Download or read book Rising from the Mailroom to the Boardroom written by Bruce R. Turner and published by CRC Press. This book was released on 2021-08-23 with total page 458 pages. Available in PDF, EPUB and Kindle. Book excerpt: Boards and business leaders expect their key advisors to deliver fresh insights, and increasingly expect them to demonstrate foresight. To achieve what is expected, it is crucial to understand the dynamics of conversations in the boardroom and around the audit committee table. This book provides those unique perspectives. The journey from the ‘mailroom to the boardroom’ follows the story of a young banker who moved into the internal auditing profession as part of the ‘new breed’, then rose through the ranks into senior leadership and chief audit executive roles, before assuming audit committee and board roles that had an immense influence on governance, risk, compliance, and audit professionals. Success does not always follow a smooth and uneventful trajectory, and this story reflects insights from both the ups and the downs of the journey. Each chapter shares insights, better practices, case studies, practical examples, and real-life challenges and draws them together into 101 building blocks, each one providing crucial career-long learnings. The storytelling provides insights to people at all levels on the importance of positioning oneself to step into leadership roles, helps them understand how to evaluate and pursue potential career growth opportunities, provides tips on how to holistically manage and advance their career, and inspires higher-level thinking that enhances governance, risk, compliance and audit practices.

Download or read book Rising from the Mailroom to the Boardroom written by Bruce Turner and published by CRC Press. This book was released on 2021-08-23 with total page 483 pages. Available in PDF, EPUB and Kindle. Book excerpt: Boards and business leaders expect their key advisors to deliver fresh insights, and increasingly expect them to demonstrate foresight. To achieve what is expected, it is crucial to understand the dynamics of conversations in the boardroom and around the audit committee table. This book provides those unique perspectives. The journey from the ‘mailroom to the boardroom’ follows the story of a young banker who moved into the internal auditing profession as part of the ‘new breed’, then rose through the ranks into senior leadership and chief audit executive roles, before assuming audit committee and board roles that had an immense influence on governance, risk, compliance, and audit professionals. Success does not always follow a smooth and uneventful trajectory, and this story reflects insights from both the ups and the downs of the journey. Each chapter shares insights, better practices, case studies, practical examples, and real-life challenges and draws them together into 101 building blocks, each one providing crucial career-long learnings. The storytelling provides insights to people at all levels on the importance of positioning oneself to step into leadership roles, helps them understand how to evaluate and pursue potential career growth opportunities, provides tips on how to holistically manage and advance their career, and inspires higher-level thinking that enhances governance, risk, compliance and audit practices.

Download or read book The Shortest Hour written by Lee Parrish and published by CRC Press. This book was released on 2024-07-18 with total page 185 pages. Available in PDF, EPUB and Kindle. Book excerpt: Independent directors of corporate boards understand the importance of cyber security as a business issue. Increased regulatory requirements, the onslaught of breaches, as well as the replacement of the corporate network perimeter with more third-party partnerships have all contributed to cyber security rising to the top of enterprise risks. Yet, many directors only receive a few brief cyber security updates during the year. Moreover, many directors have devoted their careers to other important business disciplines and may not fully grasp the technical concepts of cyber security. The challenge is that many publications on board cyber security governance address the topic at such a high level that it removes the important context of the cyber security details—or covers the topic too deeply with hard-to-understand technical language. These resources may often provide lists of security questions for directors to ask of their management team, but they do not provide the answers to the questions so that actionable oversight can be performed. What I would have wanted, and why you are probably reading this book summary, is a resource that delivers the questions to ask but also provides the answers and in a narrative, easy-to-understand style. An award-winning Chief Information Security Officer with over two decades of working with multiple Fortune 500 boards, Lee Parrish provides an example-laden vision to improve cyber security governance in the boardroom. Additionally, Lee deciphers the technical jargon to increase the reader’s cyber fluency—not to make you a cyber expert but to help you be able to ask direct questions, understand the answers provided, challenge strategies, and advise on important cyber decisions. Pick up your copy of The Shortest Hour: An Applied Approach to Boardroom Governance of Cyber Security today and start your journey on achieving more effective cyber security oversight. Want to learn more? Please visit www.novelsecurity.com

