Results for Search Submit Filter by: Advanced Filter All results Solutions Industry Typelist People Client Story Insights/Blogs Sort by: Relevance Date Filter Search Sort by RelevanceDate Order AscDesc Blog November 10, 2022 DevSecOps + IoT: A Buzzword Bonanza Overview (and a disclaimer) This conversation aims to identify opportunities to incorporate security controls into each phase of the DevSecOps methodology throughout the IoT device product development life cycle. Before proceeding, we should note two minor disclaimers: This post is not meant to define in any way how DevSecOps can or should be implemented for software-only applications. There… Blog November 14, 2022 Federal Trade Commission Commercial Surveillance and Data Security Proposed Rulemaking Commercial surveillance is the practice of collecting and analyzing information about people for profit. Over the past months, the U.S. Federal Trade Commission (FTC) has increased its focus on companies’ harmful commercial surveillance programs and on inadequate data security of personal information practices. Companies have been able to operate these programs with limited repercussions. Primary… Blog November 15, 2022 A New Value Chain Paradigm: Microsoft’s New Supply Chain Platform Protiviti was very pleased to announce its exclusive partnership with Microsoft as the launch of the new Microsoft Supply Chain Platform was unveiled. As a platform that integrates the value chain beyond an enterprise’s four walls, the Microsoft Supply Chain Platform enables collaborations with upstream and downstream partners to deliver transparency and orchestrate the movement of goods to… Blog November 16, 2022 Develop an Effective SAP Automated Controls Benchmarking Strategy Organizations are continuously working to improve their internal controls environments, increase efficiencies and reduce the cost of compliance activities. Internal controls, compliance and audit professionals are also looking to align organizations’ processes to important risk and industry trends. The Public Company Accounting Oversight Board (PCAOB) releases auditing standards that establish… Blog November 28, 2022 Enterprise Architecture-Enabled Business Transformation Business leaders have realized that, in today’s world, with factors such as rapid advancements in technology, increasing social media presence, an ever-changing customer desire for product flexibility and eager adoption among Generation Z, technology is a key enabler in driving innovation and efficiency. Technology investments have demonstrated and continue to provide tangible and measurable… Blog December 5, 2022 FAIRCON22: Scaling a CRQ Program from Ideation to Execution As more organizations begin to adopt cyber risk quantification (CRQ) techniques to complement their existing risk management functions, renewed attention is being brought to how organizations can invest in CRQ in the most cost-effective ways. The Factor Analysis of Information Risk (FAIR) methodology remains the most widely accepted industry standard for CRQ and organizations continue to seek out… Blog September 9, 2021 Four Steps to Keeping SAP’s Financial Processes Compliant – Step 3: Implement Internal Control Governance Protiviti has identified four key steps that organizations can take to improve their overall control environment and receive the benefits mentioned below. Each of these steps will be a focus in this four-part blog series. In Part 1 and Part 2, we covered Step 1: Analyze SAP configuration and processes and Step 2: Optimize internal control framework. In this post, we will be… Blog December 6, 2022 Rail Strike Averted! But How Will Upcoming Transportation Security Administration Regulations Impact the Railroad Industry? On October 18, 2022, the Transportation Security Administration (TSA) announced new cybersecurity regulations required for passenger and freight railroad carriers that carry sensitive materials. The Security Directives were announced with the goal to enhance cybersecurity resilience across the railroad industry. Which rail companies are impacted? The Security Directives apply to all United States… Blog December 7, 2022 Predictive Maintenance: Why It Matters; How It Works There is nothing worse than unplanned downtime. Whether it’s your personal vehicle or a manufacturing plant, unplanned downtime is one of the most disruptive things that can occur delaying schedules and incurring significant costs. One of the other least favorite occurrences for someone that owns a physical asset is paying for maintenance when it’s not needed. What if we had a dynamic solution… Blog December 12, 2022 Taming Open Source Risk According to the annual Sonatype State of the Software Supply Chain Report, open source software (OSS) consumption is growing at an estimated 33% annually across the primary OSS ecosystems - namely, Java (Maven), .NET (nuget), Javascript (npmjs) and Python (PyPI). As such, it is important to understand the risks and benefits of using OSS and the role proper governance plays in enabling… Load More