COMPLIANCE AND AUDIT
A systematic evaluation of an organization’s cybersecurity policies, procedures and their effectiveness. A cybersecurity audit focuses on security standards, guidelines and procedures and the implementation of the related controls.
The Model Audit Rule (MAR) largely replicates the Sarbanes-Oxley (SOX) Act of 2002, but is only applicable to the internal controls for the annual statutory financial statements filed by insurance organizations. Since implementation, organizations subject to the regulation have worked to meet it with the greatest possible efficiency. Compliance avoids regulatory issues and instills confidence in insurance consumers.
A mature MAR compliance program will include established processes and procedures to conduct the materiality assessment, review and update in-scope process narratives, conduct established audit tests, document and monitor issues, conduct year-end and remediation tests, and securely retain all appropriate documentation.
Here at The Mako Group, our team of experienced risk and control experts have the background and knowledge to conduct reviews of established programs looking for emerging controls gaps, conduct maturation reviews to take an organization’s program to the next level, or help develop efficient processes/procedures for organizations just getting started.