Baker Tilly
  • Services
    • Assurance
    • Analytics
    • Enterprise Transformation Services
    • Forensic, Litigation, and Valuation
    • Global Forensics
    • Government Contractor Advisory
    • Growth Strategies
    • Human Capital
    • International
    • Investment Banking
    • Performance Optimization
    • Renewable Energy
    • Risk, Internal Audit and Cybersecurity
    • Staffing, Recruiting, and Executive Search
    • Tax
    • Technology
    • Transaction Advisory Services
  • Industries
    • Agribusiness
    • Asset Management
    • Automotive and Mobility
    • Banking
    • Construction
    • Cooperatives
    • Dealerships
    • Energy and Utilities
    • Family Business
    • Food and Beverage
    • Healthcare
    • Higher Education
    • Insurance
    • Law Firm and Professional Services
    • Life Sciences
    • Manufacturing and Distribution
    • Not-for-Profit
    • Oil and Gas
    • Private Equity
    • Real Estate
    • Retail
    • Software and Technology
    • State and Local Government
    • Tribes
  • Insights
  • News
  • About Us
  • Careers
  • Events
  • Offices
  • Directory
  • Client Portal
  • Contact Us
  •  Search
 
Home  →  Insights

Insights: Enterprise Risk Management

Subscribe:
 
  • November 15, 2018
    Articles

    Utility risks invading your dreams? Mitigating risk through ERM

    If concerns about utility leadership retirements, staff turnover and energy generation shifts invade your dreams, enterprise resource management is a proven risk evaluation and mitigation methodology.
  • November 06, 2018
    Case Studies

    Real estate company strengthens third-party management processes, enhances investor confidence

    A real estate investment management company hired Baker Tilly to review and enhance their internal controls and processes for managing third-party agreements.
  • May 21, 2018
    Articles

    Strategic Thinking… Focus on the Future 

    In a recent PICPA blog article, Dr. John Park discusses the importance of strategic thinking and planning for individuals and businesses.
  • May 03, 2018
    Whitepapers

    Leveraging big data in the consumer credit industry: Better use of quality data can revitalize exhausted servicers

    Understand the nature of data fatigue, quality data and other concerns big data imposes on mortgage servicing organizations and what companies can do to overcome these challenges by downloading this informative whitepaper.
  • February 26, 2018
    Case Studies

    Tribal government conducts enterprise wide risk assessment to develop annual internal audit plan

    A large tribal government needed assistance in developing a best-in-class internal audit function to improve internal controls, governance and overall operations.
  • October 23, 2017
    Articles

    Integrating corporate compliance programs into enterprise risk programs

    The internal audit function can play several roles in the formalization of risk management and compliance processes as well as integrating compliance into ERM.
  • August 25, 2017
    Webinars

    HIPAA in Higher Ed – Does your risk assessment get an A+ from OCR?

    This Baker Tilly and ACUA webinar discusses the latest HIPAA news and recent higher education OCR actions, commonly forgotten areas of the risk assessment, standard tools recommended by OCR and a practical assessment approach that can lead to efficiencies and savings.
  • July 05, 2017
    Webinars

    Data Security: Keys to Building a Sound Data Risk Management Program

    Listen in as Baker Tilly and Thompson Hine law firm teamed up to cover this critical discussion on data security.
  • May 16, 2017
    Case Studies

    Baker Tilly performs extensive array of internal audit functions at research institution, and serves in the role of interim CAE during transition period

    One of Baker Tilly’s professionals served in the role of interim (CAE) while the university during the recruiting and hiring process for a new full time position, while collaborating with senior leadership and internal audit stakeholders to transition the function to new leadership.
  • May 15, 2017
    Case Studies

    An increasing emphasis on enterprise risk management drives university to seek external assessment

    Baker Tilly conducted a compliance infrastructure assessment that resulted in concrete and practical recommendations for enhancing and monitoring compliance-related activities, filling gaps and providing increased visibility to the board and senior leaders.
  • April 05, 2017
    Case Studies

    Not-for-profit undergoes IT general controls and application controls audit and receives recommendations that will drive IT planning and budget processes and improve operating effectiveness

    The organization plans to use Baker Tilly's recommendations to drive their IT planning and budget process.
  • March 30, 2017
    Articles

