Matt Kelly

Segregation of duties controls—and their close cousin, sensitive access controls—are at the heart of a robust internal control system. They are also among the most difficult controls to understand, develop, and deploy. In this week’s podcast we talk with Larry Carter, author of the new e-book Segregation of Duties and Sensitive Access: Leveraging System-Enforced Controls, who outlines his 11-step approach to studying business processes and developing SoD and SA controls in a repeatable, testable manner.

Image: Planning for the Compliance Week 2015 conference is well underway. We’re particularly excited for next year’s event because it will be our 10th anniversary, and hitting that 10-year milestone has put us in a reflective mood here. So as Compliance Week puts together the agenda, we’ve been asking ourselves: Which problems in this profession seem to be unsolvable? Editor Matt Kelly has his thoughts inside.

Image: Corporate compliance executives, we need your help: Please take our annual Compliance Trends survey, to give us the latest insights on corporate compliance programs today. The data you provide will be analyzed and then reported in the Compliance Trends 2015 report, the annual benchmarking study Compliance Week publishes with Deloitte every spring. The findings will be unveiled at the Compliance Week 2015 conference in Washington next May. More inside.

Two truths about corporate compliance: no single solution exists for all businesses, and everyone wants to know what everyone else is doing. Compliance Week now has a way to address both those points—our new Data Research Division, where we listen to your company’s specific needs for data about audit, compliance, and risk; and then give you a detailed benchmarking report to help you navigate the compliance obligations you face. Editor Matt Kelly has more inside.

Image: Title: KellyGood news for compliance, audit, and risk executives looking to have a good time next year: We’ve announced the first few sessions on the agenda for the Compliance Week 2015 conference! Antitrust compliance, risk analytics, GRC technology implementation, training programs, the CCO’s role in discipline—we will have all that and much more. Compliance Week Editor Matt Kelly has more of the preliminary agenda inside.

Good news for compliance officers wondering whether their program really helps the company to achieve better outcomes: Our next Compliance Week executive roundtable, happening in Washington D.C. next month, will explore how you measure program effectiveness. If you’re a compliance officer who will be in the Washington area on Dec. 3 and would like to attend, e-mail Editor Matt Kelly at mkelly@complianceweek.com for further details. Admission is free, the discussion is off-the-record, and the peer networking is priceless.

Image: Title: KellyA foolish consistency is the hobgoblin of little minds—and also the sign of reckless policy management. Case in point: the quarantine imposed by New Jersey Gov. Chris Christie upon Kaci Hickox, the nurse returning from Ebola work in Africa who was not sick. From poor risk assessment to missing procedures, Compliance Week Editor Matt Kelly says, Christie’s mis-steps provide valuable lessons to the compliance community. More inside.