Risk Advisory
Belanger, Whittemore to Present Audit-Proofing Strategies for Nonprofits at MNN Conference
Katie Belanger, Partner at AAFCPAs and leader in the firm’s Human & Social Services practice along with Lisa Whittemore, Partner, Risk Advisory will present at the 2025 MNN Annual Conference on October 22 at the DCU Center in Worcester, Massachusetts. This workshop, A CPA, CFO and CFE Walk Into A Bar… Audit-Proofing Your Organization, equips […]
Understanding Your ITGCs: Why They Matter and How to Strengthen Them
IT General Controls (ITGCs) are under increasing scrutiny—and the consequences of failure are growing. CEOs, CFOs, and Boards are often blindsided by assessment findings, risk exceptions, and regulatory pressure tied to weak or outdated IT controls. These issues aren’t just technical—they’re strategic, with real implications for financial integrity, compliance, and reputation. In this webinar, we’ll […]
Take Action to Protect Your Organization During Cybersecurity Awareness Month
October marks Cybersecurity Awareness Month, a time to reflect on the safeguards that protect our organizations, communities, and critical systems. While cyber threats exist year-round, this month serves as a reminder to take concrete steps to reduce vulnerabilities and strengthen resilience. Every business, nonprofit, and mission-driven organization relies on systems and processes that must operate […]
Massachusetts DOR Warns of New Tax Refund Text Scam
Massachusetts taxpayers are the latest target of a growing wave of text scams. The Massachusetts Department of Revenue (DOR) reports that residents have received messages claiming they are due a tax refund. These texts include a link and ask the recipient to confirm their banking information in order to receive the money. This is not […]
Why Strong Internal Policies Are Critical for Audit Readiness and Cyber Risk Protection
In this article: During IT General Controls (ITGCs) assessments performed either as part of financial statement audits or full IT security audits, AAFCPAs often identifies gaps in client policies and procedures that can leave an organization exposed to regulatory violations, operational failures, and reputational risk. Defined operational protocols for data security, breach response, and system […]
How to Build a Reliable System of Record with Practical Data Strategy Insights
Financial systems are rarely as connected as they appear. As organizations grow and adopt specialized tools, each serving a distinct purpose, questions begin to emerge. Where does the most accurate version of a transaction live? Which system should drive reporting? Where does accountability reside? Without a clearly defined system of record, even routine tasks may […]
How Ethical Hacking Strengthens Cybersecurity and Prevents Data Breach
Would you or your IT team recognize the signs if one or more of your systems had been breached? How much sensitive data could they access prior to detection? How long would your operations be disrupted were an attack to lock you out? Cyber-attacks are a constant risk that affect organizations across industries, and the […]
Cyber Insurance in 2025: What CFOs and Risk Managers Need to Know to Avoid Costly Gaps
As cyber threats evolve in both sophistication and scale, cyber insurance has moved from a niche policy consideration to a cornerstone of business continuity and enterprise risk management. For many organizations, coverage is now a condition of financing, contract renewal, or fiduciary oversight. Yet many policies still fall short, especially when the scope of coverage […]
Understanding the Risks of DeepSeek R1
AI tools have become increasingly integral to both our work and daily lives, assisting with everything from content creation to complex problem-solving. As these tools become more powerful, AAFCPAs’ IT Security team advises that clients take a cautious approach. One such tool making waves is the DeepSeek R1 model, developed by Chinese tech company DeepSeek. […]