Risk Advisory
Take Action to Protect Your Organization During Cybersecurity Awareness Month
October marks Cybersecurity Awareness Month, a time to reflect on the safeguards that protect our organizations, communities, and critical systems. While cyber threats exist year-round, this month serves as a reminder to take concrete steps to reduce vulnerabilities and strengthen resilience. Every business, nonprofit, and mission-driven organization relies on systems and processes that must operate […]
Massachusetts DOR Warns of New Tax Refund Text Scam
Massachusetts taxpayers are the latest target of a growing wave of text scams. The Massachusetts Department of Revenue (DOR) reports that residents have received messages claiming they are due a tax refund. These texts include a link and ask the recipient to confirm their banking information in order to receive the money. This is not […]
Why Strong Internal Policies Are Critical for Audit Readiness and Cyber Risk Protection
In this article: During IT General Controls (ITGCs) assessments performed either as part of financial statement audits or full IT security audits, AAFCPAs often identifies gaps in client policies and procedures that can leave an organization exposed to regulatory violations, operational failures, and reputational risk. Defined operational protocols for data security, breach response, and system […]
How to Build a Reliable System of Record with Practical Data Strategy Insights
Financial systems are rarely as connected as they appear. As organizations grow and adopt specialized tools, each serving a distinct purpose, questions begin to emerge. Where does the most accurate version of a transaction live? Which system should drive reporting? Where does accountability reside? Without a clearly defined system of record, even routine tasks may […]
How Ethical Hacking Strengthens Cybersecurity and Prevents Data Breach
Would you or your IT team recognize the signs if one or more of your systems had been breached? How much sensitive data could they access prior to detection? How long would your operations be disrupted were an attack to lock you out? Cyber-attacks are a constant risk that affect organizations across industries, and the […]
Cyber Insurance in 2025: What CFOs and Risk Managers Need to Know to Avoid Costly Gaps
As cyber threats evolve in both sophistication and scale, cyber insurance has moved from a niche policy consideration to a cornerstone of business continuity and enterprise risk management. For many organizations, coverage is now a condition of financing, contract renewal, or fiduciary oversight. Yet many policies still fall short, especially when the scope of coverage […]
Understanding the Risks of DeepSeek R1
AI tools have become increasingly integral to both our work and daily lives, assisting with everything from content creation to complex problem-solving. As these tools become more powerful, AAFCPAs’ IT Security team advises that clients take a cautious approach. One such tool making waves is the DeepSeek R1 model, developed by Chinese tech company DeepSeek. […]
Mitigate AP Risks by Strengthening Internal Controls
In this article: Accounts Payable (AP) fraud continues to evolve with phishing schemes, fraudulent billing, and payment tampering among the most common attempts used to misappropriate company funds. The 2024 Report to the Nations on Occupational Fraud published by the Association of Certified Fraud Examiners (ACFE) reveals median losses of $155,000 from check and payment […]
Strengthening Cybersecurity: Key Actions to Mitigate Evolving Threats
Boost Your Cybersecurity with These Essential Tips In today’s interconnected world, cybersecurity threats are escalating at an alarming pace. From sophisticated ransomware campaigns to targeted phishing schemes, these attacks underscore the evolving strategies of cybercriminals and the vulnerabilities in current security infrastructures. Several factors contribute to the recent increase in cyber threats. The widespread adoption […]