Advisory Services

  • Share

Insights on governance, risk and compliance

Insights on governance, risk and compliance is an ongoing series of thought leadership reports focused on IT and business risk and its many related challenges and opportunities. These timely and topical publications are designed to help you understand the issues and provide you with valuable insights about our perspective.

Advisory library

Title Topic Date
Step up to the challenge: Helping IA keep pace with a volatile risk landscape Internal Audit needs to identify and focus on the risks that matter most. We discuss seven areas that are top of mind for stakeholders. 20140811August 2014
Strong risk management practices and Internal Audit capabilities as drivers for growth The right controls and processes are essential for sustainable growth. IA and other risk management functions can help organizations design their controls appropriately, cover risks and drive value. 20140811August 2014
Maximizing the value of a data protection program Any organization can be victimized by data loss events. Is your program aligned to protect the data that matters most? 20140704July 2014
Building trust in the cloud Rapid escalation of cloud services creates risk. Use our Cloud Trust Model to balance those risks with the value the cloud provides to your organization. 20140630June 2014
Expecting more from risk management Do you need better alignment between risk and key business processes? See how to enhance value by embedding risk into the "rhythm of the business." 20140616June 2014
Big data: changing the way businesses operate Do you have the capability to analyze vast amounts of information? We explore the benefits and risks of using big data to enhance business operations. 20140515April 2014
What’s the future of Risk, Control and Compliance? Centralized operating models represent an opportunity to manage risk more effectively and drive down cost. Have you kept pace with the rest of your business? 20131310February 2014
Privacy trends 2014: privacy protection in the age of technology Technology innovation continues to accelerate, and today's privacy regulations are falling behind. We help guide you through the innovation needed for privacy issues in 2014. 20131310January 2014
Maximizing value from your lines of defense Many companies have a renewed focus on effective risk management. We present a pragmatic approach to establishing and optimizing your lines of defense (LOD) model. 20131310December 2013
Under cyber attack: Global Information Security Survey 2013 As the pace of technology evolution accelerates, so do cyber risks. Find out how organizations are addressing current threats – and those on the horizon. 20131310October 2013
Beating cybercrime: Security Program Management We help board members and C-level decision-makers understand the relationship between your responsibility, the scale of cyber threat, and a suggested approach that’s sharply focused on your business structure, culture and risks. 20131310October 2013
Security Operations Centers against cybercrime A well-functioning Security Operations Center (SOC) can form the heart of effective cyber attack detection. We present 10 considerations for success. 20131310October 2013
Bring your own device: security and risk in mobile device programs Employers need to control the use of personal mobile devices for conducting work. BYOD policies help improve productivity, enable new business and satisfy employees' needs. 20131310September 2013
Matching Internal Audit talent to business needs: key findings from the Global Internal Audit Survey 2013 Corporate leaders are demanding that IA improve visibility and deliver lasting value. Our Global Internal Audit Survey finds that most IA functions currently lack the specialist skills and competencies to provide strategic business insights and anticipate traditional and emerging risks. 20131307July 2013
Identity and access management: beyond compliance Compliance is still crucial for identity and access management initiatives, but IAM is evolving into a risk-based program. Learn about this foundation of information security. 20130506June 2013
Internal audit's role in strategic transactions During M&A and divestitures, internal audit provides a critical perspective – assessing and monitoring program management, reviewing controls and providing insights while maintaining independence and objectivity. 20130506May 2013
Lessons from change: Key findings from EY's 2012 Financial Services Supplier Risk Survey EY's third annual supplier risk management survey offers the latest insights into SRM programs 20130406April 2013
Unlocking the power of SAP's governance, risk and compliance technology A robust GRC technology solution can act as assurance for the entire organization. Learn about the solutions of SAP. 20130301March 2013
Smart Control: reducing cost, enabling growth and keeping the business safe Balancing value, cost and risk in processes and controls helps create a competitive advantage. Becoming streamlined helps you anticipate and respond to changes.20120131January 2013
Privacy Trends 2013: the uphill climb continues Digital technology is transforming businesses, creating not only opportunities but also privacy risk and responsibilities. Are organizations and regulators doing enough to safeguard sensitive information?20120131January 2013
