Changes to a company’s IT infrastructure are a significant source of risk for every business; to protect the corporate crown jewels, robust change-management practices are absolutely critical. The need for a positive “control environment” within IT and a very unforgiving attitude regarding unauthorized IT changes cannot be overstated. In fact, a recent study by the […]
Data Privacy
Posted inInternal Controls
Tracking Performance Goals For Compliance
Companies have used “key performance indicators” for years to track data that can help measure progress toward whatever goals a company has. And as compliance and risk management have risen to be primary corporate goals, so have compliance- and risk-related KPIs. “In the last year, much more attention has been paid to how to operationalize […]
Posted inData Privacy
Who’s Coming And Going In Governance
Compliance Week regularly tracks various personnel moves, board appointments, product releases, customer wins and industry gossip in the corporate governance realm. Submit announcements to Compliance Week Managing Editor Matt Kelly. Executive Moves Michael Palu has been named acting chief financial officer of Internet service provide Extreme Networks in Santa Clara, Calif. Palu, the company controller, […]
Posted inInternal Controls
Case Study: A Risk-Based Audit At Chevron
This “case study” is the latest in a series of articles aimed at helping public companies understand how other organizations are using technology to comply with new regulations and standards. These are not advertisements or marketing vehicles for the companies mentioned; Compliance Week’s editorial staff speaks with the public company that has deployed the technology, […]
Posted inData Privacy
Who’s Coming And Going In Governance
Compliance Week regularly tracks various personnel moves, board appointments, product releases, customer wins and industry gossip in the corporate governance realm. Submit announcements to Compliance Week Managing Editor Matt Kelly. From The Regulators Vollmer The Securities and Exchange Commission has hired Andrew Vollmer to serve as its deputy general counsel. Vollmer is a partner at […]
Posted inAccounting & Auditing
Auditor Filings Eyed; AICPA Data Missing
The Public Company Accounting Oversight Board is pushing new disclosure rules for CPA firms, which could ultimately force auditors to alert regulators when they—or their clients—encounter numerous types of governance woes. Under new rules proposed last week, the PCAOB wants to be notified within 14 days if an audit firm withdraws a public company’s audit […]
Posted inData Privacy
Managing Privacy Compliance As A Public Company
Driven by increased regulatory scrutiny, a spate of headline-grabbing security breaches, and a subsequent flurry of state legislation, privacy issues now sit high on the list of concerns that keep corporate executives awake at night. Bender The amplified focus on privacy issues has companies scrambling to comply with a slew of increasingly complex privacy regulations, […]
Posted inData Privacy
Uncertainty Persists For Overseas Hotlines
Overseas whistleblower hotlines still flummox corporate compliance officers on both sides of the Atlantic, nearly a year after French authorities first questioned the legality of the hotlines in that country and sent a cornerstone of Sarbanes-Oxley compliance into jurisdictional limbo. In particular, some tensions still appear to exist between French data protection laws and whistleblower […]
Posted inData Privacy
France OKs Online Approval Of Whistleblower Plans
In a move expected to clear a path for companies seeking to implement whistleblower systems in France that will comply with both the Sarbanes-Oxley Act and French data protection laws, the French Data Protection Agency has set up a means to let companies get the required approval of their systems online. As expected, the Commission […]
Posted inData Privacy
FTC Enforcement Raises Questions On Data Security
The Federal Trade Commission seems to be stepping up enforcement activity against companies that don’t safeguard customer data, and has heightened expectations for how that data must be protected. Until recently, the FTC only targeted companies that had broken promises they had made regarding data security, notes Deborah Birnbach, a partner with the law firm […]
