Protiviti

anti-money laundering board risk oversight compliance coso cybersecurity data classification data management data security enterprise risk management erm financial services industry financial services institutions governance information technology internal audit it it privacy it risk management it security protiviti regulatory compliance risk risk assessment risk management social media sox more…

#2018financetrends #analytics #banking #omnichannel #payments #survey #bigdata #cfo #compliance #cyberattack #cybersecuity #cybersecurity #digitalization #finance #financesurvey #financetrends #fraud #fraudrisk #infographic #internalaudit #iot #cybersecurity #digitization #cloud #mobile #ippf #itsecurity #machinelearning #protiviti #risk #riskandcompliance #riskmanagement #riskmanagement #cybersecurity #regulatorychanges #roboticprocessautomation #rpa #sarbanesoxley #sox #survey #thirdpartyrisk #toprisks2019 #vendormanagement #vendorriskmanagement #webinar #whitecollarcrime 10th revision 2013 coso internal control framework 2013 risk 2013 risks 2014 audit committee agenda 2014 finance challenges 2014 finance priorities 2014 it priorities survey 2014 it priorities survey 2014 it priorities survey 2014 it priorities survey 2014 it priorities survey 2015 audit committee agenda a consortium of leading financial institutions a global consulting firm a lack of internal controls a sound capital planning process: fundamental elem acceptable risks access management account reconciliation account reconciliation software account reporting accounting accounting excellence accounting standard update 2014-09 accounts payable acquisitions affordable healthcare act aml aml compliance aml in insurance aml laws aml monitoring aml program aml regulations aml risk aml risk assessment aml risks aml selection aml strategy aml system implementation aml technology aml technology audit aml transaction monitoring systems aml validation an inability to predict future cash flows and a perception that the management team was bein and insured federal branches; integration of 12 cf and policies anti-corruption anti-corruption compliance program anti-corruption program anti-money laundering anti-money laundering compliance ap process arial assessing aml technology asset management audit committee audit committee agenda audit construction audit data audit deficiencies audit department audit in manufacturing audit plans audit process audit report auditing auditing deficiencies auditing it risks auditing procedures auditing regulations auditing requirements auditing revenue auditing social media automated audit automated controls automating controls b2b b2c balance sheet bank holding companies bank holding companies bank secrecy act banking banking customers banks basel basel committee bcbs bcm bcm industry concerns bcp benchmarking study beneficial owner beneficial owners beneficial ownership bhcs bhcs big data big four accounting firms and key service provider biomedical devices blackline application board members board of directors board oversight board performance board risk oversight borrower outreach bsa budgeting bulletin bulletin 2013-29 business challenges business continuity business continuity guidance business continuity management business continuity planning business continuity program business continuity strategy business disruption business fraud business growth business impact analysis business intelligence business performance improvement business risk business to business business to consumer business user community business-critical issues caats cae canada financial institutions cannabis cannabis reform cannabusiness capital capital assessment capital management capital planning capital policy capital preservation cardholder data cardholder security activities cash card transactions ccm cco cdd cfo cfo priorities cfo responsibilities cfpb change controls change management changing u.s. healthcare regulations finance effic changing us healthcare regulations chief audit executive chief audit executives chief compliance officer chief information officers chief risk officer chips cio cio priorities cio risk cios classifying sensitive data client data cloud cloud computing cloud service provider cloud services cloud solutions cobit 5 code of conduct cole memo collaboration platform collaboration tool collaborative economy college committee of sponsoring organizations of the tread common principles communication communications company-run stress tests compas audit tool compass group compastm competitive intelligence compliance compliance automation capabilities compliance deficiencies compliance functions compliance management compliance monitoring compliance policies and procedures compliance program computer-assisted audit tools confidential reporting connected medical devices consumer data consumer financial protection consumer financial protection bureau consumer marketing consumer outreach consumer protection laws consumer protection regulations continuous auditing continuous control monitoring continuous monitoring contracts contrarian statement control automation control automation capabilities control environment controlled substances act corporate corruption corporate governance guideline corporate misconduct corporate restructuring corporate transaction corporate transactions coso coso 17 principles coso 2013 coso 2013 framework coso 2013 internal control – integrated framewor coso 77 points of focus coso components coso cube coso framework coso internal control framework coso internal control – integrated framework coso new framework coso’s 1992 framework coso’s internal control – integrated framework cost of sox compliance costs of sox compliance credit card breach credit card data credit risk crisis management critical infrastructure critical it risks critical strategic assumptions cro cro function cro position cro's role culturecode customer activities customer activity customer data customer due diligence customer due diligence and a fifth pillar of aml c customer engagement customer privacy customer private information