Risk / Management / Control

Bridging Internal Audit Plan Gaps

Do you know what you don’t know? The unknown unknowns can be a significant risk to a person and to an organization, and determining the unk unks can be a difficult task in and of itself. Internal Audit (IA) as a discipline continues to grow and evolve in many directions including information technology, fraud prevention, […]

The Purpose of Internal Audit

Internal audit (and external audit), as a business function can seem to serve different purposes based on one’s perspective. For the board, it may seem to serve as a process to review what management is doing and how, and for management, it may seem to be an intrusive process designed to confirm things that are […]

Prevention of High-Risk Fraud Situations

The Association of Certified Fraud Examiners has released its ninth annual global fraud study. The 2016 study continues to highlight the cost of fraud, waste, and abuse. The report indicates the median loss for financial statement fraud is $975,000, followed by corruption at $200,000, and asset misappropriation at $125,000. In addition, the higher ranked the […]

Webinar Recap – “Cybersecurity Frameworks and You: The Perfect Match”

This webinar entitled “Cybersecurity Frameworks and You: The Perfect Match,” was originally produced on Thursday, January 19, 2017. We hope that you enjoy the full recording of the presentation and additional resources offered below. This webinar was hosted by McKonly & Asbury Senior Manager, Sam BowerCraft and Principal, David Hammarberg. Information technology is a complex business, […]

McKonly & Asbury’s Security and Fraud Conference – December 8

There’s still time to register for McKonly & Asbury’s security and fraud conference entitled “You: The Beginning of Security” on December 8! This conference will focus on sharing information related to maintaining security of data, funds, and reporting within the company and will also address preventing, detecting, and reacting to fraud within your organization. We […]

Security Framework – The Path to Well-Being

Structure and rules: these are words that are simultaneously the potential for strength and the source of defiance.  At times we see structure and rules as a source of safety that protects us such as the rules of the road…isn’t it nice that (almost) everyone drives on the right side of the road and follows […]

Balance Risk Costs with Mission Benefits

Have you been involved in the discussion between management and the auditors regarding the point where management acceptance of risk is acceptable to the auditors? How do you define when risks are mitigated to the point that they provide reasonable assurance that risks to the mission are adequately controlled? To begin having this conversation, management […]

The Importance of SOC 2 and SOC 3 Readiness Assessment

Since the implementation of SSAE 16 and the creation of the SOC 2 and SOC 3, more and more organizations have gained a stronger understanding of the AICPA SOC framework. SOC 2 and SOC 3 examinations have continued to become more popular among information technology service organizations. The SOC 2 and SOC 3 framework was […]

Next Page »