4, ba Are your ITGC audits really helping to reduce your cybersecurity risks? This CPE internal auditor training event is designed for the financial auditor and IT auditor who need to improve their practical knowledge covering information technology general controls (ITGC). The attendees are walked through the concepts and frameworks that are important to the ITGC internal audit activities in order to create an added value for their organizati...

4, ba Cybersecurity is one of the biggest internal control areas that need executive attention. You just received an urgent call from the CEO. An e-mail was received demanding $10M Bitcoin to be paid as ransom to unencrypt the company's data. ​"Oh no! Maybe if we audited the organization's Cybersecurity program and controls before this happened, we might not be in this mess!" ​Sound familiar? Hundreds of Security, Compliance and Au...

4, ba Are your ITGC audits really helping to reduce your cybersecurity risks? This CPE internal auditor training event is designed for the financial auditor and IT auditor who need to improve their practical knowledge covering information technology general controls (ITGC). The attendees are walked through the concepts and frameworks that are important to the ITGC internal audit activities in order to create an added value for their organizati...

When DOD rolled out its Cybersecurity Maturity Model Certification program in 2020, it was designed to secure the Controlled Unclassified Information (CUI) in systems used by contractors in Defense Industrial Base that support business and warfighting efforts. Initially, an independent accreditation body was to certify a group of third-party assessment organizations. The plan ran into a number of obstacles as industry organizations questioned...

4, ba Cybersecurity is one of the biggest internal control areas that need executive attention. You just received an urgent call from the CEO. An e-mail was received demanding $10M Bitcoin to be paid as ransom to unencrypt the company's data. ​"Oh no! Maybe if we audited the organization's Cybersecurity program and controls before this happened, we might not be in this mess!" ​Sound familiar? Hundreds of Security, Compliance and Au...

Just as technology has been constantly changing and evolving, so has DOD’s strategy for the best way to modernize the tools it provides to the warfighters and their business support services. In 2018, the agency released a strategy to use cloud technology, which has been revised over the intervening years to reflect the cancellation of the JEDI contract and the adoption of DOD’s Software Modernization Strategy. The new strategy set...

4, ba Are your ITGC audits really helping to reduce your cybersecurity risks? This CPE internal auditor training event is designed for the financial auditor and IT auditor who need to improve their practical knowledge covering information technology general controls (ITGC). The attendees are walked through the concepts and frameworks that are important to the ITGC internal audit activities in order to create an added value for their organizati...

4, ba Cybersecurity is one of the biggest internal control areas that need executive attention. You just received an urgent call from the CEO. An e-mail was received demanding $10M Bitcoin to be paid as ransom to unencrypt the company's data. ​"Oh no! Maybe if we audited the organization's Cybersecurity program and controls before this happened, we might not be in this mess!" ​Sound familiar? Hundreds of Security, Compliance and Au...

With cyberattacks on the increase at all levels of government, The White House issued a new executive order at the end of January that requires agencies to have a zero trust architecture in place by the end of FY 2024. The Office of Management and Budget followed with a memorandum (M-22-09) that laid out the requirements agencies must meet and the deadlines for completing the tasks outlined in the document. OMB identified five areas of focus--...

4, ba Cybersecurity is one of the biggest internal control areas that need executive attention. You just received an urgent call from the CEO. An e-mail was received demanding $10M Bitcoin to be paid as ransom to unencrypt the company's data. ​"Oh no! Maybe if we audited the organization's Cybersecurity program and controls before this happened, we might not be in this mess!" ​Sound familiar? Hundreds of Security, Compliance and Au...