Strengthening IT Security: One Nonprofit’s Journey to Meet SAS 145 Requirements
In response to growing IT and cybersecurity risks, auditors are placing greater scrutiny on IT risk and risk controls in their audit process. The Auditing Standards Board issued a new Statement on Auditing Standards (SAS 145) that provides a more detailed risk evaluation framework and takes effect for all audits ending on or after December…
2024 Update on Retirement Plans: Cyber Best Practices
Cybersecurity remains a crucial concern for retirement plan administrators and sponsors. Ensuring the security of sensitive data and maintaining compliance with regulatory requirements is essential to protect plan participants and maintain trust. GRF hosted a 2024 Update on Retirement Plans webinar on May 16th, 2024, which outlined key cybersecurity best practices recommended by the Department…
Understanding Reasonable Cybersecurity Measures under New Federal Guidelines for Uniform Guidance
Cybersecurity has skyrocketed to the number one slot on many surveys and experts’ risk rankings as noted in GRF’s Top Risk for Nonprofits and Associations report. In response to the evolving landscape of cybersecurity threats, the Office of Management and Budget (OMB) has introduced language in the recently updated Guidance for Federal Financial Assistance aimed…