Access the internal audit status update report for detailed information on enterprise risk planning (ERP) control changes and NIST CSF key areas. This document, approved by the audit and compliance committee, offers a detailed summary of an internal audit plan, including the status and completion percentages of various audit projects. It highlights completed audits, such as a company’s post-implementation review, providing insights into the scope, results and identified opportunities for improvement. 

This report tracks the status of management action plans, validating the completion of agreed-upon action items and addressing any outstanding issues. The report aids in ensuring that internal controls are effective, policies and procedures are up-to-date, and the organization is compliant with regulatory requirements. By presenting audit findings, risk factors and recommendations, the report facilitates informed decision-making and supports the continuous improvement of your company's internal control environment, cybersecurity measures and overall operational efficiency.

The NIST CSF is composed of the following key areas:

• Identify: Develop the organizational understanding to manage cybersecurity risk to systems, assets, data and capabilities.
• Protect: Develop and implement the appropriate safeguards to ensure the delivery of critical infrastructure services.
• Detect: Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.
• Respond: Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.