Hands-on session

Connecting the last mile of finance at Workiva Amplify

Key takeaway: Connecting financial close and compliance can help to relieve congestion in the last mile of finance, saving days or even weeks in producing financial disclosures. Workiva Amplify was a hands-on summit. The majority of sessions in this 17-parallel-tracks summit were hands-on sessions with Workiva, and they were packed. And the attendees were younger than other conferences I’ve participated in over the years — not counting Scouting jamborees. I’ve been to conferences with a lot of buzz, but a conference of auditors, financial managers and compliance professionals with so much energy — I haven’t experienced that before. … some companies lock up the key members of the…

READ MORE

In Faith-Based Information Sharing and Analysis Organizations We Trust?

President Obama issued Executive Order (E.O.) C.F.R. 13691 to promote private sector cybersecurity information sharing. See  Executive Order No. 13691  For over 1 million faith-based and nonprofit organizations exist in the Unite States alone.  See NonprofitDirectory In 2018 Faith-based Information Sharing and Analysis Organizations, ISAO emerged to help these organizations improve their cyber security posture.  Websites, such as,  faithbased-isao.org, exist to help their members analyze and share data about threats and risks.  They offer best practices and training.  They can also serve as a focal point for legislative initiatives. Many FB organizations remain hesitant about participating in ISAOs.   Reasons include. Deference. Many FB organizations form media and technology…

READ MORE

When to treat family and friends like acquaintances

Key takeaway Third party risk management is not just for suppliers, IT vendors and service providers.  In many cases, subsidiaries or other organizations within your enterprise, and even well-known business customers should be brought into the third party management program. The problems at Deutsche Bank and Danske Bank reminded me of an inquiry I had with a CISO at a large high tech equipment manufacturer.  We were discussing best practices in third party risk management.  I asked him  what types of companies he was monitoring and he told me they were subsidiaries.  He was putting these subsidiaries through the same hoops as he would any other third party…

READ MORE