Download or read book Construction Audit written by Denise Cicchella and published by CRC Press. This book was released on 2024-08-21 with total page 204 pages. Available in PDF, EPUB and Kindle. Book excerpt: Construction Audit is becoming more and more prevalent, and organizations are appreciating its importance. Learning the basics of construction auditing can provide valuable knowledge and skills for professionals and students in the construction industry, offering insights into financial management, risk mitigation, compliance and overall project oversight. This book is not just for auditors, however. It could be used by project managers, integrity monitors, construction managers and anyone else who wants to understand the elements that go into creating a successful project. Legal teams involved in contracting and overpayment recovery will also benefit. This book: Walks you through all phases of construction, starting with project inception. It will guide the reader through all the processes and the risks in each of these. Will guide the reader through the many challenges they will face throughout the life of the project. This book provides real-life solutions to common problems in construction. Introduces project management techniques; while not concentrating on a special methodology, the book builds on project management fundamentals. Understanding this will help enable the reader to talk to project managers more effectively. Defines the components of a successful project and gives the reader the tools needed to ensure these components. Uses real-life examples of control breakdowns, errors or fraud. Will help readers build an audit strategy and plan by understanding risks and effective controls that can be implemented to mitigate risk. Whether tackling your first project or your 21st project, this book will help you think outside the box and understand the finite processes and pieces of your project. There is always room for something new, new perspectives or improvement, and this book will help you find it.

Download or read book Global Audit Leadership written by Audley L. Bell and published by CRC Press. This book was released on 2024-08-02 with total page 386 pages. Available in PDF, EPUB and Kindle. Book excerpt: Leaders across the globe have a common challenge they cannot ignore: CHANGE. This must be embraced and effectively managed to remain relevant and successful in a dynamic operating environment. Embracing change, including technological innovations, collaboration, and timely sharing of information, is paramount to the survival and success of everyone in an ever-changing environment. In times of rapid change, organizations are often forced to adjust their strategic plans. Stakeholders usually need assistance to effectively manage the risks, unprecedented at times, and to capitalize on the opportunities that usually come with change. Change management must be effectively executed to assist in ensuring the viability of the organization. This book provides advice and guidance to assist stakeholders in navigating the challenges and demands of change. It includes insights, measures, and tools that have contributed to my success as a leader in the internal audit profession for 27 years.

Download or read book Continuous Auditing with AI in the Public Sector written by Lourens J. Erasmus and published by CRC Press. This book was released on 2024-09-18 with total page 232 pages. Available in PDF, EPUB and Kindle. Book excerpt: The effectiveness of internal audit activities is important for the sustainability of change in the public sector. In this sense, the tools and techniques used and the level of competencies of public sector auditors are decisive. This book deals with the effects of current technological developments in the public sector on auditing and risk management activities. Therefore, it is a resource for public internal auditors to create a digital audit strategy based on artificial intelligence (AI) and blockchain-based applications. Institutionalisation of their structures is important for public sector internal auditors. For this, basic requirements, future expectations, and best practices are explained. The digital business model is presented to produce value-added audit findings and outputs that guide public internal auditors and all digital-era stakeholders. This book is a pioneering work based on continuous auditing/continuous monitoring approaches using various AI and blockchain-based tools and techniques. There is nothing more valuable to the success of a public internal auditor than a detailed understanding of the business. The important lesson in developing business knowledge, especially in the new audit universe emerging with digital transformation, is that all auditors must understand that they never finish learning about business processes, risks, and control points in the digital era. They must constantly push themselves to be motivated and learn about the business operations they audit to implement new audit approaches powered by AI. In addition to obtaining up-to-date business information from process owners and stakeholders, public auditors responsible for conducting an AI-based continuous audit programme should also look inside their departments for a different perspective on business information that impacts continuous audit programme phase details and has the potential to add value. It should be noted that the additional source of information begins with your individual audit experience, digital skills, and qualifications.