    Health Plans: Membership and Premium Cycle Audits

    This is the second article in a four-part series on health plan audits, and it focuses on the risks and important control processes in membership and premium cycles.
  • March 29, 2017
    Articles

    Audits of Sponsored Research - Introduction

    This auditing sponsored research article discusses the regulatory environment, risks associated with noncompliance, obstacle to compliance and the role of internal audit.
  • March 28, 2017
    Articles

    Risk-based advisory services: strategic partnerships and approaches for gaining assurance in an increasingly complex higher education environment

    Leadership needs a strategic partner they can rely on to help foster an effective approach to managing risk, compliance, and the alignment of organizational strategy and operational tactics.
  • March 28, 2017
    Webinars

    Be a Catalyst for Your Enterprise Risk Management Program

    This webinar will share how stakeholders throughout an institution can use various tools, including internal and external assessments, to improve the effectiveness of ERM.
  • September 15, 2016
    Articles

    Using enterprise risk management to achieve your mission

    As risks and complexities continue to change and grow, not-for-profit organizations can embrace enterprise risk management (ERM) as a strategic advantage.
  • July 06, 2016
    Case Studies

    WPS transforms internal audit function and enterprise risk management

    Baker Tilly helps WPS Health Solutions strengthen internal audit function and bolster risk management throughout the organization.
  • June 16, 2016
    Articles

    Serving as the internal audit department for a global, private equity-owned manufacturer of baked goods

    Serving as the internal audit department for a global, private equity-owned manufacturer of baked goods
  • June 03, 2016
    Articles

    Playing offense and defense: Assessing and managing cyber risk effectively

    No organization is immune from a cyber attack. Organizations that are best positioned to protect themselves will play both offense and defense—beginning with a thorough cybersecurity risk assessment.
  • May 02, 2016
    Articles

    OCC standards require strict oversight of third-party relationships

    It’s no longer enough for banks and other financial institutions to simply have good working relationships with the third parties that provide IT and other services. New, stricter standards and increased scrutiny by the Office of the Comptroller of the Currency (OCC) and the Consumer Financial Protection Bureau (CFPB), as well as the Federal Deposit Insurance Corporation (FDIC) and the Federal Financial Institutions Examination Council (FFIEC), mean financial institutions now have the same responsibilities for in-house and out-of-house services.
  • April 01, 2016
    Articles

    How to Fraud Proof Your Law Firm 

    Baker Tilly talks with Bisnow about cyber fraud threats facing the legal industry and shares solutions about how law firms can protect sensitive data.
  • February 16, 2016
    Articles

    EU-US Privacy Shield Agreement increases oversight of data transfers: US companies brace for requirements

    U.S. companies are bracing for requirements related to the new EU-U.S. “Privacy Shield”, which establishes a new framework for data transfers that underpin the world’s largest trading relationship between the EU and the U.S. Get a head start on compliance by understanding the agreement’s data transfer protocol requirements, oversight, and compliance implications for affected U.S. companies.
  • January 25, 2016
    Articles

    Cybersecurity Disclosure Act of 2015: What you need to know now

    The proposed Cybersecurity Disclosure Act of 2015 has provoked discussion about the role of the Board of Directors in cybersecurity oversight and board member knowledge and awareness of an organization’s cybersecurity management program. Baker Tilly outlines the potential impacts to boards and what’s important to know now.
  • January 15, 2016
    Articles

    How to solve your organization’s biggest cybersecurity threat 

    Baker Tilly talks with Bisnow about how to implement an effective cybersecurity management program by looking at cybersecurity holistically and not just as a technology problem. Learn more about what common, yet critical areas most organizations overlook and actionable steps you can take today to protect your data.
  • December 08, 2015
    Articles

    Top ten tips for board members approaching mergers and acquisitions

    At a recent NACD roundtable discussing emerging trends, key considerations, and hot topics related to mergers and acquisitions (M&A), Baker Tilly CEO and AICPA Chairman Tim Christen facilitated a spirited discussion among corporate board directors. Covering organization targeting, merger strategy, implementation planning, compensation and incentives, deal makers/breakers, and success measures, the diverse group shared insights gleaned from their experiences.
  • December 03, 2015
    Case Studies