customer relationships customer remediation customer segmentation customer service customer trust cyber attack cyber attacks cyber crime cyber defense cyber monitoring cyber risks cyber security cyber threat cyber threats cyberattack cyberattacks cybersecurity cybersecurity framework cybersecurity risk cães c�es data analysis data analytics data breach data breach protection data breaches data classification data destruction data disposal data encryption policy data forensics data goverance data governance data governance framework data integrity data leakage data management data management and business continuity dominate t data privacy data privacy laws data protection data quality data retention data secure data security data segmentation data validations ddos debit card data debit card transactions denial of service department of education depleted liquidity and an adversarial relationship dfa dfa provisions dfa rules disaster recovery disciplinary measures disruption risk disruptive technology distributed industry sector distribution channels divestiture dodd frank dodd-frank dodd-frank act dodd–frank wall street reform and consumer prote doj draft operational risk guideline drug money drug trade due diligence early mover economic environment economic uncertainty effective capital plan effectiveness of internal control over financial r ehr electronic health records emergency operations center emerging risks emerging technologies enforcement actions enhanced prudential standards enterprise content management application enterprise performance management enterprise resource planning enterprise risk enterprise risk management enterprise risks enterprise software platform enterprise value enterprisewide risk committees enterprisewide risk committees enterprisewide risk management eod programs erm erm assessment erm capabilities erp erp accelerated implementation erp application erp implementation erp project team erp solution erp strategy erp systems eu financial sanctions executive communication executive compensation executive risk committee executive sessions expanding role of internal auditors external audit external audit firms external auditor external auditors false negatives false positives family federal education loan fasb fatf fbo fcpa fdic fdlp federal bank regulators federal direct loan program federal reserve federal reserve board federal thrifts fedwire fei ffel ffiec filter validation finacial close finacial services finance challenges for 2014 finance optimization finance priorities finance video financial accounting financial accounting standards board financial action task force financial aid financial aid disbursement financial aid program financial audit financial consolidation financial controls financial crimes enforcement network financial crisis financial institutions financial misstatement financial process financial reconciliation financial regulation financial reporting financial reporting processes financial reporting requirements financial risk financial services financial services companies financial services industry financial services institution financial services institutions financial services organizations financial services risk financial system risk fincen firestorm five lines of defense in managing risk flash report for most organizations foreign banking organizations foreign banking organizations foreign corrupt practices act forensic services forward-looking view fourth anniversary fraud fraud monitoring fraud prevention fraud risk fraud risk assessment fraud risk management frb frb sr 11-7 frfi fsi fsi it executives fsi it infrastructure fsi it maturity model fsi model risk case study funds transfer future auditor gaap gaps monitoring general ledger accuracy general ledger reconciliation generally accepted accounting principles generation gap global accounting standard global economy global financial markets volatility global it audit trends global risk global risk environment global risks global standard go-live event going public gordon tucker governance governance controls governance portal governance practices governance processes governance structure grassroots technology grc growth opportunities guide to u.s. anti-money laundering requirements: hacking health care health care plans health information exchange health plans healthcare healthcare audit healthcare compliance healthcare coverage healthcare industry healthcare payer healthcare provider healthcare providers healthcare risk healthcare system heightened expectations heloc heloc end of draw heloc eod heloc portfolios high-risk processes higher education higher education act hipaa hipaa security hippa hippa compliance hippa security home equity home equity line of credit homeowner information hospital hospital risk management hospitals ia ia priorities ia survey iaas iasb icd-10 icd-10 readiness icd1- icd10 identifying risk identity and access management identity management iec ifrm ifrs ihc iia illegal money laundering implanted devices in-scope system monitoring incident response incident tracking independent risk management and compliance functio industrial products industry risk infographic inforgraphic information lifecycle information risk management information security information security controls information security governance information security management information security management systems information security policies information security program information security programs information technology information technology risk information technology risks information technology survey infrastructure as a services initial public offering initial registration insurance insurance industry insured federal savings associations insurer integrating risk with strategy integration execution integration planning intelligence-gathering process intermediate holding company internal audit internal audit capabilities and needs survey internal audit company leaders internal audit functions internal audit in financial services internal audit leadership internal audit management internal audit partnerships