User Blogs

User Blogs

Discussions and Blogs
Tags >> SOX
Nov 16
2011

Responding to Risks When Working with Third-Party Vendors

Posted by Michele Westergaard in SOX , Risk Management , Internal Controls , Internal Audit , FCPA , ERM , Audit
Michele Westergaard

CIS-Partners, a consulting firm specializing in compliance strategies for the pharmaceutical industry, wrote an article entitled, “Don’t Get Burned”. The main focus of this article is to discuss how organizations are shifting to third-party vendors and in turn, how internal auditors need to respond to the risks associated with this process.

Comment (0) | Read more
Oct 24
2011

Emerging Companies Can Delay SOX Compliance

Posted by Michele Westergaard in SOX , Events
Michele Westergaard

New companies with a market capitalization under USD 1 billion will now be able to opt-out of regulations within section 404 of the Sarbanes-Oxley (SOX) Act for the first ten years after going public. This option was previously available to companies under USD 75 million.

Comment (0) | Read more
Dec 09
2010

Rules, Standards and Models

Posted by Arno Kapteyn in Standards , SOX , Rules , PCI , ITIL , ISO 27000 , ISACA , Ethics , Cobit
Arno Kapteyn

Is there really a difference between rules, standards and models, and does it matter to IT governance? From 28-30 September I attended the ISACA Information Security and Risk Management Conference in Las Vegas. I shared my ideas on integration of the IT governance, risk, security and compliance functions. More importantly for this article, I had the time to attend presentations from other experts in the field. This gave me a number of new insights; “good stuff” for future articles. One of the presentations was titled “Harmonization of Standards” by Todd Fitzgerald. Todd is a well known figure in ISACA circles and I attended his presentation with serious expectations. As in the past, I was not disappointed. During his presentation Todd made one remark that stuck with me. He basically said that there is a lot of discussion about the difference between rules, regulations, standards and models and that in his opinion the difference was academic and of no particular interest in real life. I have seen a similar attitude with tool vendors. It is not uncommon to read claims like “tool X describes CobiT, ITIL, ISO 27000, SOX, PCI, etc.” or something to that effect. Basically I think that treating rules, standards, and models as more of the same is wrong and here comes the reason why. But first, to Todd: if I misunderstood your comment - my apologies.

Comment (0) | Read more
Oct 29
2010

Interview With Lyle Smith, Director of Global SOX Compliance at Walmart Stores Inc.

Posted by Cinthia Pilar in SOX , Compliance
Cinthia Pilar

Interview With Lyle Smith, Director of Global SOX Compliance at Walmart Stores Inc.

Oct 29 2010 - Since the enacting of the Sarbanes-Oxley (SOX) Act 2002, publicly quoted businesses have experienced a tightening of financial reporting regulations. Lyle Smith, Director of Global SOX Compliance, Walmart Stores Inc. gives his insight as to how the SOX provisions are continuing to impact companies across America. Lyle is a speaker at our partner event the 20th Edition SOX Compliance & Evolution to GRC Conference from November 4-5, 2010 at the Doubletree Hotel in Philadelphia, PA.

Comment (0) | Read more

Subscribe via Email

 Your Email:
Banner

Subscribe via Email

 Your Email:

Tag Cloud

2012 abduction Aberdeen Group alarm alarms Android Apple Apps ATM Skimming Audit Bank Fraud Banking Security BillGuard botnet BPM breaches BS 25999 burglar burglary Business Continuity BYOD Cloud Cloud Security Cobit Compliance computer failure Consumer IT Tips contactless credit card credit card breaches Credit Card Fraud credit cards credit fraud Cross-Device Security Cyber Security cyberbullying cybercrime cybercriminals cybersecurity cyberwise data Data Backup Data Breaches Data Storage DDOS Device Reputation Digital Forensics Digital Security digitally secure Disaster Recovery DNS download DPI driver's license dumps E-Commerce eBanking Electronic Discovery Electronic ESI electronic passport EMV Endpoint Security Epsilon ERM ESI Ethics Events Facebook FCC FCPA FDIC Federal Government FFIEC Financial Crisis Fraud gaming Gartner Geo-tagging gold farming Governance GPS grc GRC Marketplace Green IT grey charges Hackers Hacktivism HP IAM iCloud ID Theft Identity theft Information Management Information Security Information Supply Insider Threat Internal Audit Internal Controls internet safety IP address ISACA ISO 27000 ISO 27001 ISO 31000 IT Alignment it compliance it governance IT GRC Forum Events it risk management IT Security IT Service Management ITIL jailbreaking Jobs laptop security Litigation Malware marathon Member Discount Mobile Apps Mobile Banking mobile device Mobile Device Management Mobile Devices Mobile payment mobile phone mobile security Mobile Wallet mSecurity Multi-Regulatory Compliance multifactor authentication myblog Network Security New Years NFC Online Backup Online Banking online dating online gaming online identity online privacy online safety Online Security online shopping Operational Management OSHA Outsourcing P2P Security Panel Partner Offers passwords PCI Performance Management personal data personal device Personal Security pheasting phishing Policy predator Privacy Prize Draw QR Codes ransomeware ransomware Regulation E resume fraud Risk Assessment Risk Management RSA Rules safety tips scam scammer scammers Scams Seasonal Security security apps sext skimming Skimming Fraud small business smartphones smishing Social Media social network Social Security SOX spammers spokesman Spyware SSDs Standards strangers Strategy tablets tax scams Tech tech support technology Threat Management Tokenization TQM Twitter typosquatting Virus VPN web Webcast Q&A Wi-Fi WIFI wireless
Banner