All Resource articles – Page 21
-
Resource
e-Book: Understanding Anti-Corruption Compliance
Enforcement of the U.S. Foreign Corrupt Practices Act and U.K. Bribery Act has skyrocketed in recent years, and it's no surprise that bribery and corruption risks continue to keep compliance officers up at night.This e-Book, produced by Compliance Week in cooperation with KPMG, explores what countries are doing on the ...
-
Resource
Free Guide: Conducting Pre-Contract Vendor Due Diligence
Today’s global, digital economy opens up a world of opportunities—and a whole new world of risk exposure. When important parts of your business can be fulfilled anywhere, risks may be everywhere.If one of your vendors takes a hit, you could take the fall. Which begs the question: Do you have ...
-
Resource
Selecting Foundational Controls Makes SOX Compliance Easier
Key components of regulatory compliance include being able to demonstrate the use of appropriate IT-related internal controls that mitigate fraud risk, and the implementation of necessary safeguards for legally protected information that’s electronically stored and transmitted. Read this Dell white paper for a look at SOX security compliance from an ...
-
Resource
Selecting Foundational Controls Makes PCI DSS Compliance Easier
Key components of regulatory compliance include being able to demonstrate the use of appropriate IT-related internal controls that mitigate fraud risk, and the implementation of necessary safeguards for legally protected information that’s electronically stored and transmitted. Read this Dell white paper for a look at PCI DSS security compliance from ...
-
Resource
GRC Capabilities Illustrated Series: Perform GRC Actions and Controls for Principled Performance
Principled performance is all about being able to reliably achieve objectives while addressing uncertainty and acting with integrity. You need to address threats, opportunities, and requirements by encouraging desired conduct and conditions and preventing what is undesired. Performing the right management actions and controls over business operations, risk, and compliance ...
-
Resource
e-Book: Making the Leap From Compliance to ERM
For compliance and audit executives, deciding on the right enterprise risk management (ERM) structure can be a challenge—especially as the risk landscape continues to evolve with a fierce focus on anti-corruption, anti-money laundering, and cyber-security. The trick is moving from the compliance routines of today to a more coherent ERM ...
-
Resource
Managing the Insider Threat with Active Directory Security
Active directory is a prime target for attackers due to its importance in authentication and authorization for all users. Unfortunately, these breaches don’t always originate from the outside. Read this white paper to explore how a typical insider threat unfolds, and how to use best security practices to defend your ...
-
Resource
Challenged by the OFAC 50% Rule?
Is your organization depending on self-reported data to onboard, monitor, and assess risk? Updated Office of Foreign Assets Control (OFAC) guidance from the Department of Treasury has pushed businesses to have rigorous due diligence measures in place to understand the corporate ownership structure of their partners, third parties, customers, and ...
-
Resource
e-Book: Purging Vendor IT Risk
Third-party risk management continues to confound many companies, with compliance officers feeling frustrated that the strategies and processes necessary to keep pace with these risks are evolving faster than their companies can manage. At the same time, technology is becoming increasingly difficult to navigate and can leave businesses vulnerable to ...
-
Resource
The Need for Third-Party Archiving in Office 365
Do you use, or potentially have plans to use, Office 365? If so, remember that your responsibility to archive email remains. You will still need to respond to litigation, routine discoveries, and pervasive regulations. Will Office 365’s email archiving capabilities meet your needs or will you need a better archiving ...
-
Resource
GRC Illustrated Series: Align Your Business for Principled Performance
Principled performance is all about being able to reliably achieve objectives while addressing uncertainty and acting with integrity. That means you need to develop objectives based on a full understanding of the context in which your organization operates and design strategies for operations, risk management, and compliance that are effective ...
-
Resource
e-Book: The Evolving Era of Big Data
Data has broken free from the confines of computers and mobile devices, making it hard for pretty much anyone to control what is collected, how it is aggregated, and how it can be used. To make matters worse, a new breed of connected devices is becoming a far more difficult ...
-
Resource
Actionable Insights from the 2015 World's Most Ethical Companies®
It’s clear that just as regulatory oversight has never been more complex, public expectations about transparency, corporate culture, and business behavior are part of everyday conversation. These factors, among others, have led to an expansion in the field of ethics and compliance. Leading practices of prior years have become today’s ...
-
Resource
Epic Data Fails: How Companies Can Lose 20% of Their Value in 10 Minutes
Data security is paramount, and inadvertent data exposure (either due to malicious intent or human error) can cost companies millions of dollars. Every day, we engage in mundane activities that could be placing sensitive data at risk without our knowledge.Novaworks’ white paper, Epic Data Fails: How Companies Can Lose 20 ...
-
Resource
GRC Illustrated: Learning Lessons for Principled Performance
Principled performance is all about being able to reliably achieve objectives while addressing uncertainty and acting with integrity. That dictates setting objectives and strategies, based on a full understanding of the external and internal contexts within which our organization operates and responding to them appropriately. We must ask:What might happen ...
-
Resource
Lessons from the LIBOR Scandal
The manipulation of the London Interbank Offered Rate (LIBOR) has urged further analysis of electronic communications usage within regulated firms. The electronic communications landscape continues to evolve, as information is constantly created, exchanged, and stored. For regulated firms, it is essential to monitor and manage the flow of information to ...
-
Resource
e-Book: Conducting Effective Investigations
Corporate investigations are a critical component of a robust compliance program; without the right resources to investigate allegations of wrongdoing, a company can suffer serious financial damages, and its credibility with regulators can also be called into question.To help compliance officers and legal teams navigate those challenges, this e-Book produced ...
-
Resource
e-Book: Leading Practices for Audit Committees
Serving on a corporate audit committee has not been easy for some time now. Required disclosures are likely to increase; the workload in dealing with the external audit firm will increase as well. Without careful attention, your audit fees will go the same way too.To help audit committees—and the corporate ...
-
Resource
Governance, Risk, and Compliance Software - Maintain Your IT Budget with Consistent Compliance Practices
Governance, Risk, and Compliance (GRC) software can help state and local governments move from a reactive to a proactive stance with their IT systems. It lets them answer the question, "How long since your last…?" with a comforting "less than an hour ago." Read this third-party report to learn about ...
-
Resource
Best Practices Guide for IT Governance & Compliance
Federal regulations, such as the Sarbanes-Oxley Act (SOX), the Health Insurance Portability Accountability Act (HIPAA), and the more recent Payment Card Industry (PCI) initiative, require businesses to know exactly what changes are being made to structured and unstructured data in their corporate networks. As a result, IT organizations need to ...