<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"><channel><title>Murikah · Insights</title><description>Guides and articles on internal audit, AI and system governance, and assurance.</description><link>https://murikah.com/</link><language>en-gb</language><item><title>ISO 42001 readiness: what organisations actually need to do</title><link>https://murikah.com/insights/iso-42001-readiness/</link><guid isPermaLink="true">https://murikah.com/insights/iso-42001-readiness/</guid><description>ISO 42001 is the international standard for governing AI. Here is what it is, who needs it, and the practical steps to get ready, in plain English.</description><pubDate>Tue, 12 May 2026 00:00:00 GMT</pubDate><category>ISO 42001</category><category>AI governance</category><category>Readiness</category><author>Murikah</author></item><item><title>How much does internal audit software cost in Kenya? A plain buyer&apos;s guide</title><link>https://murikah.com/insights/internal-audit-software-cost-kenya/</link><guid isPermaLink="true">https://murikah.com/insights/internal-audit-software-cost-kenya/</guid><description>What internal audit software really costs in Kenya, what drives the price, and what to expect to pay, with honest indicative ranges for mid-market teams.</description><pubDate>Tue, 21 Apr 2026 00:00:00 GMT</pubDate><category>Audit software</category><category>Pricing</category><category>Assurance OS</category><author>Murikah</author></item><item><title>The Kenya Data Protection Act: what controllers and processors must do</title><link>https://murikah.com/insights/kenya-data-protection-act/</link><guid isPermaLink="true">https://murikah.com/insights/kenya-data-protection-act/</guid><description>A plain-English guide to the Kenya Data Protection Act: who controllers and processors are, the core obligations, ODPC registration, and how a review works.</description><pubDate>Tue, 07 Apr 2026 00:00:00 GMT</pubDate><category>Data protection</category><category>ODPC</category><category>Kenya Data Protection Act</category><author>Murikah</author></item><item><title>Internal audit for SACCOs: what SASRA expects and how to deliver it</title><link>https://murikah.com/insights/sacco-internal-audit-sasra/</link><guid isPermaLink="true">https://murikah.com/insights/sacco-internal-audit-sasra/</guid><description>SASRA expects regulated SACCOs to run an internal audit function that reports to the board. Here is what that means in practice, and how to deliver it.</description><pubDate>Tue, 17 Mar 2026 00:00:00 GMT</pubDate><category>SACCO</category><category>SASRA</category><category>Internal audit</category><author>Murikah</author></item><item><title>Co-sourced or outsourced internal audit: which does your organisation need?</title><link>https://murikah.com/insights/co-sourced-vs-outsourced-internal-audit/</link><guid isPermaLink="true">https://murikah.com/insights/co-sourced-vs-outsourced-internal-audit/</guid><description>Co-sourcing and outsourcing internal audit are different models with a clear decision rule. Here is what each means, when to choose it, and what good looks like.</description><pubDate>Tue, 03 Mar 2026 00:00:00 GMT</pubDate><category>Internal audit</category><category>Co-sourcing</category><category>Outsourcing</category><author>Murikah</author></item></channel></rss>