Risk Insider Newsletter - Edition #11

Technology Insights

Subscribe to Risk Insider >>                       View past Editions >>

We hope that this edition of the Risk Insider finds you well. The current circumstances that we are faced with are unprecedented and devastating. We want to take this opportunity to extend our support to any businesses that have been affected during this time

With that in mind it is now more critical than ever that businesses take responsibility for, and shape the impact they have on the environment, their community, and stakeholders. Putting sustainable and responsible practices at the heart of your business is fast becoming a pivotal requirement for regulators, investors, and other stakeholders. While profit will always be a key indicator of success, it can no longer be the only benchmark. Businesses must be held to account for their actions, impact, and the value that they bring to their market. By having an integrated and long term environmental, social and governance (ESG) strategy, organisations are taking an important step in shaping who they want to be, what they want to stand for and – critically - how other’s see them.

This means that all stakeholders, from consumers to prospective investors, will look at how businesses treat their employees, how diversity and inclusion measures are managed, the sustainability and environmental impact of the business, and any social value and governance practices. This scrutiny is not going away and is only set to intensify, so engaging now will help your business in the long term. Remember ESG includes topics such as human rights, cybersecurity and data security, climate change, sexual harassment, safety, water scarcity, energy management, diversity and gender, business ethics, intellectual property protection, political involvement, compensation of all levels of employees, and others.

When it comes to cyberthreats, the old adage held true in 2022: the more things change, the more they stay the same. Hackers and other electronic criminals continued their relentless pursuit of data and sensitive information from middle market businesses, leading to record levels of several types of attacks. SME’s, small to midsize ASX listed and government agencies continue to represent a sweet spot for hackers, with companies possessing a significant amount of valuable data, but lacking the level of protective controls and staffing of larger organisations.

The COVID-19 pandemic also altered the threat landscape for SME’s, small to midsize ASX listed and government agencies due to the rapid large-scale shift to a remote work environment, and more dependency on the internet to remain productive. Many companies simply do not have experience with managing such a transition, and security vulnerabilities—even for a short amount of time—were almost inevitable. Criminals were quick to strike, unleashing a host of attacks ranging from widespread malware and viruses to targeted social engineering and phishing attacks.

After years of increasing breach attempts and successful breaches, SME’s, small to midsize ASX listed and government agencies understand the risks that cybercriminals can pose. However, while the pandemic caused a global lockdown which generally kept people at home without the luxury of venturing out to a restaurant or a movie, hackers were locked down as well, with little to do but hone their craft and exploit vulnerabilities.

jm.pngIn this month’s Risk Insider, we provide insights on ESG, Carbon Neutral Business and how companies can prepare for and respond to this challenge. In particular, our point of view identifies the primary drivers for these changes to the risk and control environment and lists pragmatic considerations for your consideration.






How ESG is re-shaping financial services?

In the finance sector, the emergence of ESG has a dual impact. First, it’s an opportunity for financial firms to re-shape public perception and build consumer trust. Secondly, ESG will play a major role in how investments are analysed for risk and opportunity.

In this report, we discuss some of the ESG factors that are set to disrupt financial services and the steps you can take to prepare.

Read the full report here>>

management_system_reviews - Copy.png

ESG — the new normal.

RSM Australia's Natalie Saunders recently wrote an article for WA Works Magazine on the importance of good ESG strategy.

You can read the full article here>>

Adding value through Cyber and Data AnalyticsAdding value through Cyber and Data Analytics

There has been an increased pressure on businesses to simplify and secure their audit processes to protect their firm and revenue. RSM Australia has long been supporting these businesses with their ongoing audit requirements and have recently had Ashwin Pal and Matthew Cunneen come on board to bolster our cyber and data analytics capabilities. Find out more>> 

Adding value through Cyber and Data Analytics

A Brief Guide to the ICT Security Controls Required by the Australian Privacy Principles and Mandatory Data Breach Notification Scheme

On 13 February 2017 the Senate passed the Privacy Amendment (Notifiable Data Breaches) Bill establishing a Mandatory Data Breach Notification Scheme in Australia. The purpose of which is to protect the rights of individuals and strengthen community trust in businesses and agencies. 

