Every year, companies invest millions of dollars on large-scale IT projects that are technically correct, yet still fail to deliver promised results. Sometimes these large projects fail because nobody could clearly articulate what a successful outcome would look like in the first place. Without doubt, IT auditors and risk managers need a better approach that […]
Technology
Posted inTechnology
Experts Speak on Using Social Media for Good
Amid headlines trumpeting privacy failures and PR nightmares stemming from employee use of popular social media tools such as Facebook and YouTube, it’s no surprise that many companies still struggle with whether and how to dip their toes in the social media pool. Done right, online social media can help a company build its brand. […]
Posted inTechnology
Where Good Risk Management IT Systems Come From
In case you’ve been living under a rock the last few quarters, here’s a quick update: all the hip, in-the-know business leaders are focusing these days on how to understand and manage risks more effectively. At a conference I recently attended, several senior executives stated that prior to the financial crisis of 2008, their firms […]
Posted inTechnology
Another Round of XBRL Guidance From SEC
Companies coming under the Securities and Exchange Commission’s rule to submit financial statements tagged using XBRL technology got another round of advice from SEC officials recently to help them with that endeavor. As some 1,200 accelerated filers prepare to submit and post financials tagged in eXtensible Business Reporting Language, or XBRL, for the first time […]
Posted inData Privacy
Two Reviews of GRC Software Implementations
Plenty of companies still use Microsoft software or homegrown IT solutions to manage their governance, risk, and compliance efforts, but a respectable fraction have also tried to implement dedicated, enterprise-wide GRC software systems to consolidate the management of multiple regulatory compliance burdens under one IT roof. Compliance Week recently spoke with executives at two companies […]
Posted inTechnology
What Companies Should Know About XBRL Tagging
The digital revolution in financial reporting is underway! Oh, um—you haven’t noticed yet? The revolution began in earnest one year ago, when the Securities and Exchange Commission enacted a phased-in requirement that all registrants start filing financial statements using XBRL, a computer language to let software pluck out individual pieces of financial data and display […]
Posted inData Privacy
Case Study: ACS Conquers Identity Management
For Affiliated Computer Services, a Dallas-based IT and business-process outsourcing firm that does business in 100 countries, identity management had become not only a compliance concern by 2008—it was a business risk and productivity drain as well. Many of ACS’s 74,000 employees work in jobs known for high turnover, such as handling calls for major […]
Posted inData Privacy
Updating PCI Compliance to Thwart Breaches
Breaches of consumers’ personal information are quickly becoming one of the biggest operational risks facing any business conducting electronic commerce. How big? The Federal Trade Commission estimates that breaches of “PCI” hit 9 million Americans and cost about $52 billion—annually. With so many PCI security breaches making headlines, you can’t help but question how effective […]
Posted inData Privacy
Data Privacy Practices Explored
A consensus is emerging among regulators that companies’ efforts to protect the consumer data they collect need a serious overhaul to keep pace with today’s changing technology landscape. The agency taking point on the issue is the Federal Trade Commission, which has begun a series of public forums to explore privacy challenges posed by modern […]
Posted inData Privacy
Monitoring Controls a Top Priority in 2010
As Corporate America settles into 2010, it may want to put stronger monitoring controls on its list of things to do this year. In an increasingly complex global operating environment, automated monitoring controls—that is, a system that continuously monitors a business process and automatically flags any deviation from the norm—can help to drive down costs, […]
