Does your bank have the right level of maturity for your Cybersecurity Risk Management activities compared to the inherent risk levels? The FFIEC Cybersecurity Assessment Tool (CAT) is a diagnostic testing tool that helps internal auditors identify a bank's level of inherent risk and determine the maturity level of their cybersecurity programs. This training course looks at the way cybersecurity inherent risks can vary significantly based on t...

A Practical Approach to Internal Controls under the GAO Green Book. Join us for a unique, interactive workshop that "walks you through" the latest update of The Green Book which now conforms to the Internal Control Integrated Framework (COSO 2013) from the Committee of Sponsoring Organizations of the Treadway Commission (COSO). This training is focused on the current Standards for Internal Control in the Federal Government as detailed in the G...

OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

The U.S. Equal Employment Opportunity Commission (EEOC) will host a VIRTUAL EEO Seminar, "Workplace Transformation- Light At The End Of The Tunnel And Along The Way", on March 31, 2021 from 12:00 pm – 3:10 pm EST. This highly informative and interactive seminar, featuring some of the EEOC’s most senior leaders, and other well-known and highly esteemed and sought-after speakers, will provide employers and employees in both the priva...

OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

Recently, the National Institute of Standards and Technology (NIST) released the final Risk Management Framework (RMF) standard (SP800-37, Rev 2), an update to the Security Control Baselines (draft SP800-53, Rev 5), and a revision to the NIST Cyber Security Framework (CSF). RMF now requires an additional step, Preparation Step with 18 new Tasks, and the security control baselines families have increased from 18 to 21 to include more privacy an...

Do you struggle with asking clients the right questions? Inquiry and observation are two of the most important internal auditing skills. The ability to ask appropriate questions is powerful. Curiosity is the cornerstone of internal auditing. Curiosity requires auditors to ask a lot of questions. Continuously questioning clients is difficult. This course provides the tools you need to effectively ask questions. Often auditors know what to ask,...

Managing Your Ethics in the Professional Setting Ethics training for the CIA, CPA, CFE and CISA to meet their CPE requirements. Look at Ethics from the from a number of perspectives: fraud examiner, investigator, auditor, accountant, attorney or business owner's. Each professional group provides their code of conduct or set of professional ethics. This seminar explores how to manage professionals behavior within these guidelines. This timely,...

A Practical Approach to ERM "Effective risk management allows an organization to have the confidence to take risks." The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has unveiled an update to its Enterprise Risk Management - Integrated Framework and is seeking public comment of the proposal, from June 15 through Sept. 30. The update, Enterprise Risk Management - Aligning Risk with Strategy and Performance, is designe...