Many organisations do not either understand their obligations under this scheme or simply do not know how to comply. 

Download the Brief Guide here>>

Adding value through Cyber and Data Analytics

Health Matters: Using data to drive personalised care, better patient outcomes, and reduce costs

The move to integrated care systems had already identified digitalisation and integrated solutions as key pillars to improve patient experience and support the drive for treatment closer to home.

Find out more about the key drivers and changes that have occurred in the health sector here>>

Adding value through Cyber and Data Analytics

Protect the future of your business with security certification

Cybersecurity is a real risk and one that needs to be considered and managed effectively in order to protect the future of your business. Read about why and how to start your Cybersecurity Journey.



Master the skills and knowledge you need to pass the CFE exam in 2022

22 - 25 March 2022 | 19 - 22 July 2022 | 11 - 14 October 2022

RSM Australia has an ongoing agreement with the Association of Certified Fraud Examiners (ACFE) as the exclusive ACFE Authorised Trainer for the CFE Exam Review Course for Australia. Since the hugely successful partnership began in 2016, RSM Australia’s Fraud & Forensic Services continues to deliver this four-day course in Australia in 2022 through our facilitators as led by Roger Darvall-Stevens.

Click to register

Adding value through Cyber and Data AnalyticsWebinar | Australia’s digital future: Evolving the Consumer Data Right


Darren Booth presented at CEDA event on Thursday 24th Feb, where he joined Digital Economy Minister Senator Jane Hume and other key stakeholders discussing the Consumer Data Right (CDR), and how the implementation of Open Banking, Open Energy, Open Telecommunications and Open Finance will enable Australia’s digital economy strategy.

You can catch up on the webinar at any time here>>

Adding value through Cyber and Data Analytics

Webinar | Qubix’s ESG Reporting and the Role of Finance


Your Roadmap for Scalable, Flexible, Auditable ESG Reporting

RSM Australia's Ken De Negri was a guest speaker at the event. In case you missed it you can access the events recording here>>

Adding value through Cyber and Data Analytics

Canberra | Australian Cyber Conference 2022

Tuesday 31st May - Thursday 2 June

Canberra will provide business leaders with insights and best practices taught by the industry’s top experts through keynotes, panel sessions and live demonstrations.

Sydney Partner Ashwin Pal will be speaking at this year’s conference on OT Security – Focusing on the Basics.

You can register for the event here>>

Adding value through Cyber and Data Analytics

Sydney & Live Stream | 11th Annual Fraud Prevention Summit

Tuesday 24 - Thursday 26 May

Back for its 11th year, the Annual Fraud Prevention Summit will equip private and public sector fraud management professionals with the best tools and knowledge to counter the growing threat of fraud.

RSM Australia's Roger Darvall-Smith, National Head of Fraud and Forensic Services and Milind Sheth, Senior Manager Fraud and Forensic Services will both be presenting at this year's event.

Follow the link to register and find out more here>>



Adding value through Cyber and Data Analytics

Dan Hutchens,




Adding value through Cyber and Data Analytics

Jaime Lam,




Adding value through Cyber and Data Analytics

Nicole Mohan,




Adding value through Cyber and Data Analytics

Riaan Bronkhorst,




Want to keep reading? View the past editions of Risk Insider here >>


Darren Booth
National Head of Cyber Security and Privacy Risk Services
Jayesh Kapitan
National Director, Hospitals
Jean-Marc Imbert
National Head of Risk Advisory
Roger Darvall-Stevens
Partner and Head of Fraud & Forensic Services
Jaime Lam
National Director, Healthcare & Community
Ashwin Pal
Partner - Sydney
Dan Hutchens
Partner - Perth
Matthew Cunneen
Partner - Sydney
Tim Pittaway
Partner - Sydney
Nicole Mohan
Principal - Brisbane
Riaan Bronkhorst
Principal - Perth
Milind Sheth
Senior Manager - Melbourne

Subscribe to Risk Insider to stay up to date with the latest in Technology, Fraud and Security.