    Credit union relies on risk and internal audit expertise

    Credit union aligns internal audit and risk management by working with Baker Tilly’s risk, internal audit, and financial institution specialists.
  • November 11, 2015
    Webinars

    2015 SOC update and developments

    Baker Tilly’s Service Organization Controls (SOC) specialists explained new developments for SOC reports in 2015 in this recent webinar.
  • October 29, 2015
    Articles

    AICPA changes to SOC 2: What service organizations need to know

    The American Institute of Certified Public Accountants (AICPA) recently released an updated Service Organization Controls (SOC) 2 report audit guide with a number of enhancements that impact SOC 2 reports.
  • September 25, 2015
    Articles

    Five best practices to manage hedge fund cybersecurity risks

    Cybersecurity is a critical business issue for hedge funds and other investment management firms. The financial consequences of a cyber attack can be significant and could result in a serious impact to a firm’s reputation. Not surprisingly, cybersecurity is also a growing concern for regulators, and an area where fund managers are increasing their focus.
  • September 08, 2015
    Articles

    Credit unions look to raise the level of commercial lending competition

    The National Credit Union Administration (NCUA) has proposed five new rules that, if enacted as written, have the potential to significantly change the commercial lending playing field for both credit unions and banks.
  • September 04, 2015
    Articles

    NAIC provides additional ORSA feedback to industry

    Overall, the 2015 Working Group memo indicated that the depth and breadth of the content of the ORSA reports varied significantly from company to company, and that the ORSA reports of life insurers generally demonstrated more mature ERM and capital management frameworks than those of property-casualty and health insurers.
  • August 19, 2015
    Case Studies

    Network Health augments staff with experienced industry specialists

    Network Health’s CFO initially turned to Baker Tilly for staff augmentation and accounting assistance with tax and quarterly state insurance department filings.
  • August 12, 2015
    Comment Letters

    Baker Tilly Comment Letter to the AICPA on the Proposed Revision of Trust Services Principles and Criteria

    We are pleased to have the opportunity to provide feedback to the AICPA Assurance Services Executive Committee (ASEC) Trust Information Integrity Task Force's Privacy Working Group with respect to its recent Proposed Revision of Trust Services Principles and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy.
  • July 12, 2015
    Articles

    Proposed revisions to the Trust Services Principles and Criteria are available for comment

    The AICPA recently released an exposure draft of the proposed revisions to the Trust Services Principles and Criteria. The most significant change in the proposed revisions is the integration of the privacy principles and criteria into the common criteria.
  • June 24, 2015
    Articles

    Transitioning to the 2013 COSO Framework

    Since the Committee of Sponsoring Organizations (COSO) issued its Internal Control — Integrated Framework (2013 Framework) in May 2013, many organizations have implemented the new framework to comply with the initial December 15, 2014 transition deadline. The 2013 Framework requires management to assess whether 17 principles are present and functioning, which is a change from the previous framework. Further, the 2013 Framework includes points of focus, which are important characteristics of the 17 principles and assist management with determining whether controls are properly present and functioning.
  • June 10, 2015
    Articles

    Banking brief: Vendor risk management increasingly complex

    The heightened complexity of vendor risk management for US banks was evident at a conference sponsored by Marcus Evans in Chicago on June 3-4. Need for resources, maintaining oversight, and how organizations are managing the process internally were all hot topics of conversation.
  • May 27, 2015
    Articles

    Insurance regulators zeroing in on cybersecurity

    Recent activity by regulators shows an increased focus on cybersecurity in the insurance industry. The National Association of Insurance Commissioners (NAIC) has published its Principles for Effective Cybersecurity Insurance Regulatory Guidance. In addition, the New York Department of Financial Services (NY DFS) recently released guidance for New York insurance organizations with their Report on Cybersecurity in the Insurance Sector.
  • May 27, 2015
    Articles

    What insurance organizations can do now to prepare for state regulatory cybersecurity initiatives

    Within the last several months, two significant insurance organizations have announced greater involvement in initiatives to reduce cybersecurity risk throughout the insurance industry. The New York State Department of Financial Services (NY DFS) released the results of its survey on cybersecurity practices and the National Association of Insurance Commissioners (NAIC) recently adopted a set of cybersecurity regulatory principles.
  • April 21, 2015
    Webinars