Download or read book Modern Management and Leadership written by Mark Tarallo and published by CRC Press. This book was released on 2021-08-06 with total page 272 pages. Available in PDF, EPUB and Kindle. Book excerpt: In one modest-sized volume, this book offers three valuable sets of knowledge. First, it provides best practice guidance on virtually every large-scale task a modern manager may be involved in—from recruiting and hiring to onboarding and leading teams, and from employee engagement and retention to performance management and working with difficult employees. Second, it explains the essential concepts and practice of a range of effective leadership styles—including (but not limited to) servant leadership, crisis leadership, change agent leadership, and diversity and inclusion leadership. Third, it offers brief case studies from select CISOs and CSOs on how these management and leadership principles and practices play out in real-life workplace situations. The best practice essentials provided throughout this volume will empower aspiring leaders and also enable experienced managers to take their leadership to the next level. Many if not most CISOs and other leaders have had very little, if any, formal training in management and leadership. The select few that have such training usually obtained it through academic courses that take a theoretical, broad brush approach. In contrast, this book provides much actionable guidance in the nitty-gritty tasks that managers must do every day. Lack of management practical knowledge puts CISOs and CSOs at a disadvantage vis-a-vis other executives in the C-suite. They risk being pigeonholed as “security cops” rather than respected business leaders. Many articles on these subjects published in the press are too incomplete and filled with bad information. And combing through the few high-quality sources that are out there, such as Harvard Business Publishing, can take hundreds of dollars in magazine subscription and book purchase fees and weeks or months of reading time. This book puts all the essential information into your hands through a series of concise chapters authored by an award-winning writer.

Download or read book Controlling Privacy and the Use of Data Assets Volume 1 written by Ulf Mattsson and published by CRC Press. This book was released on 2022-06-27 with total page 353 pages. Available in PDF, EPUB and Kindle. Book excerpt: "Ulf Mattsson leverages his decades of experience as a CTO and security expert to show how companies can achieve data compliance without sacrificing operability." Jim Ambrosini, CISSP, CRISC, Cybersecurity Consultant and Virtual CISO "Ulf Mattsson lays out not just the rationale for accountable data governance, he provides clear strategies and tactics that every business leader should know and put into practice. As individuals, citizens and employees, we should all take heart that following his sound thinking can provide us all with a better future." Richard Purcell, CEO Corporate Privacy Group and former Microsoft Chief Privacy Officer Many security experts excel at working with traditional technologies but fall apart in utilizing newer data privacy techniques to balance compliance requirements and the business utility of data. This book will help readers grow out of a siloed mentality and into an enterprise risk management approach to regulatory compliance and technical roles, including technical data privacy and security issues. The book uses practical lessons learned in applying real-life concepts and tools to help security leaders and their teams craft and implement strategies. These projects deal with a variety of use cases and data types. A common goal is to find the right balance between compliance, privacy requirements, and the business utility of data. This book reviews how new and old privacy-preserving techniques can provide practical protection for data in transit, use, and rest. It positions techniques like pseudonymization, anonymization, tokenization, homomorphic encryption, dynamic masking, and more. Topics include Trends and Evolution Best Practices, Roadmap, and Vision Zero Trust Architecture Applications, Privacy by Design, and APIs Machine Learning and Analytics Secure Multiparty Computing Blockchain and Data Lineage Hybrid Cloud, CASB, and SASE HSM, TPM, and Trusted Execution Environments Internet of Things Quantum Computing And much more!

