Risk Advisory
Carla McCall Featured in FM Magazine on Finance Roles in Cybersecurity
FM Magazine Report: 5 emerging business cyberthreats — and how to combat them FM Magazine (October 2025) – From deepfakes to payment fraud, companies are at risk of increasingly complex cyberthreats—with finance taking a leading role in mitigating risks. Carla McCall, CPA, CGMA, Managing Partner of AAFCPAs, contributed insights into five emerging business cyberthreats and […]
How IT Controls Keep Your Systems and Data Safe
During AAFCPAs’ recent webinar, Understanding Your ITGCs: Why They Matter and How to Strengthen Them (November 2025), Lisa Whittemore, CFE, CRMA, MBA and Vassilis Kontoglis presented a practical framework for assessing, strengthening, and monitoring IT general controls to protect data, ensure operational continuity, and support regulatory compliance. A single misstep in IT General Controls (ITGCs) […]
AAFCPAs Expands Risk Advisory Leadership with Appointment of Lisa Whittemore as Partner
AAFCPAs, a U.S. top 100 CPA and advisory firm, is pleased to announce the appointment of Lisa Whittemore, CFE, CRMA, as Partner, Risk Advisory. Lisa brings extensive experience in governance, risk and compliance for public and private companies across a wide range of industries. She has more than two decades of experience as a global […]
How Organizations Use AI to Monitor Systems and Respond to Threats
Artificial intelligence is reshaping how organizations think about system security and operational oversight. Unlike traditional tools built on fixed rules and reactive triggers, AI systems bring a capacity for adaptation—learning from patterns, anticipating irregularities, and flagging potential issues before they become disruptive. This shift not only makes systems more responsive but also gives IT and […]
Belanger, Whittemore to Present Audit-Proofing Strategies for Nonprofits at MNN Conference
Katie Belanger, Partner at AAFCPAs and leader in the firm’s Human & Social Services practice along with Lisa Whittemore, Partner, Risk Advisory presented at the 2025 MNN Annual Conference on October 22 at the DCU Center in Worcester, Massachusetts. This workshop, A CPA, CFO and CFE Walk Into A Bar… Audit-Proofing Your Organization, equipped nonprofit […]
Watch Understanding Your ITGCs: Why They Matter and How to Strengthen Them
IT General Controls (ITGCs) are under increasing scrutiny—and the consequences of failure are growing. CEOs, CFOs, and Boards are often blindsided by assessment findings, risk exceptions, and regulatory pressure tied to weak or outdated IT controls. These issues aren’t just technical—they’re strategic, with real implications for financial integrity, compliance, and reputation. In this webinar, we […]
Take Action to Protect Your Organization During Cybersecurity Awareness Month
October marks Cybersecurity Awareness Month, a time to reflect on the safeguards that protect our organizations, communities, and critical systems. While cyber threats exist year-round, this month serves as a reminder to take concrete steps to reduce vulnerabilities and strengthen resilience. Every business, nonprofit, and mission-driven organization relies on systems and processes that must operate […]
Massachusetts DOR Warns of New Tax Refund Text Scam
Massachusetts taxpayers are the latest target of a growing wave of text scams. The Massachusetts Department of Revenue (DOR) reports that residents have received messages claiming they are due a tax refund. These texts include a link and ask the recipient to confirm their banking information in order to receive the money. This is not […]
Why Strong Internal Policies Are Critical for Audit Readiness and Cyber Risk Protection
In this article: During IT General Controls (ITGCs) assessments performed either as part of financial statement audits or full IT security audits, AAFCPAs often identifies gaps in client policies and procedures that can leave an organization exposed to regulatory violations, operational failures, and reputational risk. Defined operational protocols for data security, breach response, and system […]