Cybersecurity and data privacy issues continue to make headlines, and the risks surrounding them are only increasing.
The demands on chief information security officers and chief technology officers expand as data moves from in-house systems to cloud computing, mobile devices, remote work setups, and new technologies including artificial intelligence and robotic process automation.
As security and privacy risks increase, a disconnect between security personnel and the Board could leave the organisation more vulnerable. To avoid this disconnect, Boards should make a concerted effort to maintain an accurate picture of the risk profile of the organisation and the strength of its cybersecurity program. 
At the same time, many organisations are dealing with change and transformation within their businesses. Some people may ask – what we have been doing for years has worked, so why change? Or conversely – if we need to transform, does that mean we were not good enough before? Responses such of these are natural, as humans have a negativity bias that is hardwired into our psyches which ultimately causes us to see change as a threat. Understanding this point about human nature does not necessarily make change easier for us to accept, but it does provide a context as to why we react to change and transformation in the way that we do, and therefore what we could do to better communicate or engage with change - to actively seek out the positives as a counterbalance.
Importantly, the true transformation of many businesses does not primarily lie in structure or operations, but in the mindsets, activities and relationships of the people make during these difficult times. Therefore, while our initial reaction to change and transformation may be one of apprehension and uncertainty, let’s use all that we have learned since the beginning of the pandemic to fight that response.
2021 may have seen the beginning of the Transformation Era – but as the name suggests, it is the start of a business age characterised by continuous change that can best be managed through an accurate picture of the risk profile of the organisation and the strength of its cybersecurity program – so let’s embrace it.
Please enjoy the latest version of Risk Insider.

Jean-Marc Imbert image

Jean-Marc Imbert
National Head of Risk Advisory Services

Understanding your Payroll Function

Understanding your Payroll Function
With companies in the news due to underpaying employees, it's important to understand your payroll environment to avoid the risk and repercussions of this happening to your business. Nicole Mohan and Jennifer Horton discuss the payroll function, its key risks and controls in an informative video. Read more >>

Audit+Net-Zero article

Cyber security concerns for businesses
The downside to increased technology in our businesses, is the occurrence of cyberattacks and threats from insiders or hackers. To avoid the financial, reputational and legal repercussions a cyberattack could cause, it’s vital that business owners make security and privacy one of their highest priorities.  

Ransomware - How SMEs can stay safe online
Although awareness of Ransomware attacks is increasing, businesses still face the challenge of protecting themselves and their small business. In this article, Ashwin Pal explains and describes what Ransomware is, and the steps a business can take to avoid an attack. Read more >>

Audit+Net-Zero article

Fighting Insider Fraud: Using the Right Technologies
Roger Darvall-Stevens joined the team at Fraud Today to discuss his latest global webinar on the topic of Fighting Insider Fraud: Using the Right Technologies. To access the full interview, click here >>.

Bootstrapping your IT infrastructure for under $5k article

Cyber Security - A practical approach
Working with multiple organisations to help uplift their cyber security, our advice is to 'focus on the basics'. We aim to approach cyber security in a methodical and thought-out way so that we can understand our key risks and then start treating these risks in a prioritised manner. Read more >>

Better practice fraud and corruption control guide AS 8001:2021
The guide has been updated and released to include a number of changes. To find out what these updates mean for you and your business, click here >>
Value creation through ESG: The next wave of opportunity
Tim Pittaway and Ken De Negri, together with James Cronan, Executive Director of Xchainge Global, presented on Value creation through ESG: The next wave of opportunity, at the Members Meeting of The Institute of Internal Auditors NSW Chapter on Thursday 26 August 2021. Click here to get a copy of the presentation.


Thursday 30 September, 11:30am AEST
Roger Darvall-Stevens will be presenting on recent significant changes to fraud and corruption control which could make a significant positive impact to your business to help reduce the cost of fraud and corruption and have a more robust fraud and corruption control system. Register here >>
Registrations are open for our October sessions.
Since a hugely successful partnership began in 2016, RSM Australia’s Fraud & Forensic Services continues to deliver this four-day course in Australia in 2021 through our facilitators as led by Roger Darvall-Stevens.



We have recently updated our Risk Advisory webpages to showcase the wide range of services RSM offers to identify and manage business risks.
In this edition of Risk Insider, we focus on our Business Transformation services page. Need more information on how to transform your business? Click on the link below to find out more.

Ashwin Pal has recently joined the Risk Advisory Services Team in Sydney as a Partner in Cyber Security and Privacy Risk Services.
Ashwin is passionate about providing solutions to his clients and has worked alongside many industries including energy and utilities, government, health, mining and manufacturing. Prior to joining RSM, Ashwin built and controlled a security business for a large global systems integrator across the Asia Pacific region. Read more >>