internal audit profession internal audit quality assurance reviews internal audit requirement internal auditing internal auditor internal auditors internal audit’s value proposition internal control internal control over financial reporting internal control processes internal control system internal control – integrated framework: 2013 internal controls internal investigation internalaudit international accounting standards board international classifications of diseases international financial reporting standards internet internet security intrusion detection inventory management investigate business fraud invoice processing ipo ipo case study ipo faq ipo filing ipo readiness ipo strategy irm isaca isms iso iso 27001 iso 27002 iso 31000 iso/iec 27001 iso/iec 27001-2 iso/iec 27002 issue management issue resolution it it assessment it asset management it audit it audit best practice it audit best practices it audit risk assessment it audit trends it auditing it benchmarking it challenges it consulting it controls it crisis it crisis management it general controls it governance it infrastructure it infrastructure planning it issues it knwoledge it management it priorities it privacy it problems it risk it risk assessment it risk management it risks it roadmap it security it security and privacy it security framework it security validation it strategy it threats itgc jobs act jumpstart our business startups act key risk indicator key risks kill chain know your customer kyc kyc data lcm learning culture legal entity customers legalized marijuana legislative compliance management leverage ratio life sciences lines-of-defense framework lines-of-defense model liquidation and bankruptcy due to negative earning liquidity liquidity risk management liquidity stress tests liquidity stress tests loan default m&a m&a activity m&a strategy m&a transactions macroeconomic risk macroeconomic risks malware management framework for preserving capital managing cash flow managing it security managing it security and privacy managing privacy managing sensitive data manual controls marijuana reform market trust maslow’s hierarchy of needs material misstatement materials management matter requiring attention meaningful use meaningful use compliance medical device risk medical device security merger evaluation merger integration mergers mergers and acquisitions mhealth mhealth programs microsoft sharepoint minimum standards mm mobile applications mobile commerce mobile commerce integration mobile commerce security mobile devices mobile health mobile medical applications mobile privacy mobile security mobile technology mobile-based technologies model assumptions model error model governance model performance model risk model risk management model validation modeling money fraud money laundering monitor security mortgage performance mortgage refinance mra notice naic name masking name masking algorithm name matching name matching algorithm name matching algorithms nasdaq national association of insurance commissioners national banks national institute of standards and technology national organization of insurance commissioners nc state report ncua new media businesses nist north carolina risk survey north carolina state north carolina state enterprise risk management in npr nyse oac obama occ occ bulletin 2001-47 occ bulletin 2011-12 occ guidelines establishing heightened standards f ocr ofac ofac compliance office of foreign assets control office of the comptroller of the currency office of the superintendent of financial institut omni-channel retailing on-demand training online healthcare online retailer operating efficiency operational risk operational risks operational synergies oracle oracle advanced controls oracle automation oracle controls oracle customization oracle ebs oracle enhancement oracle optimization oracle security organic growth organizatioal risk survey organizational risk organizational risk findings organizational risks for 2014 orsa orsa business risk orsa summary report orsa: getting ready for the 2015 summary report osfi our client was in default of its secured financing oversight own risk and solvency assessment p2p pa-dss paas patient coding patient protection and affordable care act payment application data security standard payment card industry pc pcaob pcg pcg implementation pcg rules pci pci compliance pci dss pci dss 2.0 pci dss 3.0 pci dss section 10 pci saq pci security standards council pci ssc pcr pcr assessment peer to peer penetration testing performance obligation performance obligations period close period-end close periodic auditor rotation personally identifiable information pii platform as a service pmo policies post-acquisition issues pot pot dispensary ppa ppaca ppaca compliance ppaca implementation pre-ipo pre-ipo filing preventing cyber threats preventing data breach preventive controls governor principle 8 privacy privacy assessment privacy framework privacy management privacy practices privacy/identity management private data privileged access standard procedures process assessment process audit process control process optimization process re-engineering process remediation process risk procurement profitability analysis profitability reporting program governance program participation agreement project management project management office proprietary risk oversight proprietary risks protiviti protiviti case study protiviti coso webinar protiviti newsletter public accounting oversight board inspection repor public comp public company accounting oversight board public company preparation public company preparedness public company readiness public company transformation public offering publicly traded company quality audits rcm framework rcm guideline rds implementation realignment rebalancing recognition of revenue recognizing revenue reconciliation report record retention recovery strategies red flag gap analysis red flags refinancing registrant registration documents registration statement regulation yy regulations regulator regulators regulatory challenges regulatory changes regulatory