Tim Maloney, IT Consulting & Audit Professional

Since 2002, Tim has partnered with his clients to support their efforts across three primary areas of expertise:

IT Strategy, Governance & Risk Management

IT Strategy, Governance & Risk Management

Partnering with companies to evaluate and improve their approach to aligning IT and Business objectives to facilitate organizational objectives while identify, managing and responding to IT-specific risks.

IT Process Improvement

IT Process Improvement

Helping IT personnel to improve their IT processes in order to improve their efficiency, effectiveness, and ability to meet audit/regulatory needs while mitigating risk to an acceptable level.

IT Audit & Compliance

IT Audit & Compliance

Collaborating with IT and Internal Audit personnel to evaluate the organization's control effectiveness and compliance with external regulatory requirements such as the Sarbanes-Oxley Act, COSO 2013, and FFIEC guidance.

Confused by Two-Factor versus Two-Step Authentication? (via Lifehacker)

Lifehacker has a great summary explaining the difference between Two-Factor and Two-Step Authentication.  Ultimately, the distinction is somewhat academic, but I think the key point is that the type of multi-factor authentication is less important than enabling the multi-factor authentication in the first place.  It is still important to understand the difference between the two (and

Face the Future with Confidence… Protiviti

I’m very excited about our new marketing initiative around Facing the Future with Confidence.  Check out the video above to see what Protiviti can offer to you and your company and be sure to check out the all new Protiviti.com for more information about our products and services.

COSO Enterprise Risk Management: What It Means (via DOCUMENT Strategy Magazine)

COSO is in the process of gathering feedback on it’s latest exposure draft of an ERM framework.  The framework helps companies implement a scaleable Enterprise risk management process that focuses on enabling the organization’s strategy.  In this short article in DOCUMENT Strategy, Protiviti Managing Director Jim DeLoach explains the COSO framework and what we’ve learned since the

The Cost of Cyberattacks Is Less than You Might Think (via Schneier on Security)

I’ve been a fan of security guru Bruce Schneier for a long time.  In this article from his website, he explores recent research conducted by RAND on the cost corporations bear for cybersecurity breaches.  Interestingly, the research suggests that the costs are often much lower than expected.  Schneier counters this perspective by highlighting that other externalities (costs


Segregation of Duties: The Increasing Burden of Proof

Does your organization run Microsoft Dynamics?  Has your organization considered how to enforce systematic segregation of duties?  Protiviti is hosting a one hour webinar this Wednesday (October 5) at Noon eastern time to discuss these topics. Here is a brief summary of the session: Segregation of Duties (SOD) isn’t just for big companies. It’s an