Skip to main content

Whitepapers

  • cyber risk

    Rethinking the Identity Risk Equation

    When applied to an area like identity management (IDM), an integrated risk management approach can completely change how an organization views and manages identity risk. In this whitepaper, our experts walk through the steps to building a mature identity risk management program and the benefits it can bring your business.

    • Published:

    • Category:Cyber Risk

  • audit

    Presentation of Financial Statement: Going Concern (Subtopic 205-40)

    How to handle the disclosure of uncertainties about an entity’s ability to continue as a going concern

    • Published:

    • Author: Shawn Lundin

    • Category:IT/Internal Audit

  • data privacy

    An Easy-to-Navigate Guide to GDPR Member State Derogations

    To make implementation easier for EU Member States, the GDPR has allowed for derogations to a number of specific requirements. Our GDPR experts mapped out these derogations by Member State and cross-referenced them with the requirements of the GDPR. 

    • Published:

    • Category:Data Privacy

  • data privacy

    Privacy Regulation Comparison: The GDPR, APPI, and DPA

    Japan and the Philippines are examples of two countries who have released stricter requirements for the protection of their residents' data. Our GDPR experts sat down and mapped out the areas where these three regulations align and where they differ, so you can get a jump start on compliance. 

    • Published:

    • Category:Data Privacy

  • audit

    Insights into Internal Audit Procedures around Business Combinations

    The Focal Point team has reviewed PCAOB inspection reports for the major accounting firms in the U.S., and summarized the Board’s key observations around business combinations in a simple reference guide.

    • Published:

    • Author: Shawn Lundin

    • Category:IT/Internal Audit

  • cyber security

    A Guide to Cyber Workforce Development

    The cyber security workforce shortage doesn't show signs of slowing down, and organizations around the globe are struggling to build the teams they need to protect them from threats.

    • Published:

    • Author: Philip Casesa

    • Category:Cyber Security

  • cyber security

    A Technical Guide to PCI DSS Scoping

    Determining the scope of your annual PCI assessment can be an overwhelming task. Guidance from the PCI SSC states that "the best practice approach is to start with the assumption that everything is in scope until verified otherwise." To help you make sense of it all, our team of PCI QSAs put together a guide that breaks down ways to reduce your PCI DSS scope, common misconceptions, and future changes. 

    • Published:

    • Author: Jim Flannery

    • Category:Cyber Security

  • cyber security

    A Technical Guide to Network Change Controls

    To prevent network downtime and breaches, it's critical for organizations to understand the impact of modifying network devices and how to quickly identify and correct unauthorized changes. This document serves as a general guide for organizations to determine whether a proposed network connection, firewall configuration, or router configuration change could impact the security of sensitive data. 

    • Published:

    • Author: Chris Thompson

    • Category:Cyber Security

  • cyber security

    Technical Analysis of Android X-Agent

    Focal Point's technical analysis of the Android variant of the X-Agent malware implant in order to shed light on its use and capabilities. Focal Point's analysis sheds light onto the attribution of this malware, and whether it could have been used in targeted airstrikes of Ukrainian artillery.

    • Published:

    • Category:Cyber Security

  • cyber security

    5 Biggest Pitfalls of Identity and Access Management (and How to Avoid Them)

    We've worked with hundreds of companies on IAM implementations big and small.  Here are the traps they fall into most often, and some practical steps for avoiding those pitfalls in your company.

    • Published:

    • Category:Cyber Security