Even if you’re a dollar-menu writer now, that does not mean you always will be. Anyone can become a gourmet audit report writer. Over the next few weeks, Audit Writer’s Hub articles will focus on specific writing tips to help you begin crafting your gourmet issues. This week, we look at passive voice.

Developing a strong working relationship with audit clients goes a long way, but that can be a lot easier said than done. In this post, we examine 7 areas that internal auditors can focus on that will help them improve their relationships with audit clients.

We caught up with one CISO that shares his advice on what security leaders can do to ensure they're taking the right approach to budgeting as it relates to their overall security strategy.

Cybersecurity teams seem to understand their biggest areas of challenge, yet the action to put effort behind remediating those problems falls short.

Internal audit is positioned to help evaluate risk that arises from working with vendors. Here we outline steps for determining which vendors to audit and what to focus on during the audit.

InfoSec Insider catches up with one threat expert who discusses why security professionals should consider a proactive threat hunting model, and outlines how they can take that approach.

 Today, most reputable cloud service providers are security conscious, yet users remain responsible over many—but varying—aspects of information security. Here, we take a look at the three most common public cloud models that should be on your radar.

Effective communication, teamwork, and accountability are key ingredients of efficient programs, processes, and projects. Unfortunately, many organizations suffer due to a misunderstanding of who’s responsible for what. Here, Dr. Hernan Murdock details how RACI Charts can help internal auditors overcome these challenges.

Auditors in search of a great decision-making tool to identify the forces for and against a course of action should look no further than Force Field Analysis. In this feature by MISTI's own Dr. Hernan Murdock, he details how internal audit can leverage this technique.

If internal auditors are auditing people, then they need to have a humane approach. And to audit humanely, they need to show a degree of emotional intelligence. Here are five skills that can get you on your way.

Today's threat landscape is like a tentacled sea monster that security practitioners have to battle on a daily basis. In this feature story, we highlight the top five most likely cyber risks to organizations today.

If you're looking to ensure that your cyber incident response plan doesn't turn into shelfware, here are five ways to make it actionable. 

Threat modeling is essential to becoming proactive and strategic in your operational and application security.