Search

Insight

Choosing the Right Approach for Upgrading to SAP S/4 HANA

After rebuilding their Enterprise Resource Planning (ERP) solution, SAP launched S/4 HANA, its fourth-generation business suite to help businesses transform their digital needs. S/4 HANA is the successor to SAP ERP Control Center (ECC) and SAP R/3, delivering more advanced data compression technology, a simplified platform, and a more efficient memory solution. The S/4 HANA platform runs exclusively on the SAP HANA in-memory database architecture, where both on-premise and cloud-hosted implementations are supported. While many companies have started upgrading their corporate ERP systems to this next-generation solution, choosing the right implementation option for your company’s budget, needs, and team can be a challenge. Let’s take a closer look at the four different implementation approaches:
Person

Aaron Stehsel

Aaron Stehsel is a Managing Director in Focal Point’s Risk Consulting practice and brings over 30 years of audit, consulting,…
Insight

Identity Governance in Healthcare

Use cases for building a practical, strategic approach to identity governance within a healthcare organization
Insight

Internal Audit and Data Privacy

In our new white paper, our experts further explore the role of internal auditors in data privacy and practical ways the two teams can work together to mitigate risk.
Insight

An Interview with Expedia Group’s Aaron Shanas: Cyber Workforce Development

Aaron Shanas, Director of Cyber Defense at Expedia Group, graciously sat down with Focal Point's Justin Avery to discuss his personal philosophy on cybersecurity workforce development, how he trains his employees, and why some certifications may be overrated.
Insight

Privacy Shield Is Gone: Now What?

In a highly anticipated ruling on July 16, 2020, the Court of Justice of the European Union (CJEU) announced the immediate invalidation of the Privacy Shield agreement between the European Union (EU) and the United States (U.S.). Privacy Shield was a trans-Atlantic mechanism that allowed U.S. companies to freely transfer the personal data of European citizens and residents outside of the EU. The CJEU in Luxembourg ruled that the agreement did not comply with European privacy rights and failed to protect the privacy of its citizens’ data. As a result, more than 5,300 certified U.S. companies are now forced to adapt their data transfer and privacy policies. Although the court ruled that other data transfer options like standard contractual clauses (SCCs) are still viable, the decision to invalidate Privacy Shield potentially jeopardizes the flow of data across borders and causes significant uncertainty as to what comes next for many companies. In this blog, we’ll take a closer look at the CJEU’s decision to nullify Privacy Shield and what organizations can do now to strengthen the flow of data across borders.
Insight

Debunking Common Myths Around the DoD’s CMMC Certification

Which of these statements is true? Bananas grow on trees. The Great Wall of China can be seen from space. CMMC compliance won’t impact your work with the Department of Defense. The answer: none of them. The Cybersecurity Maturity Model Certification (CMMC) is the DoD’s new cybersecurity standard, and certification will be required for all contractors before they can bid on government projects. There are five levels of certification, which are earned based on the security safeguards in place to protect sensitive government information. The DoD is still developing the full compliance process for the CMMC, but requests for proposals (RFPs) requiring certification will roll out in September. This has created a lot of confusion among contractors, leading to several misconceptions about the CMMC and its certification process. In this blog, we’ll take a look at some of the most common myths about the CMMC to help you understand this new framework and prepare for certification. 
Insight

Internal Audit and Cybersecurity: A Guide to Working Together

In this three-part webinar series, our Internal Audit team will sit down with leading cybersecurity experts to explore the different facets of a cybersecurity program and practical ways internal audit can work alongside cybersecurity teams to manage risk.
Insight

How to Get Started on the DoD’s CMMC Certification

Updated July 15, 2020 With more than 300,000 Department of Defense (DoD) companies and subcontractors essential to military operations, the defense industrial base (DIB) is a frequent and valuable target for malicious cyberattacks. Potential breaches of intellectual property in this sector could weaken U.S. defense capabilities and become a matter of national security. In an attempt to increase the security and resiliency of the DIB, the U.S. Department of Defense launched Version 1.0 of the Cybersecurity Maturity Model Certification (CMMC) in January 2020. Adapted from industry-recognized frameworks, the CMMC represents a unified cybersecurity standard required for all contractors hoping to do work with the DoD. In this post, we’ll take a closer look at the CMMC framework and how your company can start preparing now for CMMC certification.
New Search