    Are captives right for you? A webinar overview of captive insurance company benefits and challenges

    Baker Tilly's insurance industry specialists discuss if captive insurance companies could be a solution for your organization.
  • March 30, 2015
    Articles

    Responding to a changing housing finance culture in America: Challenges and opportunities in 2015

    How housing is financed has changed significantly in the seven years since the mortgage crisis, from tighter regulation and increased oversight to shifts in housing needs and our country’s cultural dynamics. What role do banks, local not-for-profits, and individuals play in the ever evolving mortgage and housing markets?
  • February 18, 2015
    Articles

    State and local governments are not immune from cyber-attacks

    As the holders of sensitive information and the provider of essential human services, state and local governments should be concerned about cybersecurity.
  • February 17, 2015
    Articles

    Final Basel III capital rule will affect community banks

    The final rules for the Basel III international capital accord, which will be phased in between the beginning of this year and 2019, include some relief for community banks. There are also some changes that affect the capital standards and reporting for community banks.
  • January 28, 2015
    Articles

    Own Risk and Solvency Assessment becoming key part of regulatory framework for US insurers

    2015 marks the first year that an ORSA Summary Report must be filed with an insurer’s state of regulatory domicile. Some state regulators have already notified companies of the report due date, while other states have not. Regardless, all insurance companies that exceed the $500 million written premium threshold should be preparing the first drafts of their reports.
  • December 12, 2014
    Webinars

    Enterprise risk management for your not-for-profit organization

    This ERM webinar takes you into the practical application of establishing a formal ERM program in your not-for-profit organization.
  • November 03, 2014
    Articles

    As technology advances – are you at risk?

    When you don’t properly secure your IT infrastructure, risk is sure to follow.
  • October 23, 2014
    Articles

    Cybersecurity: Stay ahead of an evolving landscape

    While safeguarding information assets is not a new business objective, cybersecurity has emerged as an area of critical concern for executives and boards of directors. As organizations’ key business operations have become more technology-reliant, they also have become more vulnerable to a cyber-attack.
  • October 13, 2014
    Webinars

    Enterprise Risk Management: Developing, implementing, and sustaining an effective ERM program

    This Enterprise Risk Management, or ERM, webinar takes you into the practical application of establishing a formal ERM program in your utility.
  • October 13, 2014
    Whitepapers

    Understand changes made to the trust services principles for SOC 2 reporting

    Understand the framework underlying a SOC 2 report and learn what principles your organization should have examined.
  • September 24, 2014
    Webinars

    Internal Controls 2014 Webinar

    Baker Tilly's financial services industry specialists review internal controls best practices in the Internal Controls 2014 webinar.
  • September 08, 2014
    Webinars

    Understanding changes to the Trust Services Principles for SOC 2 reporting

    A SOC 2 report is an independent examination of a service organization’s controls over its system’s security, availability, processing integrity, confidentiality, and privacy.
  • August 21, 2014
    Case Studies

    Not-for-profit improves IT effectiveness with technology risk professionals

    Baker Tilly addressed IT challenges to increase efficiency across mission critical operations.
  • June 27, 2014
    Articles

    Manage mobile device risks holistically

    Mobile devices transform the way your organization serves customers and generates business, as well as communicates with your employees and stakeholders. These same devices bring new and increased risks to your organization’s data, competitive advantage/intellectual property, and reputation. Managing these risks requires a holistic approach, which goes beyond just securing the software on a device.
  • June 05, 2014
    Articles

    ORSA – Why should exempt companies care?