Download or read book Radical Reporting written by Sara I. James and published by CRC Press. This book was released on 2022-04-26 with total page 238 pages. Available in PDF, EPUB and Kindle. Book excerpt: Most people dread writing reports; they also dread reading reports. What they don’t realize is that the techniques that make writing more readable make it more powerful. This is especially relevant for professionals in areas such as audit, risk, compliance, and information security. This small volume provides the tools and techniques needed to improve reports. It does so through addressing crucial concepts all too often overlooked in the familiar rush to perform tasks, complete projects, and meet deadlines. These concepts – the role of culture in communication; the link between logic and language; the importance of organizing thoughts before writing; and how to achieve clarity – may seem academic or theoretical. They’re not. Unless writers understand their own thoughts, actions, and objectives, they cannot hope to communicate them at all – let alone clearly.

Download or read book Agile Audit Transformation and Beyond written by Toby DeRoche and published by CRC Press. This book was released on 2022-07-13 with total page 115 pages. Available in PDF, EPUB and Kindle. Book excerpt: Auditing at the speed of risk requires internal auditors to rethink the way we work. Agile auditing provides a path forward that blends the best elements from agile project management and internal audit best practices. Leaders in internal audit are ready to incorporate an agile audit mindset in their departments, but most of the available resources provide theoretical ideas. Even when outside consultants lead an agile transition, the consultants primarily focus on adding agile ceremonies without addressing the fundamental mindset change required for an agile audit transformation. This book provides a practical guide for audit leaders to follow as a playbook for implementing agile across their department, impacting every facet of the audit lifecycle, and addressing the mental shift required for making a lasting change. Every chapter includes discussion questions to facilitate discourse or just to help you analyze your own department. Next, we look at a typical internal audit department as they attempt the transition from a traditional audit methodology to agile auditing so we can learn from their missteps and successes. The guidance in Agile Audit Transformation and Beyond includes the basics of agile auditing, practical directions for shifting each phase of the audit life cycle, common hurdles faced during the transition, and forward-looking thought leadership on expanding beyond internal audit into agile assurance.

Download or read book The Security Hippie written by Barak Engel and published by CRC Press. This book was released on 2022-02-21 with total page 177 pages. Available in PDF, EPUB and Kindle. Book excerpt: The Security Hippie is Barak Engel’s second book. As the originator of the “Virtual CISO” (fractional security chief) concept, he has served as security leader in dozens of notable organizations, such as Mulesoft, Stubhub, Amplitude Analytics, and many others. The Security Hippie follows his previous book, Why CISOs Fail, which became a sleeper hit, earning a spot in the Cybercannon project as a leading text on the topic of information security management. In this new book, Barak looks at security purely through the lens of story-telling, sharing many and varied experiences from his long and accomplished career as organizational and thought leader, and visionary in the information security field. Instead of instructing, this book teaches by example, sharing many real situations in the field and actual events from real companies, as well as Barak’s related takes and thought processes. An out-of-the-mainstream, counterculture thinker – Hippie – in the world of information security, Barak’s rich background and unusual approach to the field come forth in this book in vivid color and detail, allowing the reader to sit back and enjoy these experiences, and perhaps gain insights when faced with similar issues themselves or within their organizations. The author works hard to avoid technical terms as much as possible, and instead focus on the human and behavioral side of security, finding the humor inherent in every anecdote and using it to demystify the field and connect with the reader. Importantly, these are not the stories that made the news; yet they are the ones that happen all the time. If you’ve ever wondered about the field of information security, but have been intimidated by it, or simply wished for more shared experiences, then The Security Hippie is the perfect way to open that window by accompanying Barak on some of his many travels into the land of security.

Download or read book Finding Your Granite written by Douglas P. Pflug and published by CRC Press. This book was released on 2022-02-16 with total page 257 pages. Available in PDF, EPUB and Kindle. Book excerpt: In "Finding your Granite", Executive Leadership Coach and Mentor Douglas Pflug walks you through some of the life experiences, lessons and key take-ways from his years as a dual sport university athlete, 28 years as a police officer, 30 years as an elite strength and conditioning coach, mentor and leader. Douglas accomplishes this through four very dynamic, energetic and heartfelt sections entitled: "The Struggle" "Dash Leadership" "Four Cornerstones of Personal Leadership" and "Rise Up and Excel". The Author’s mentoring and protégé process and implementation of #RiseUpAndExcel and #StrongerFasterFitter methodologies assists people in discovering "who they were, who they are and whom they want to be" moving forward in this post COVID 19 world. This book was written through the eyes of an "everyday guy" and designed to educate, entertain and inspire front line 911 emergency workers to seek and achieve their potential. Additionally, this book will also be an essential resource for individuals and business leaders who wish to stay ahead of the evolving leadership trends of strategic thinking, inspiration and motivation, strong interpersonal skills, vision, decisiveness and passion.

Download or read book Riding the Wave written by Andrew Boyarsky and published by CRC Press. This book was released on 2024-04-05 with total page 343 pages. Available in PDF, EPUB and Kindle. Book excerpt: Emergency managers and public safety professionals are more frequently being called on to address increasingly challenging and complex critical incidents, with a wider variety and intensity of hazards, threats, and community vulnerabilities. Much of the work that falls into the scope of emergency managers – prevention, preparedness, mitigation – is “blue sky planning” and can be contained and effectively managed within projects. This book provides a foundational project management methodology relevant to emergency management practice, and explains and demonstrates how project management can be applied in the context of emergency and public safety organizations. Special features include: an initial focus on risk assessment and identification of mitigation and response planning measures; a clear set of better practices, using a diverse set of examples relevant to today’s emergency environment, from projects to develop emergency response exercises to application development to hazard mitigation; a framework for managing projects at a strategic level and how to incorporate this into an organization’s program, and presents how to develop and manage an emergency program and project portfolio; and suitability as both a hands-on training guide for emergency management programs and a textbook for academic emergency management programs. This book is intended for emergency managers and public safety professionals who are responsible for developing emergency programs and plans, including training courses, job aids, computer applications and new technology, developing exercises, and for implementing these plans and components in response to an emergency event. This audience includes managers in emergency and first response functions such as fire protection, law enforcement and public safety, emergency medical services, public health and healthcare, sanitation, public works, business continuity managers, crisis managers, and all managers in emergency support functions as described by FEMA. This would include those who have responsibility for emergency management functions, even without the related title.

Download or read book Evidence Based Cybersecurity written by Pierre-Luc Pomerleau and published by CRC Press. This book was released on 2022-06-23 with total page 251 pages. Available in PDF, EPUB and Kindle. Book excerpt: The prevalence of cyber-dependent crimes and illegal activities that can only be performed using a computer, computer networks, or other forms of information communication technology has significantly increased during the last two decades in the USA and worldwide. As a result, cybersecurity scholars and practitioners have developed various tools and policies to reduce individuals' and organizations' risk of experiencing cyber-dependent crimes. However, although cybersecurity research and tools production efforts have increased substantially, very little attention has been devoted to identifying potential comprehensive interventions that consider both human and technical aspects of the local ecology within which these crimes emerge and persist. Moreover, it appears that rigorous scientific assessments of these technologies and policies "in the wild" have been dismissed in the process of encouraging innovation and marketing. Consequently, governmental organizations, public, and private companies allocate a considerable portion of their operations budgets to protecting their computer and internet infrastructures without understanding the effectiveness of various tools and policies in reducing the myriad of risks they face. Unfortunately, this practice may complicate organizational workflows and increase costs for government entities, businesses, and consumers. The success of the evidence-based approach in improving performance in a wide range of professions (for example, medicine, policing, and education) leads us to believe that an evidence-based cybersecurity approach is critical for improving cybersecurity efforts. This book seeks to explain the foundation of the evidence-based cybersecurity approach, review its relevance in the context of existing security tools and policies, and provide concrete examples of how adopting this approach could improve cybersecurity operations and guide policymakers' decision-making process. The evidence-based cybersecurity approach explained aims to support security professionals', policymakers', and individual computer users' decision-making regarding the deployment of security policies and tools by calling for rigorous scientific investigations of the effectiveness of these policies and mechanisms in achieving their goals to protect critical assets. This book illustrates how this approach provides an ideal framework for conceptualizing an interdisciplinary problem like cybersecurity because it stresses moving beyond decision-makers' political, financial, social, and personal experience backgrounds when adopting cybersecurity tools and policies. This approach is also a model in which policy decisions are made based on scientific research findings.

