Home/Tag: Internal Audit

SOC 2 v. ISO 27001: What’s The Difference?

Navigating the ins and outs of two of the most popular compliance frameworks.

When it comes to vendor due diligence, many companies are raising the bar.

In addition to evaluating vendor revenue, growth, and skills, security is becoming an important focus. With almost half of security breaches occurring because of vendors, it’s no wonder that security attestations and certifications […]

By |2020-07-13T12:15:34+00:00July 13th, 2020|ISO 27001 Compliance, SOC Reporting|0 Comments

Craftsmanship in Music and Compliance

If you’ve been on stage for a speech or performing arts, you know stage fright is real. Businesses can get nervous when they hear the word “audit” in the same way musicians can get nervous before a performance. However, there is one great way to alleviate that fear: preparation. If your business prepares well, you will see the fruits […]

Bridge the Gap Between Internal Audit & Enterprise Risk Management – Identify Business Drivers (PART 4)

Author’s Note: This series will help you build an ERM system that will bridge the gap between Internal Audit (IA) and Enterprise Risk Management (ERM).

Part 1 | Part 2 | Part 3 | Part 4

Business Drivers are typically defined by executive management with guidance from the board of directors. From an internal […]

Bridge the Gap Between Internal Audit & Enterprise Risk Management – ERM Framework (PART 3)

Author’s Note: This series will help you build an ERM system that will bridge the gap between Internal Audit (IA) and Enterprise Risk Management (ERM).

Part 1 | Part 2 | Part 3

In Part 2 of this series I discussed what an ERM Dashboard might look like, but that still leaves […]

By |2020-01-17T21:22:05+00:00September 28th, 2015|Cyber Risk Management, IT Audit & Compliance|0 Comments

Bridge the Gap Between Internal Audit & Enterprise Risk Management – Begin With the End in Mind (PART 2)

Author’s Note: This series will help you build an ERM system that will bridge the gap between Internal Audit (IA) and Enterprise Risk Management (ERM).

Part 1 | Part 2 | Part 3

Begin with the End in Mind

Our goal with an ERM system is to be able to track the health of the company by […]

By |2020-01-17T21:22:07+00:00September 25th, 2015|Cyber Risk Management, IT Audit & Compliance|2 Comments

Bridge the Gap Between Internal Audit & Enterprise Risk Management (Part 1)

Author’s Note: This series will help you build an ERM system that will bridge the gap between Internal Audit (IA) and Enterprise Risk Management (ERM).

Part 1 | Part 2 | Part 3

Last week I had the pleasure of listening Larry Harrington speak at an IIA conference in Atlanta. One point […]

By |2020-01-17T21:22:13+00:00September 23rd, 2015|Cyber Risk Management, IT Audit & Compliance|0 Comments