On 7th November 2024, a well-known humanitarian NGO in Kampala discovered that donor funds, meant for a maternal health project in Lira, had mysteriously dwindled. Bank statements showed UGX 1.6 billion disbursed to “beneficiary suppliers.” Yet on the ground, no medicines had arrived, and the health centre shelves remained empty. At first, management suspected supplier fraud. They called in Summit Consulting Ltd to investigate. What we uncovered was far more chilling; the breach was inside the house. How insiders weaponised access The NGO’s finance system required two approvals for any payment above UGX 10 million. But insiders knew the weaknesses.…

In Munteme village, there once stood a granary. Built with strong poles, plastered with mud, and roofed with banana leaves, the elders declared it unshakable. “This granary will protect our harvest,” they said with confidence. But one night, rats quietly chewed through the mud. On another day, a nephew stole maize to sell at the trading center. The structure remained intact. The controls, the poles, the mud, and the roof were still in place. Yet the food was gone. This is the story of many organizations today. We design robust systems, we craft policies, and we install firewalls, set up…

Walk into any boardroom, and you will hear a familiar story. The CEO takes their seat, leans forward, and narrates a string of crises they personally resolved: the supplier default that almost halted production, the angry regulator that had to be pacified, or the angry shareholder whose demands had to be contained. The board nods, impressed by the energy, the speed, the sheer effort. The CEO leaves the room as a hero, the “firefighter” who saved the day. But here is the problem: anyone can hold a hose. Few can design a building that does not burn. Who is the…

Risk is not a box you tick once a year. It is a living organism that breathes, mutates, and adapts faster than any audit calendar. Yet most organizations still approach risk like a routine medical check-up: once a year, the auditors arrive, interviews are conducted, checklists are filled, and a glossy report is produced. That ritual may satisfy compliance requirements, but it is malpractice when it comes to real governance. Imagine telling your doctor, “Only examine me every December. If cancer appears in June, don’t bother until year-end.” That is exactly how many boards and management teams operate. The illusion…

A castle may have the tallest walls and the deepest moat, yet it only takes one distracted guard to open the gate and let the enemy in. We once consulted for government agency whose IT director boasted of having “the best firewalls in the region.” During the session, we asked a staff member to log into her email on the projector. In minutes, the room gasped as we demonstrated how her password could be cracked, her inbox spoofed, and her boss tricked into approving a fraudulent payment. The real risk was never the firewall. It was the human sitting behind…

Every Weekend| @ IFIS, Ntinda Complex, Block B, 4th Floor, Opp. St Luke Church, Kampala YOU DO NOT NEED TO BE A TECHIE TO WIN WITH DATA. I have seen it again and again. Executives overwhelmed. Business managers are guessing. Teams are working hard, but not working smart. Why? Because they do not understand how to read, clean, and extract insights from data. They fear Excel. They think analytics is for the IT team. That ends now. This is your weekly 3-hour Data Analytics Breakthrough Session designed for professionals like you. Whether you are a banker, accountant, marketer, HR professional, engineer, or…