Consider the passport security breach of three presidential candidates last year. Did the State Department have appropriate security controls that should have prevented the breach? Why did senior State Department staffers not learn of the improper access until more than two months after they first occurred? The importance of data and information security has become […]
Data Privacy
Posted inData Privacy
Shop Talk: Best Practices on Fraud Risks
On Dec. 3, 2008, Compliance Week and the law firm of White & Case hosted an Editorial Roundtable on fraud risks in emerging markets at the Ritz-Carlton Battery Park Hotel in New York City. Eleven legal and compliance officers were invited to discuss how their companies address global fraud issues. The Roundtable was moderated by […]
Posted inInternal Controls
Avoiding Segregation-of-Duties Woe in IT
With the United States in the grips of an economic crisis, now is as good a time as any for Corporate America to reassess its internal controls. And segregation of duties is always crucial to reducing the occurrence of fraud or error within an organization. “Generally, fraud tends to increase as the economic environment gets […]
Posted inData Privacy
Many Companies Still Unprepared for Red Flag Rules
The compliance deadline for the so-called Red Flag Rules that require financial institutions and creditors to have written programs in place to detect, prevent, and mitigate consumer identity theft, is just around the corner. But, while compliance with the regulations shouldn’t be overly burdensome for most companies, many of them won’t be ready because they’re […]
Posted inData Privacy
Spy vs. Spy: Battling Fraud in Social Networks
So you finally joined the 21st century and created a Facebook page. Now, proudly displayed on your profile for the whole world to see are your date of birth, dating status, hometown, college affiliation, and complete employment history. Welcome to fraud risk in the age of online social networks. As employees, acquaintances and everyone else […]
Posted inData Privacy
DoJ Tools to Pry Information From You
In modern Corporate America, what happens overseas rarely stays overseas—especially if federal prosecutors want to hear about it. Any regulatory investigation can be difficult for a public company, and criminal probes can turn into a nightmare. A probe that reaches overseas subsidiaries or employees, however, only compounds the headache; that’s because the need to produce […]
Posted inInternal Controls
Achieving the Mythical ‘Mature’ GRC System
Companies with “mature” IT governance, risk, and compliance regimes have happier customers, make more money, and suffer fewer data-related disasters. To some extent, that sounds self-evident: If you’re a good company, you’re probably adept at many things, GRC being among them. But now, the fruits of GRC maturity have been statistically quantified. In the IT […]
Posted inData Privacy
Educating Staff Leads to Improved IT Security
In today’s business environment, information security and protection of information assets are vital to the long-term success of all organizations. Information is the lifeblood of corporations and a vital business asset. IT systems connect every internal department of a company and connect the whole company to myriad suppliers, partners, customers, and others on the outside, […]
Posted inData Privacy
FTC Identity Theft Rules Put Cos. on Alert
Financial institutions and other creditors soon will be under the close eye of the Federal Trade Commission and banking regulators, which are stepping up their scrutiny of how those businesses detect and respond to identity theft. According to new “Red Flags” rules that went into effect Jan. 1, any organization that handles consumer financial data […]
Posted inData Privacy
Who’s Coming and Going in the GRC World
Compliance Week regularly tracks various personnel moves, board appointments, product releases, customer wins, and industry gossip in the corporate governance realm. Submit announcements to Compliance Week’s Jaclyn Jaeger. From the Regulators Lawrence In the United Kingdom, the Financial Services Authority has appointed Colin Lawrence as director of its newly created Prudential Risk Division. His appointment […]
