Financial institutions and other creditors soon will be under the close eye of the Federal Trade Commission and banking regulators, which are stepping up their scrutiny of how those businesses detect and respond to identity theft. According to new “Red Flags” rules that went into effect Jan. 1, any organization that handles consumer financial data […]
Data Privacy
Posted inData Privacy
Who’s Coming and Going in the GRC World
Compliance Week regularly tracks various personnel moves, board appointments, product releases, customer wins, and industry gossip in the corporate governance realm. Submit announcements to Compliance Week’s Jaclyn Jaeger. From the Regulators Lawrence In the United Kingdom, the Financial Services Authority has appointed Colin Lawrence as director of its newly created Prudential Risk Division. His appointment […]
Posted inData Privacy
PCI Group Publishes Self-Assessment Tests
Any retailers still unsure whether their data security standards can pass muster now have a new way to see how safe (or not) customer data really is. The Payment Card Industry Council has published a detailed set of “self-assessment questionnaires” for small and medium-sized retailers, who typically aren’t required to have their data security reviewed […]
Posted inData Privacy
Why It’s So Shocking Societe Generale Was Shocked
By now we’ve all seen the headline—“French Bank Rocked by Rogue Trader!”—heralding the debacle at Societe Generale as the largest bank fraud in history. Then come the details: A “mid-level” employee, unbeknownst to anyone else at one of the most venerated banks in France, bet $73 billion of the bank’s money, costing it $7.2 billion. […]
Posted inData Privacy
Take Five: Keys to Identity Management
The field of identity management is enduring a bit of split personality these days. On one hand, business software giants are gobbling up small companies that provide ID management solutions, to cobble together comprehensive offerings compliance and IT departments can tailor to their specific needs. At the same time, the overall need for ID management […]
Posted inInternal Controls
Auditing Computer Controls With AS5
Once upon a time, broad reviews of general computer controls were a cornerstone of IT audits. Now, Auditing Standard No. 5 may well close the book on that practice. Testing of operating systems, information security, and “change management” in a company’s IT environment has evolved rapidly since such audits became commonplace 15 years ago. AS5, […]
Posted inData Privacy
Surviving Data Breaches in the PCI World
At the request of subscribers, Compliance Week offers a Remediation Center, in which readers can submit questions—anonymously—to securities and accounting experts. Compliance Week’s editors will review all questions and then submit them—confidentially, of course—to specialists who can address the issues. The questions and responses will then be reprinted in a future edition of Compliance Week. […]
Posted inData Privacy
PCI Standard Catches Lawmakers’ Eyes
The credit card industry has been trying to force stronger data privacy rules onto the banking and retail sectors for more than a year. Now state legislatures are getting into the act. A California bill forcing merchants to comply with key elements of the Payment Card Industry Data Security Standard is a governor’s signature away […]
Posted inData Privacy
The Secret Life of Application Controls
Viruses. Worms. Trojans. Denial-of-service attacks. IT security professionals have long wrestled with these and many other external threats, and a bustling industry has sprung up to fend off the pests. Such risks and others posed by those aiming to compromise corporate IT systems and steal data have garnered nearly all the public attention. And from […]
Posted inData Privacy
Corporate Aircraft Usage By Executives Soars
Two words best describe aircraft usage by corporate C-suite executives: sky high. According to a Compliance Week analysis of the perks offered by 250 large companies, personal use of corporate aircraft was the most common benefit, offered by 76.4 percent of the group. The compensation research firm Equilar further reports that the number of Fortune […]