Top tips for risk management, audit and advisory executives
As Australian companies continue to elevate cybersecurity as a business priority, strategic advisors need to carefully consider the counsel and support they provide to their clients in helping to manage and mitigate risks in this evolving area, according to RSM Australia.
RSM Australia has a dedicated and growing team of global risk management leaders and cybersecurity experts working closely with clients across all industries to ensure their cybersecurity systems and processes are world class and, essentially, resilient from hackers.
Riaan Bronkhorst, a Cyber Security & Privacy Risk Advisory Partner at RSM Australia with extensive global security and privacy expertise, says that hackers are only becoming more powerful as we, as a society, go deeper into the digital age and new tactics arise.
"We've had organisations contact our team at RSM Australia for help or advice after experiencing serious issues such as data breaches and identity theft, or even occasions when confidential files have been accessed and hackers are holding these organisations to ransom," Bronkhorst says.
"Over the years, our team has tightened our own systems and procedures, and refined the best practice and fit for purpose advice we provide to clients, with increasing importance being placed on risk managers and auditors to appropriately review and minimise any risks for clients," he says.
In line with that, below is a list from RSM Ausralia of the top 5 cybersecurity advisory services a risk manager or audit executive should consider when advising their clients:
1. Vulnerability – Penetration and Technical Security Testing Assessment
2. Security – Design, Implementation and Assessment
3. External – Third party Security Assurance and Assessments
4. Audit – System, Application and Network security audits
5. Resilience – Business Continuity Measures (BCM), Disaster Recovery (DR), CIR (Cyber Incident Response) and Crisis Management
"With hacking and cybersecurity accepted as mainstays of modern-day business, some of the services that cybersecurity experts and risk managers or practitioners use include penetration testing, which tests the vulnerability of company's security systems and how easy they are to access," Bronkhorst says.
There are also system, application and network security audits that help management to design and implement new security structures. It is also common to use third party assurance and assessments to create possible security breach scenarios, leading to crisis management and company resilience plans," he says.
"At RSM we are always updating our knowledge, procedures and methodologies to ensure that they are up to date and in line with current hacking trends," Bronkhorst says.
"Our team is constantly striving to learn what more we can do, while ensuring all security system needs are met for the benefit of our clients."