Assurance / Service Audits | Audit Readiness
By:
ROBERT TYLKA
January 11th, 2024
In the dynamic world of business, where compliance is becoming more important either as requested assurance from customers or a key market differentiator, more and more organizations are turning to assessment firms to help them communicate these advantages. And while some will always look at compliance in the most oversimplified, checkbox manner, many customers and regulators recognize good (and poor) quality of delivery.
SchellmanLife | Audit Readiness
By:
Megan Sajewski
January 2nd, 2024
Benjamin Franklin once said, “By failing to prepare, you are preparing to fail.”
Compliance and Certification | Audit Readiness
By:
JORDAN HICKS
February 21st, 2023
Auditors. We’re an odd breed. “A necessary pain in the tuchus,” some may say. Admittedly, we’re not everyone’s cup of tea. In fact, in our 20+ years of experience, we’ve seen the word “auditor” invite various visceral responses. To be sure, organizations aren’t always enthusiastic about inviting us assessors in to do the requisite checks, despite the benefits of doing so (and despite being invited guests).
By:
Eric Aulbach
August 12th, 2021
The period of September through the end of December many have nicknamed “Busy Season” for lots of fun reasons: the return of school and fall sports, endless football games on almost every night of the week, the busiest holidays of the year, and loads of family time. Perhaps less fun, Busy Season also often includes audits and attestations for many organizations wishing to deliver audit reports by the end of the calendar and fiscal years. With so much to do—not only at work but also at home—it all may seem impossible, but there actually are proven paths to a smooth end-of-year audit process that can help streamline Busy Season in at least this one respect.
SOC Examinations | Audit Readiness
By:
STEPHEN HALBROOK
December 5th, 2016
Here are five steps to help successfully prepare: 1. Validate the Nature of the Request. Does your client base understand the various SOC reporting options and what they are asking of your organization from a compliance reporting perspective? Is there a connection to internal controls over financial reporting (ICFR) of the services that you provide to your clients, or are you looking at general controls of a system that are relevant to security, availability, processing integrity, confidentiality, and/or privacy? SOC 1 can oftentimes be misused by the general public as a generic reference to third party examinations. There is misconception in the marketplace; help prevent it.
By:
JASON LAM
November 3rd, 2016
The audit world isn’t as scary as people make it out to be. But there are things that you can only learn in the audit profession through experience and not in the classroom. Here are some of the biggest takeaways I learned as a first year auditor:
By:
RYAN BUCKNER
January 5th, 2016
[NOTE: Schellman has since updated this content in a more recent article.] Think of your auditing firm like you would a long-term business partner. They are someone you will work with year after year, and they will be an integral part of setting the stage for your organization’s success. As such, the act of selecting the appropriate assessor shouldn’t be taken lightly. Here are several key qualities your organization should look for when choosing an auditing firm:
Healthcare Assessments | Audit Readiness
By:
DOUG KANNEY
November 1st, 2015
The Health Information Trust Alliance is a U.S.-based organization that works with healthcare, technology and information security leaders to establish a Common Security Framework (CSF). A CSF is a body of controls for all organizations to follow to create, access, store and exchange private or regulated data. The Health Information Trust Alliance believes security should be a core pillar of health information systems and exchanges, not an obstacle to be hurtled, hence its mission to normalize security controls via the CSF. The CSF includes: