We serve privately held and family businesses, angel and venture-backed companies, public companies, foundations, not-for-profit and public sector organizations, and high net worth individuals and their families.
If you receive payments from a donor or client based in the European Union (EU), then a new law taking effect on May 25, called the General Data Protection Regulation (GDPR) will require your compliance. The regulation centers around accountability for the personal data of individuals and is applicable to anyone doing business with an individual or entity from the EU. In order to comply, your company must put practices and safeguards in place to understand what personal information may be embedded in your transactions or captured by your systems. Knowing the data lifecycle of transactions across your network is key—non-compliance will result in fines.
Suppliers for Microsoft who handle sensitive information are likely aware that the Supplier Security and Privacy Assurance (SSPA) program data protection requirements were updated to address the General Data Protection Regulations (GDPR) coming out of the EU. GDPR will take effect on May 25, 2018.
Suppliers need to be aware of these new requirements to remain compliant. In addition, other existing requirements were clarified or enhanced, and others still were removed.
As the May 25 deadline approaches, we recommend you have in place, at a minimum, the following:
A Data Classification and Privacy Governance Policy
IT Asset Inventory document listing the hardware and devices connecting to your network and accessing data
Updating your current privacy policy and terms and conditions both externally and internally.
Many parents and loved ones are concerned about funding their children’s education, and it’s no wonder. According to College Board’s recent “Trends in College Pricing” report, average tuition to attend a public four-year institution has increased 213% from 30 years ago. However, there is an option to help with these costs – the 529 plan.
Currently there are two types of Qualified Tuition Programs under IRC Section 529(b)(1)(A): prepaid tuition and college savings investment plans.
Prepaid Tuition vs. College Savings Investment Plan
Those who open a prepaid tuition plan generally lock in the current costs of tuition in place of future prices,
COSO Series, Part 3 of 6: The following article is part three of a six-part series exploring the high-level basics of the COSO Integrated Internal Control Framework.1 The following article provides a high-level overview of the second component of the framework: Risk Assessment.
There are numerous types of business risk that can impair an organization’s ability to reach its objectives. Some of these risks include financial, liquidity, exchange-rate, strategic or systematic risk. But how does a business assess what risks they face and, more importantly, how do those risks get managed?
To answer these questions, the organization must perform a risk assessment process from which they can lay the groundwork for risk response and management.
Lately, we have heard more conversations around the importance of quality of earnings (QoE) reports, likely due to the growing M&A activity in the region. The Association for Corporate Growth recently circulated the Citizens Bank 2018 report on Middle Market M&A Outlook, noting that 56% of sellers are currently involved in M&A activity or plan to be this year, an increase from 48% in 2017.
Business owners and deal makers sometimes question what, exactly, a QoE report is. In short, a QoE report is a detailed analysis of all the components of a company’s revenue and expenses. An analogy would be when you’re selling your home,