All Internal Controls articles – Page 7
-
Blog
SEC Ponders Tension Over Management Review Controls
Image: Amid continued tension over what it takes to satisfy auditors and regulators with respect to management review controls, the SEC is pondering whether some kind of new guidance might be in order. Deputy Chief Accountant Brian Croteau said recently, “It’s not an area that seems to be improving. So ...
-
Blog
Better Ways for Boards to Care About Reputation Risk
Reputation risk is never far from a board’s mind, and rightly so. That doesn’t necessarily mean boards should make management of reputation risk their first priority—despite many examples of reputation failures leading to catastrophe. Rather, Compliance Week columnist Rick Steinberg writes, boards need to obsess over culture and operational details ...
-
Article
Building a Compliance Ambassador Network
Sure, compliance officers do not have to fulfill their company’s ethics and compliance mission alone, but building a network of compliance ambassadors (or champions, or liaisons, or whatever you call your helpers) can be laborious. Inside, we asked compliance officers from Lockheed, GenCorp, DTE Energy, and elsewhere how they built ...
-
Blog
Report: Majority Adopt New COSO Framework
With more than 3,000 filings collected through early April, three-fourths of publicly traded companies have disclosed that they have adopted the 2013 COSO internal control framework, with the rest either remaining on the 1992 framework or not disclosing what framework they followed, according to a study published by Protiviti.
-
Article
PCAOB Inspection Data: Shifting Standards, Shifting Insights
Image: If you want to be panicky or cynical about audit firms’ performance, citing failure rates in PCAOB inspection reports is a great way to do it. The truth is more complex. In Part II of our series looking at PCAOB inspection data, we delve into how inspections have changed ...
-
Article
Smarter Approaches to Regulatory Change Management
Image: New regulations gush like a flood these days, forcing compliance officers to think of new ways to manage the current. Inside, we look at the IT strategies necessary to digest regulatory changes, plus the policy and procedure techniques to involve more parts of the enterprise. “It needs to be ...
-
Blog
Two Common Misperceptions About Risk Management
The “Three Lines of Defense” theory to risk management is very much in vogue today, along with maturity models to understand how strong your risk management program is. This week, columnist Rick Steinberg takes both ideas to task. The three lines concept too often paints risk as something to be ...
-
Article
Mitigating FCPA Risks in Pharma, Med Device Sectors
Image: SEC Enforcement Director Andrew Ceresney recently dropped new hints on FCPA risks for pharma and medical devices, plus suggestions on how to avoid those risks. “Our FCPA focus obviously covers many industries,” he said. “But the pharma industry is one on which we have been particularly focused in recent ...
-
Blog
Franzel Reveals Progress in Internal Control Audits
Image: PCAOB member Jeanette Franzel said to expect improvements in the audit of internal control once 2014 audit inspections are published. “Preliminary results of the 2014 inspections indicate that some improvements have been seen in the area of auditing internal control,” Franzel said at the recent IIA annual conference. “That ...
-
Article
How to Impose a Travel Policy Without Strangling Anyone
Compliance officers can pick fights with employees over any number of workplace policies. But if you really want daggers drawn and subversive battles at every turn—impose a policy on business travel. Inside, we look at how to defuse that policy management time bomb, as well as the collateral legal damage ...
-
Blog
Globally, Audit Inspectors Find Big Problems
U.S. audit regulators are not the only ones alarmed by high rates of busted audits. Around the globe, audit regulators who are members of the International Forum of Independent Audit Regulators compared notes and found nearly half of the audits they inspected in 2014 contained deficiencies that suggest the audit ...
-
Blog
Europe’s Banks at Risk for Security Breaches
Significant loopholes exist in many of Europe’s top banks, and concerns about cyber-breaches have skyrocketed, according to a new European Commission report. Despite the sheer complexity of IT systems, hackers have still made their mark on the financial services industry over the years. While banking IT systems have become more ...
-
Blog
Survey: Disparate IT Systems Increase Compliance Costs
Many companies still rely on disparate systems and manual processes to manage their human capital management-related compliance, which in turn is putting a drain on company resources, according to a new survey released today by CFO Research and ADP, an HCM solutions provider. Details on the survey results inside.
-
Article
When Enterprise Legal Management and GRC Collide
Software vendors offer a range of products known as “enterprise legal management” to help the legal department analyze spending, discern patterns, and manage costs. Given that many legal costs are the result of some governance or compliance risk, is there an opportunity to use enterprise legal data to improve your ...
-
Article
Practical Ideas on Managing Reputation Risk
Image: Reputation risk is the strategic business issue for many boards and senior executives today, and yet few know how to address it well. “Reputation is an ‘amplifier risk,’ because it attaches itself to other risks,” says Andrea Bonime-Blanc, head of consulting firm GEC Risk Advisory. She and others recommend ...
-
Article
CW 2015 Conference Preview: Assessing Program Effectiveness
Image: Compliance officers are under constant pressure to demonstrate to senior executives, their boards, and regulators that the compliance function works. That means finding ways to measure compliance program effectiveness. To develop those metrics properly, “you have to define your goals,” says Anne Harris, former chief ethics officer of General ...
-
Blog
NY Comptroller: Sweeping Compliance Overhaul in the Works
Image: The New York Comptroller’s Bureau of Asset Management is implementing sweeping compliance, ethics, and audit reforms for how it oversees the assets of the five city pension funds. These reforms will “significantly enhance accountability, transparency and ethics in my office,” said Comptroller Scott Stringer. Details inside.
-
Blog
The Logic Behind COSO’s ERM Framework Update
Even as compliance officers are still digesting the updated COSO framework for internal controls, COSO has set its sights on what’s next: an update to its enterprise risk management framework, likely to arrive sometime in 2016 or so. Why ERM? Why now? Inside, Compliance Week columnist Rick Steinberg walks us ...
-
Blog
Compliance Week 2015: Full Agenda Announced
Image: Good news for everyone looking to firm up springtime travel plans: we have just announced the agenda and speaker lineup for the best compliance and audit conference out there, Compliance Week 2015. From hardcore SOX compliance issues, to strategies for effective leadership of compliance teams, to all the operational ...
-
Blog
More Misconduct Tales to Tell Your Company
Image: As we move into 2015 and the good economic times that seem to be carrying the United States along, it’s time for a refresher course in Why Ethics & Compliance Matter. We have two new examples of misconduct—one from Brazil, the other from New York—that can go straight into ...