Download or read book Information System Audit written by Philippe Peret and published by CRC Press. This book was released on 2022-07-07 with total page 271 pages. Available in PDF, EPUB and Kindle. Book excerpt: The digitalization of companies is a recurrent topic of conversation for managers. Companies are forced to evolve at least as fast as their competitors. They have to review their organization, their processes, and their way of working. This also concerns auditors in terms of their audit strategy and working methods. Digitalization is the tip of the iceberg that represents the increasing reliance on information technology of the company’s information system. Companies have seen new competitors succeed with a digital approach, competitors that have opened new markets or new ways of interacting with their customers, and all business processes can be digitalized. In this new paradigm, auditors have to renew themselves too. Long gone are the days of auditors specializing in one technique, like financial auditors or IT auditors. This makes it a phenomenal opportunity for auditing to renew itself, embracing the vision of the company’s information system: long live the information system auditors! This book proposes you to go step by step from a common understanding of our history of auditing to gradually defining and justifying the impacts of digitalization on the audit strategy and the preparation of audits.

Download or read book Why CISOs Fail written by Barak Engel and published by CRC Press. This book was released on 2024-03-06 with total page 222 pages. Available in PDF, EPUB and Kindle. Book excerpt: Released in 2017, the first edition of Why CISOs Fail reimagined the role of the Chief Information Security Officer in a new and powerful way. Written to be easily consumable by both security pros as well as everyone who must deal with them, the book explores the different realms in which security leaders fail to deliver meaningful impact to their organizations, and why this happens. Its central thesis—that security is primarily a human behavioral discipline rather than a technology one—has been gaining increased attention as a core tenet of the field, and the book was ultimately inducted into the cybersecurity canon as a leading book on security management. In this freshly updated edition, Barak Engel adds new sections that correspond with the chapters of the original book: security as a discipline; as a business enabler; in sales; in legal; in compliance; in technology; and as an executive function. He explores new ideas in each operational area, providing essential insights into emerging aspects of the discipline. He then proposes two critical concepts for security management—the concept of "digital shrinkage" and the transition from CISO to CI/SO—that together offer a new paradigm for any organization that wants to become truly successful in its security journey. Why CISOs (Still) Fail is delivered in Barak's conversational, humoristic style, that has attracted a global audience to this and his other book, The Security Hippie. As he notes, the book's goal is to entertain as much as to inform, and he dearly hopes that you have fun reading it.

Download or read book The Change Agent written by Hernan Murdock and published by CRC Press. This book was released on 2023-11-01 with total page 580 pages. Available in PDF, EPUB and Kindle. Book excerpt: John Taylor has been hired to transform the underperforming internal audit unit at InSports. The auditors are not reviewing what the audit committee and executive leadership consider essential for the organization’s success, their methodology is subpar, and their relationships with their clients are strained. The audit committee has been patient, but not anymore. Their mandate is clear: make clear improvements in one year or the function will be outsourced. This is the story of a visionary leader who needs a strategy to transform processes and deliver better results for stakeholders at all levels within the organization. The audit committee, all levels of management, and employees expect more from internal audit. Now, John must lead the group through 12 challenging months as they focus on what matters most when performing audit and advisory services. They must communicate results faster and better, leverage existing quality control and data analytics techniques, and, with every encounter, help the organization address strategic, operational, compliance, and financial risks. With similarities to "The Goal" and "The Phoenix Project" and leveraging Kotter’s 8-Step Process for Leading Change, follow John and the internal audit team from Boston to New York, San Francisco, London, and Buenos Aires, as they address almost insurmountable challenges in their transformation journey.