Auditor Evaluation and Reporting on Cybersecurity Risks

Tremendous improvements in information networking capabilities have brought with them increased security risks resulting from the deterioration of the ability of a physical layer of computer security to protect an organization's information system. As a result, audit committees have had to deal with new security issues as well as the need to understand the cyber perpetrator and ensure the proper training of employees to consider cybersecurity risks. Standard setters including the Institute of Internal Auditors and the American Institute of Certified Public Accountants have issued guidance about lines of defense and reporting on an entity's cybersecurity risk management program and controls, respectively. Each of these topics is considered along with how cybersecurity guidance from COBIT, the National Institute of Standards and Technology, and the Center for Internet Security can be mapped into five cyber infrastructure domains to provide an approach to evaluate a system of cybersecurity.

Governance And Sustainability of Networked MFIs: Case of the CamCCul Network in Cameroon

The objective of this study is to determine the effect of internal and external governance mechanisms on the sustainability of the microfinance institutions of the CamCCul network in Cameroon. The study is conducted on a sample of 34 MFIs of the network over the 7-year period from 2009 to 2015. The results show, on the one hand, that the MFI's adherence to the network’s Risk Management program significantly and positively affects the financial sustainability of MIFs measured by their operational self-sufficiency. On the other hand, we find that the ownership of UBC Bank shares by the MFI and the culture of the zone of activity positively and significantly affect the MIFs social sustainability measured by the number of active borrowers.

Benefits of Compliance and Risk Management

Compliance is a program that aims to protect organizations from the occurrence of financial fraud, corruption, behavior and/or misconduct of employees linked to them, preventing their good reputation and financial soundness from being shaken. It is a tool whose purpose is to establish rules, standards and guidelines for internal processes within organizations. It was developed in the United States in 1970, and its practices were transformed into a legal institute, through the enactment of the Pioneer Law against Corruption FCPA (Foreign Corrupt Practices Act), motivated by the Watergate Case, which involved then-President Richard Nixon and members of his administration, by paying bribes in surveys in favor of his re-election. In this context, this article has as its main question: how do the benefits offered by the Compliance and Risk Management program collaborate to reduce the risks of fraud, illicit and corruption within organizations? The aim of this study was to present the benefits provided by the adoption of the Compliance and Risk Management program in public and private companies, in their internal processes and relationships with their segment of activity, and how they collaborate for fraud mitigation. The methodology was adopted as a bibliographic research, and it was about the benefits caused by fraud prevention programs. It was found that Compliance and risk management programs bring effective risk protection benefits, mitigating fraud and corruption, combined with new Information Technology Governance (IT) solutions, such as Enterprise Governance, Risk Management and Compliance (EGRC).

Time to Fix the Damage of Weakened Chemical Disaster Prevention Regulations

The Trump administration weakened regulations through changes on rules that have been improved during the Obama years. An example is the reversal in 2019 of the improvements to the U.S. Environmental Protection Agency Risk Management Program, Chemical Disaster Prevention Rule. In 2013 a catastrophic explosion of ammonium nitrate in West, Texas, provided the impetus to improve the original regulations after an investigation of its consequences. The justification for reversing the improvements was provided by one of the three federal investigations conducted by the U.S. Bureau of Alcohol, Tobacco, Firearms and Explosives which alleged, without proof, that the West Texas explosion was caused by arson and thus nonpreventable. This commentary reviews the details of this reversal and recommends that the U.S. Environmental Protection Agency, now under the Biden Administration, resurrect its 2016 Risk Management Program chemical disaster rule in order to prevent future chemical facility catastrophes.

The COVID-19 Impact in Hospital Healthcare Workers: Development of an Occupational Health Risk Management Program

