• Cyber-risk: What audit committees and boards need to know now

    High-profile breaches and their monetary impact have caused boards and audit committees to take notice. The importance of cybersecurity should be communicated to management and staff from the board. They must ensure that management is allocating the necessary resources to implement an effective, enterprise-wide cybersecurity risk-management program.
  • Detecting, testing, and reporting shifted costs

    Cost shifting is the unauthorized transfer of costs from non-reimbursable cost centers to reimbursable cost centers. Reallocated costs are the authorized repurposing of budget dollars resulting from advantageous purchasing practices or efficient delivery of construction services.
  • Banking brief: A bank consolidation wave is forming

    As has been anticipated since the end of the Great Recession, a wave of bank consolidation is very much in formation and could swell to significant levels later in 2015. On its own merit, the increase in average pricing on Q1 2015 deals to a level of just over 150% of book value strongly indicates a more robust mergers and acquisition market for banks.
  • Strengthening collaboration between internal audit and risk management

    To meet OCC requirements and strategically connect the dots on assurance, compliance, and risk management, internal audit functions will need to be part of the risk management ecosystem and provide validation of the execution of risk management responsibilities by frontline units and management. This article outlines what internal audits bring to the table as well as opportunities for driving value through collaboration between risk management and internal audit, using the case example of concern about loan loss reserves.
  • Cybersecurity: It’s not just for businesses

    Our society depends on critical civic and social services provided by state and local governments. These services require effective cybersecurity to support the confidentiality, integrity, and availability of this data.