compliance regulatory compliance management regulatory environment regulatory expectations regulatory guidance regulatory notice regulatory reporting regulatory scrutiny regulatory standards regulatory uncertainty reit related party transactions reputation risk resolution planning resolution planning responsible business behavior restoring confidence; risk management capabilities retail businesses revenue base revenue controls revenue from contracts with customers revenue recognition revenue recognition guidance revenue recognition requirements revenue recognition standards risk risk and compliance risk appetite risk appetite dialogue risk appetite framework risk appetite statement risk assessment risk assessment framework risk assessments risk awareness risk capture risk committee risk committees risk committees risk compliance risk control risk culture risk culture: from theory to evolving practice risk exposure risk governance risk governance structure risk identification risk identification and analysis risk management risk management and governance risk management association risk management in manufacutring risk management policy risk management practices risk management principles risk management strategy risk map risk measurement risk mitigation risk oversight risk oversight process risk owners risk parameters risk professionals risk profile risk remediation risk reporting risk strategy risk survey risk tolerance risk tolerances risk-based capital risk-based capital risk-taking behavior risks 2013 rma rogue applications rsa security rulemaking progress s-1 filing s-1 registration saas sanctions list sanctions list name matching sanctions screening sanctions screening system tuning sanctions screening system validation sanctions screening systems sanctions screening technologies sap sap access control sap controls sap pc sap pc application sap pc functionality sap pc solution sap process control sap security sar sarbanes-oxley sarbanes-oxley act sarbanes-oxley act compliance sarbanes-oxley compliance sarbanes-oxley filers scenario analysis scenario planning scenario testing scenario validation sec sec filings sec reporting section 404 section 404 of sarbanes-oxley section 404 of sarbanes-oxley act securing data securities securities and exchange commission security security and privacy security and privacy policies security breach security breaches security classification security controls security infomation event management security monitoring security operations center security standards iso/iec 27001 and 27002 have be security strategy security therat segregation of duties self-monitoring serious organised crime agency service assurance share holders shared services shared services center sharepoint sharepoint user adoption model siem sifi smac smartphones smi soc 2 report soca social business social media social media brands social media case study social media compliance social media for financial advisers social media pioneers social media policies social media policy social media risk social media risks social media strategy sod software as a service solvency ii solvency modernization initiative sox sox benefits sox compliance sox costs sox outsourcing specially designated nationals spreadsheet risk spreadsheet risk management ssae 16 compliant ssae 16 soc 1 standards standards and procedures str strategic assumption strategic planning strategic risk strategic risk oversight strategic risks strategy strategy implementation strategy setting strategy-setting streamline work stream streamline workstream streamlining the financial close stress test stress testing stress testing requirements stress testing requirements stress tests stress-testing student aid student loan subprime mortgage crisis succession planning supervisory framework supervisory guidance supply chain supply chain management supply chain risk suspicious activity report suspicious transaction swift system validation systematically important financial institutions tablets targeted marketing tdr technical accounting technological applications technology asset governance technology assets technology challenges technology innovation technology integration technology risk technology trends technology-enabled auditing telecommunications terrorist financing red flags the bulletin the committee of sponsoring organizations of the t the iia the institute of internal auditors the updated coso internal control framework: frequ third party breach third party management third party oversight third party risk management third party sanctions screening list third party security third-party anti-corruption program third-party due diligence third-party monitoring third-party relationships third-party review third-party risk third-party vendors threat intelligence threshold setting threshold stability threshold tuning threshold validation title 4 title iv title iv compliance tm tm systems to conduct a third-party risk management benchmark tone of the organization too big to fail top finance challenges top finance priorities top risks training training tools transaction monitoring transaction monitoring systems transaction processing transaction services transaction type transactional projects transactional work transition to icd10 troubled debt restructuring tuning monitoring scenarios u.k. bribery act u.s. department of education u.s. office of the comptroller of the currency; oc un sanctions unacceptable risks unapproved technology unauthorized access uncertain political leadership understanding vendor risk and how to manage it app university user adoption user-adoption strategy validation validation script valued-based approach to risk vendor vendor due diligence vendor management projects vendor risk management vendor risk management maturity vendors virtualization virus volcker rule vulnerability assessment vulnerability testing walkthroughs watch list watch list selection web security web-based technologies wikileaks windows xp wisp within federally regulated financial institutions working capital management written information security policy …less