    Over the last few years the NAIC has established its expectations for insurance companies to maintain a risk management framework and conduct an Own Risk and Solvency Assessment (ORSA), including the filing of an ORSA Summary Report with state regulators. In 2012, the NAIC issued a Guidance Manual to provide insurers guidance with respect to reporting on ORSA, and later the NAIC adopted an ORSA Model Act. In 2012 and 2013 the NAIC conducted two separate feedback pilot projects and provided feedback and observations in a memo to the industry.
  • April 15, 2014
    Articles

    Insurance outlook briefing: Charging ahead of recent developments in ORSA expectations

    At the recent National Association of Insurance Commissioners (NAIC) Spring 2014 national meeting, two new documents were approved for release as exposure drafts: the Draft Own Risk and Solvency Assessment (ORSA) Guidance for Financial Analysts and the Draft ORSA Guidance for Financial Examiners. While the documents are intended to be guidance for insurance department financial analysts and examiners, the guidance provides a window into expectations for the future.
  • April 11, 2014
    Webinars

    A framework for auditing mobile devices

    While mobile devices improve productivity and efficiency with increased mobility and functionality, they also, increase your risks, especially as worldwide laws and regulations regarding the privacy and security of data evolve.
  • March 17, 2014
    Articles

    NAIC’s ORSA subgroup provides new feedback to the industry

    The NAIC formally adopted the Own Risk and Solvency Assessment (ORSA) Model Act in September 2012, and the ORSA requirement for qualifying insurers will be effective January 2015. In an effort to improve guidance and regulation, the NAIC’s ORSA (E) Subgroup has completed two feedback pilot projects, one in June 2012 and the most recent in September 2013.
  • February 19, 2014
    Articles

    Business continuity planning checklist

    Business continuity planning can seem overwhelming when you first think about all you need to cover. Use this overview checklist to assist your organization in preparing for its planning process.
  • February 19, 2014
    Articles

    Devising Plan B: What to do when (and before) disaster strikes

    Too many banks prepare a business continuity/disaster recovery plan that collects dust on a shelf or ignores critical components. Plans aren’t tested or updated. They fail to plan for certain contingencies, such as a CEO who’s unavailable when disaster strikes. Federal and state agencies require a written business continuity and disaster recover plan. Smart business requires something more: a thorough plan that takes every contingency into account and is tested and updated regularly.
  • February 11, 2014
    Articles

    ORSA: Common questions and answers

    During and following the 2013 ORSA, insurance accounting, and financial reporting updates webinar, the Baker Tilly insurance team fielded several questions around ORSA – Own Risk Solvency Assessment. Here are some of the most common questions and answers.
  • December 19, 2013
    Whitepapers

    NAIC Risk Management and Own Risk and Solvency Assessment (RMORSA) Model Act Implementation for Insurance Companies

    The paper will examine domestic and global insurer solvency requirements with a primary focus on the United States’ National Association of Insurance Commissioners’ (NAIC) Risk Management and Own Risk and Solvency Assessment (RMORSA) Model Act. In addition, this paper will provide industry guidance to small through midsized insurance companies that have recently breached or are close to reaching the $500 million of annual direct written and unaffiliated assumed premium.
  • October 18, 2013
    Case Studies

    Manufacturing company successfully realigns its global control environment

    Baker Tilly assists manufacturer with Sarbanes-Oxley compliance
  • March 13, 2012
    Articles

    Managing risk appetite and tolerance in a dynamic banking environment

    Today’s banking environment presents unprecedented challenges to successfully managing risk and establishing a platform for achieving predictable and sustainable earnings.
  • November 08, 2011
    Case Studies

    Not-for-profit organization positions its focus to its highest risk areas

    The board of trustees of a large organization expressed concern to management about whether the board was receiving information about their highest risk areas. The organization desired to objectively assess its most significant risks and ensure that risk mitigation plans were in place to address them.
  • July 26, 2011
    Articles

    Strong financial management cuts fraud and increases profits

    The realities of the economic recession related to the legal profession have resulted in what appears to be long term changes to the business model of law firms.

 Insight Types

  • Articles
  • Case Studies
  • Comment Letters
  • Resource Center
  • Videos
  • Webinars
  • Whitepapers
Have a question for one of our specialists? Contact us
  • Services
  • Industries
  • Insights
  • News
  • About Us
  • Careers
  • Events
  • Offices
  • Directory
  • Client Portal
  • Contact Us
  •  Search

Baker Tilly Virchow Krause, LLP trading as Baker Tilly is a member of the Baker Tilly International network, the members of which are separate and independent legal entities.

© 2019 Baker Tilly Virchow Krause, LLP   Legal & Privacy   Pay Invoice

  • 
  • 
  • 
  • 
  • 