http://www.complianceweek.com/dan-swanson/author/849/ Latest articles by Dan Swanson from Compliance Week Compliance Week info@complianceweek.com no Any corporation of any size today must worry about privacy and information security. Protecting sensitive information has always made good sense, but most developed nations now have laws that restrict some uses of at least some types of data. http://www.complianceweek.com/scoping-out-an-audit-of-privacy-programs/article/186242/ Tue, 07 Apr 2009 04:00:00 GMT Any corporation of any size today must worry about privacy and information security. Protecting sensitive information has always made good sense, but most developed nations now have laws that restrict some uses of at least some types of data. Compliance Week Corporate management has always been told to invest wisely in IT. The board has always been told to ensure management invests wisely in IT. It’s a truism everyone states all the time. http://www.complianceweek.com/how-to-weigh-it-investment-decisions/article/186145/ Tue, 03 Feb 2009 05:00:00 GMT Corporate management has always been told to invest wisely in IT. The board has always been told to ensure management invests wisely in IT. It’s a truism everyone states all the time. Compliance Week Usually I write a column about how to audit some aspect of a whole enterprise—say, how the company manages risk, or how executives invest their IT dollars. That’s important. But we shouldn’t lose sight of the nuts and bolts: Companies are run by specific departments doing specific jobs, and they need auditing too. So we’re going to get back to our internal auditing roots this month, starting with the finance department. http://www.complianceweek.com/giving-finance-dept-the-audit-it-deserves/article/185714/ Tue, 01 Jul 2008 04:00:00 GMT Usually I write a column about how to audit some aspect of a whole enterprise—say, how the company manages risk, or how executives invest their IT dollars. That’s important. But we shouldn’t lose sight of the nuts and bolts: Companies are run by specific departments doing specific jobs, and they need auditing too. So we’re going to get back to our internal auditing roots this month, starting with the finance department. Compliance Week Today’s IT solutions are complex, and they are getting more challenging to implement all the time. One of the great questions for management at any company these days is simply whether all the investment in those systems is worth it. Internal auditing can play a critical role there, measuring and inspecting how the IT investment process—specifically, how IT investment is managed—works. http://www.complianceweek.com/auditing-a-companys-it-strategies/article/185661/ Tue, 03 Jun 2008 04:00:00 GMT Today’s IT solutions are complex, and they are getting more challenging to implement all the time. One of the great questions for management at any company these days is simply whether all the investment in those systems is worth it. Internal auditing can play a critical role there, measuring and inspecting how the IT investment process—specifically, how IT investment is managed—works. Compliance Week Everyone talks about the need for good risk-management programs, but nobody seems to know how to audit them to ensure they actually work. http://www.complianceweek.com/auditing-your-erm-program/article/185615/ Tue, 06 May 2008 04:00:00 GMT Everyone talks about the need for good risk-management programs, but nobody seems to know how to audit them to ensure they actually work. Compliance Week In today’s business environment, information security and protection of information assets are vital to the long-term success of all organizations. Information is the lifeblood of corporations and a vital business asset. IT systems connect every internal department of a company and connect the whole company to myriad suppliers, partners, customers, and others on the outside, too. http://www.complianceweek.com/educating-staff-leads-to-improved-it-security/article/185550/ Tue, 01 Apr 2008 04:00:00 GMT In today’s business environment, information security and protection of information assets are vital to the long-term success of all organizations. Information is the lifeblood of corporations and a vital business asset. IT systems connect every internal department of a company and connect the whole company to myriad suppliers, partners, customers, and others on the outside, too. Compliance Week Some companies have far lower levels of misappropriation of assets and fraudulent financial reporting than others. Why? Because they aggressively take steps to prevent and detect fraud, end of story. http://www.complianceweek.com/establishing-accountability-for-your-antifraud-efforts/article/185491/ Tue, 04 Mar 2008 05:00:00 GMT Some companies have far lower levels of misappropriation of assets and fraudulent financial reporting than others. Why? Because they aggressively take steps to prevent and detect fraud, end of story. Compliance Week In my line of work, I’m often asked exactly what internal auditing is supposed to be. According to the International Standards for the Professional Practice of Internal Auditing, the answer is pretty straightforward: “Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations.” http://www.complianceweek.com/what-internal-auditors-want/article/185443/ Tue, 05 Feb 2008 05:00:00 GMT In my line of work, I’m often asked exactly what internal auditing is supposed to be. According to the International Standards for the Professional Practice of Internal Auditing, the answer is pretty straightforward: “Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations.” Compliance Week The internal audit function’s position within a company is unique. It provides its principal stakeholders (audit committee members and management) valuable and objective assurance on governance, risk management, and control processes, as well as consulting services to improve operations. With this critical responsibility to fulfill, implicit in executing those duties is internal audit’s continuous improvements to its own practices. http://www.complianceweek.com/enhancing-your-internal-audit-performance/article/185393/ Tue, 08 Jan 2008 05:00:00 GMT The internal audit function’s position within a company is unique. It provides its principal stakeholders (audit committee members and management) valuable and objective assurance on governance, risk management, and control processes, as well as consulting services to improve operations. With this critical responsibility to fulfill, implicit in executing those duties is internal audit’s continuous improvements to its own practices. Compliance Week Safeguarding assets has been an important objective of all organizations for centuries. In today’s digital age however, what does safeguarding your assets really mean? Who is responsible for it? And how is “protection” actually achieved? http://www.complianceweek.com/are-you-protecting-your-digital-assets/article/185329/ Tue, 04 Dec 2007 05:00:00 GMT Safeguarding assets has been an important objective of all organizations for centuries. In today’s digital age however, what does safeguarding your assets really mean? Who is responsible for it? And how is “protection” actually achieved? Compliance Week