IT Compliance and Controls

Converging Business, Information, and Controls

IT Compliance and Controls header image 4

Entries Tagged as 'Tone at the Top'

Fraud Proof Your Company, by Bill Brenner

August 25th, 2008 · No Comments

To my colleagues in the technology, audit, and security field: The Association of Certified Fraud Examiner conference in July this year was a huge success.  For anyone in the business of attesting, securing, or managing the integrity of an organization this conference is for you.  Bottom line – the conference is a constant learning environment.  […]

[Read more →]

Tags: Fraud · iso27001 · Operations Resiliency · Oyster · Technology Strategy Orchestration · Tone at the Top

SOX is 6… scathing review by Chase Cooper Regulatory News

August 4th, 2008 · No Comments

July 30th marked the anniversary, and among the numerous dissertations on the legislation and its one year review I caught this short news release.  The release highlights three very important points that every Executive and Practitioner should be aware of – The Upcoming Case on the Constitutionality of SOX The Lack of Compliance by Audit […]

[Read more →]

Tags: Policy and Procedures · Tone at the Top

Misunderstandings on SOX costs and Governance

March 28th, 2008 · No Comments

A recent article raised the point that SOX expense by companies was declining (as it should with the full adoption of AS5 across all filers and it being in place for over 6 years!), and that according to analysts that Governance expenses were on the rise and the new focus of enterprises.  Yes and not […]

[Read more →]

Tags: iso27001 · Life Cycle Management · Risk Awareness · Technology Strategy Orchestration · Tone at the Top

Implementing Effective Ethics Programs

January 27th, 2008 · No Comments

The need for organizations to define and communicate effective policies and procedures resonates around the globe, and is strongly supported by such governance organizations to include the WTO, The World Bank, OCEG, and the OECD, to name but a few. A first, but essential, step to ensuring appropriate controls and operational efficiency is the defining […]

[Read more →]

Tags: Monitoring and Performance Reviews · Policy and Procedures · Risk Awareness · Tone at the Top

Fraud and SAS 99

December 17th, 2007 · 2 Comments

There are three conditions (that are in line with the ACFE Fraud Triangle) that are present where fraud exists – incentives, opportunities, and rationalizations.  These breakdown as: Incentives – Perpetrator is under pressure or receives a benefit from action (ex: default mortgage) Opportunity – Capability to execute fraud (ex: low possibility of detection, no controls, […]

[Read more →]

Tags: Monitoring and Performance Reviews · Policy and Procedures · Risk Awareness · Technology Intelligence · Tone at the Top