Integrated governance: effective business continuity management Integration between business and IT is critical to business continuity and disaster recovery success. Is your organization able to effectively respond to and manage risks?20120131November 2012
2012 Global Information Security Survey: fighting to close the gap As the speed and complexity of change accelerates, the gap in your information security program grows. Is your organization doing enough to close the gap?20120131November 2012
Strategy deployment through portfolio management A risk-based portfolio management approach forces organizations to focus on projects that matter and helps manage the risk of their transformation in an integrated way.20120131September 2012
Ready for takeoff: Preparing for your journey into the cloud Organizations are looking at cloud computing to increase effectiveness of IT initiatives, reduce costs, increase operational flexibility and generate a competitive advantage. Are you prepared? 20131310April 2012
Bringing IT into the fold: enhancing industrial control system security A coordinated, strategic response that addresses the dynamic nature of cybersecurity and the rapidly changing operational technology environment demonstrates responsible risk management.20120131January 2012
Mobile device security: Understanding vulnerabilities and managing risks We explore methods to assess and mitigate the risks related to today's most popular mobile device platforms and technologies. 20131310January 2012
Privacy trends 2012 To achieve greater accountability, many organizations will have to rethink their approach to privacy.20120113January 2012
Attacking the smart gridLearn about the changing landscape in control system architecture and how to perform a penetration test safely and effectively to benefit your organization.20111231December 2011
A path to making privacy countOrganizations are struggling to manage the security and privacy collected information. Privacy protection now needs to be a fundamental component of any IT transformation.20111231October 2011
Data loss prevention: keeping sensitive data out of the public domain The blurry line between work and personal use of data can result in leaks – unintentional or malicious. Learn to identify and address these leaks. 20131310October 2011
Building confidence in IT programs Key issues to blame for IT program failures are often not being properly identified until after they have occurred, and there has never been a better or more important time for organizations to review how they plan, execute and realize benefits from strategic IT programs. 20131310September 2011
The evolving IT risk landscapeFaced with complex and ever-changing layers of risk in a 'world without borders', IT risk programs must expand and adapt to meet new challenges.20110630June 2011
Building control efficiency: rationalization, optimization, redesignIncreased government reporting requirements have forced those responsible for internal controls to do more. Optimize your controls to move past compliance toward improved performance and competitive advantage.20110630April 2011
Countering cyber attacksTraditional information security solutions are not enough to protect against advanced persistent threat attacks. What measures should organizations consider to detect and react to successful cyber attacks?20110630March 2011
Top privacy trends for 2011From cloud computing, social networking and hand-held devices to international regulations and internal governance, this list outlines the top privacy-related concerns for the C-suite.20110630January 2011
Effective software asset managementIn the global push for improved performance, effective software asset management can help reduce license-related expenses, better manage compliance-related risk, and improve overall operating efficiencies.20110630December 2010
A risk-based approach to segregation of duties Read clear guidance on a sound risk-based methodology that integrates IT and financial controls, resulting in an approach that is both manageable and cost effective. 20131310May 2010
Top privacy issues for 2010Every organization faces a number of obligations related to privacy and the protection of personal information. Do you have the right risk management in place?20110630February 2010
Planning for the new service organization reportingTwo new standards replace SAS 70 for service organizations. Learn the elements of these new standards and specific actions that organizations should take to prepare.20110630January 2010
Increasing flexibility through IT outsourcingMany companies are investigating reshaping and restructuring their IT function. We look at the potential benefits and risks associated with outsourcing to a service provider.20110630May 2009
Managing the IT agenda: balancing act for business and IT leadersLeaders are looking for IT to make greater contributions to the success of the enterprise. How do you balance this vision while addressing day-to-day IT operational needs?20110630February 2009
Cost reduction through virtualization and cloud computingIn today's turbulent environment, IT functions are a likely target for cost reductions. Learn the opportunities that virtualization and cloud computing provide.20110630January 2009

Back to the top

Connect with us

Stay connected with us through social media, email alerts or webcasts. Or download our EY Insights app for mobile devices.