoard and Workiva logos
AuditBoard

Together, Baker Tilly and AuditBoard provide clients with a solution that augments the transformation and optimization of their financial management, risk and compliance functions. The pairing combines deep advisory experience and insight with advanced audit technology to enhance GRC management. Read the press release.

In this episode of Agents of Change, Heather Acker, risk advisory managing partner, and Richard Chambers, senior internal audit advisor at AuditBoard, share their perspectives on internal audit and the future of the profession.

Workiva

Baker Tilly and Workiva create value-driven offerings to transform and optimize an organization’s governance, risk and compliance (GRC) functions and support their ESG journeys with enhanced reporting insights. Through our alliance, Baker Tilly and Workiva can help organizations streamline risk management processes and compliance reporting within a cloud-based platform. Read the press release.

Walkway outdoors during sunset

ESG and sustainability

Going beyond responsibility to value and opportunity, we provide comprehensive and industry-focused environmental, social and governance (ESG) and sustainability advisory and assurance from development to execution.

Start your ESG journeyarrowCreated with Sketch.

Guiding insights

  1. internal audit asking questions

    Flipping the script on internal audit

    In the incredibly complex world of internal audit, how do you ensure you’re asking the right questions at the right time to ensure long-term success?
  2. Pacific coastline, view from Highway number 1, California

    New California climate law pulls in private companies

    Baker Tilly’s Risk Advisory Partner Mallory Thomas discusses with The Wall Street Journal about California’s landmark legislation requiring businesses, including those privately held, to begin reporting on emissions if they operate in California and have at least $1 billion in revenue.
  3. Capitol building reflection at sunrise

    Strategies to address the new SEC cyber disclosure rule (and how to do it!)

    One strategy to address the new SEC cyber disclosure rule is to leverage AICPA’s cybersecurity risk management framework.
  4. Team working on laptops

    Maintaining effective internal controls in a compliance-driven world

    Baker Tilly’s risk advisory specialists Chad Schaefer and Monica Weggeman discuss how to maintain effective internal controls in WICPA’s The Bottom Line publication.
  5. Sun reflecting off of colorful building

    The rise of proactive assurance, and why it’s here to stay

    Through proactive assurance, internal audit can add immediate and tangible value to an organization.
  6. Glass facade of a modern office building

    Implementing an effective ERM program

    The key for organizations to successfully meet challenges and mitigate risks is by implementing an effective enterprise risk management (ERM) program.

Client stories

  1. Emerging trends in cybersecurity

    International insurance group strengthens cybersecurity program and complies with comprehensive regulations

    An international insurance group domiciled in New York identifies gaps and develops a compliance roadmap with the NYS DFS Cybersecurity Regulation and the NIST Cybersecurity Framework with the help of Baker Tilly.
  2. Hospital, medical facility

    Hospital strengthens internal controls by identifying key risk areas

    A freestanding, not-for-profit hospital planned to undertake some major construction project including extensive renovations, addition of a new building, and expansion of its research institute.
  3. Man walking through server room

    Manufacturer taps Baker Tilly to assess its IT environment and enhance data integrity and systems availability.

    The organization received prioritized recommendations to support the company’s goals, and used our work to build out its processes for managing user access and for managing application changes.
  4. Baker Tilly performs extensive array of internal audit functions at research institution, and serves in the role of interim CAE during transition period

    Baker Tilly performs extensive array of internal audit functions at research institution, and serves in the role of interim CAE during transition period

    One of Baker Tilly’s professionals served in the role of interim (CAE) while the university during the recruiting and hiring process for a new full time position, while collaborating with senior leadership and internal audit stakeholders to transition the function to new leadership.
  5. Real estate investment trust (REIT) strengthens its financial, operational, and compliance related controls

    Real estate investment trust (REIT) strengthens its financial, operational and compliance related controls

    A commercial REIT sought to review certain operational and financial policies, procedures and controls. Baker Tilly governance, risk and compliance professionals helped enhance the REIT's operations.

Stay in the know

Sign up to receive relevant and timely risk advisory insights, alerts and tools.