Insight Search Search Submit Sort by: Relevance Date Search Sort by RelevanceDate Order AscDesc Survey February 15, 2024 2024 Top Risks for Chief Financial Officers Chief financial officers (CFOs) have a unique vantage point regarding talent management, one that explains why the ability to attract, develop and retain top talent represents their top risk concern in both 2024 and 2034. Podcast March 13, 2024 Podcast ǀ Decoding CMMC Compliance for Government Contractor Data In this special edition of the Protiviti Legal Perspectives podcast series, we delve into the complexities of new data protection and cybersecurity government regulations in the defense industry with Alexander W. Major, Partner, McCarter & English and Perry Keating, President of Protiviti Government Services. The Cybersecurity Maturity Model Certification (CMMC) was recently promulgated,… Newsletter April 16, 2025 Compliance Insights As we enter the new year, the financial services industry once again faces compliance risks that are increasingly diverse and complex. For 2025 we asked a larger-than-usual group of Protiviti colleagues across the globe to help identify the most pressing compliance issues in their market. Artificial intelligence, financial crime, privacy and security, operational resilience, third party risk… Infographic September 1, 2021 Infographic: IT Audit Tech Risks in the Tech, Media & Telecom Industries Cybersecurity, privacy, data and resilience dominate the top technology challenges for technology, media and telecommunications (TMT) organizations, according to the annual ISACA/Protiviti Global Survey of IT audit leaders and professionals. These issues, which already were top-of-mind risks for most organizations, have been fueled further by pandemic-driven times of remote work… Newsletter May 8, 2024 Sharpening the Board’s Focus on M&A Due Diligence Whether an acquisition is a stand-alone, complementary entity or an integration, the due diligence process is undergoing a paradigm shift due to the higher cost of funding and the impact of failed transactions. Boards should expect a more aggressive focus on due diligence.How has the due diligence process changed in recent years? For sure, the complexity of certain topics, such as environmental… Flash Report December 14, 2020 CISA Issues Emergency Directive to Mitigate SolarWinds Orion Code Compromise On December 13, 2020, the Cybersecurity & Infrastructure Security Agency (CISA) issued an emergency directive detailing required action for federal agencies to mitigate the threat of the recently discovered compromise involving SolarWinds® Orion® Network Management products that are currently being exploited by malicious actors. (Read the SolarWinds Security… In Focus April 25, 2025 Navigating the DOJ final rule on bulk sensitive personal data: What does it mean for your business? Multinational organizations must now comply with a sweeping new U.S. Department of Justice rule that restricts the transfer of bulk sensitive personal data to foreign adversaries. The rule, established under Executive Order 14117, went into effect earlier this month and introduces prohibitions and controls on data transactions involving countries of concern such as China, Russia, Iran, North… Whitepaper August 1, 2022 Protecting the Enterprise: How a Well-Designed Security Analytics Program Can Help The purpose of security analytics in an organization Security metrics and the analysis of security information can be challenging concepts even for leading organizations. As information security professionals, most of us have been taught that in order to have a mature information security function we must both document and measure the organization’s security capabilities. If policies are the… Client Story October 21, 2024 Enhancing Consent Management with OneTrust Protiviti and OneTrust helped a global software and IT solutions provider enhance its consent management processes, ensuring regulatory compliance. Whitepaper June 1, 2022 How can an enterprise use access management to establish a Zero Trust environment? A hybrid RBAC, ABAC and PBAC framework is the best practice approach A strong access management program is foundational to establishing a Zero Trust environment by using contextual information to continuously validate that users are who they say they are and by restricting user access to necessary resources only. Within the Zero Trust framework, identity governance and risk-based… Load More