As with the SARS-CoV-1 outbreak in 2003–2004 and the MERS outbreak in 2012, there were early reports of frequent transmission to healthcare workers (HCW) in the SARS-CoV-2 pandemic. Our hospital center identified its first COVID-19 confirmed case on March 9, 2020, in a 6-day hospitalized patient. The first confirmed COVID-19 case in a HCW happened 3 days later, in a nurse with a probable epidemiological link related to the first confirmed patient. Our study’s first objective is to describe and characterize the impact of the first 3 months of the SARS-CoV-2 pandemic on the Centro Hospitalar Universitário Lisboa Norte (CHULN). Our second objective is to report the performance of the CHULN Occupational Health Department (OHD) and the impact of the pandemic on CHULN HCW and its adaptation across national, regional, and institutional epidemiological evolution. Over the first 3 months, 2,152 HCW were screened (which represent 29.8% of the total HCW population), grouped in 100 separate identifiable clusters, each one ranging from 2 to 98 HCW. The most prevalent profession screened were nurses (<i>n</i> = 800; 37.2%) followed by doctors (<i>n</i> = 634; 29.5%). The main source of potential infection and cluster generating screening procedures was co-worker related (<i>n</i> = 1,216; 56.5%). A patient source or a combined patient co-worker source was only accountable for 559 (26%) and 43 (2%) of cases, respectively. Our preliminary results demonstrate a lower infection rate among HCW than the ones commonly found in the literature. The main source of infection seemed to be co-worker related rather than patient related. New preventive strategies would have to be implemented in order to control SARS-CoV-2 spread.

FEATURES OF ACCOUNTING AND ANALYTICAL SUPPORT FOR ENTREPRENEURIAL RISK MANAGEMENT

The article reveals the features of accounting and analytical support for entrepreneurial risk management. It was found that entrepreneurial risk is a certain act as a result of which the business entity may suffer losses. It is proved that entrepreneurial risks should be classified according to the specifics of origin, the specifics of the legal settlement, the specifics of industry affiliation, the specifics of the consequences, the specifics of the duration of the impact of entrepreneurial risk, the specifics of the expression of will, the specifics of the form, the specifics of the level of typicality, the specifics of the level of validity, the specifics of the possibility of assessing and resolving the impact, the specifics of the possibility of insuring entrepreneurial risks, the specifics of the occurrence of entrepreneurial risks by sources of origin, the specifics of the scale of the impact, the specifics of the level of losses and the specifics of character. It is established that the process of entrepreneurial risk management is the process of managing the activities of the business entity as a whole and its individual parts, and takes into account the management of not only existing risks but also potential entrepreneurial risks in space and time, that may occur in the future during entrepreneurial activities. It is determined that the process of entrepreneurial risk management should take into account the stage of preparation and implementation of appropriate measures to reduce the risk as a result of making erroneous decisions by business entities, the stage of reducing the impact of possible negative consequences that may occur, especially, if the entity operates in unexpected changes and alarming development trends, as well the stage of development and implementation of the Declaration on Risk Management and the Risk Management Program. It is established that the important information on which it is possible to estimate possibility of occurrence of entrepreneurial risks, is the accounting reporting. In the perspective of further research, it is recommended to study entrepreneurial risks in Ukraine in the context of such aspects as causes, consequences and management.

Auditor Evaluation and Reporting on Cybersecurity Risks

Tremendous improvements in information networking capabilities have brought with them increased security risks resulting from the deterioration of the ability of a physical layer of computer security to protect an organization's information system. As a result, audit committees have had to deal with new security issues as well as the need to understand the cyber perpetrator and ensure the proper training of employees to consider cybersecurity risks. Standard setters including the Institute of Internal Auditors and the American Institute of Certified Public Accountants have issued guidance about lines of defense and reporting on an entity's cybersecurity risk management program and controls, respectively. Each of these topics is considered along with how cybersecurity guidance from COBIT, the National Institute of Standards and Technology, and the Center for Internet Security can be mapped into five cyber infrastructure domains to provide an approach to evaluate a system of cybersecurity.

Alemtuzumab for relapsing multiple sclerosis in clinical practice: A four-year retrospective one-center study

Background: Disease-modifying therapies for multiple sclerosis have been developed tremendously over the last two decades. Objective: The aim of this study was to review the short-, medium-, and long-term safety of alemtuzumab in relapsing remitting multiple sclerosis (RRMS). Method: This retrospective observational study (2015–2019) included all patients with highly active or rapidly progressing and aggressive RRMS who were treated with alemtuzumab at the Cabueñes University Hospital. The short-, medium-, and long-term adverse effects were evaluated following the risk management program of the European Medicines Agency. Results: 39 patients were included, 23 of them received at least two cycles of treatment. Most patients showed at least one adverse event. The following adverse reactions were reported: infusional reactions (17), urinary tract infections (six), thrombopenia (five), and thyroid dysfunction (six). Conclusion: In clinical practice alemtuzumab showed an acceptable safety profile in selected patients even if all of them suffered at least one adverse effect. Thorough and prolonged follow-up is required to further confirm the safety of this drug.