http://www.compliancehome.com/ ComplianceHome is one of the Web's largest library of resources for compliance management of HIPAA, SOX, FISMA, GLBA, FDA, FFIEC, Basel II, OSHA and ISO 27002/17799. Visit our directories which are the best source on White papers, related news articles, resources on the web, training, webinars, conferences, rules & regulation overview, ask the expert, job and search on vendors, solutions & products. http://www.compliancehome.com/images/rsslogo.gif http://www.compliancehome.com/ en-us Mon, 05 Jul 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18994.html With hundreds and thousands of automated systems producing log data, an organization's ability to respond to http://www.compliancehome.com/resources/SOX/Webinars/abstract18994.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18950.html First, there was the crash of Worldtron and Enron in the United States which should have put local corporate managers and representatives on alert particularly as it relates to the passage of Sarbanes Oxley (Sox) with its stringent information security requirements around financial records. Then there was the Companies Act of Jamaica in 2004 which increased corporate liability and responsibility for officers and directors. http://www.compliancehome.com/resources/SOX/Articles/abstract18950.html Tue, 25 May 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18929.html In order to better understand the issues and impact of Sarbanes-Oxley, it is critical to understand the reasons for its implementation. Elaborate, complex fraudulent accounting scandals of the late 90s and early 21st century have a direct correlation to poorly implemented and enforced internal controls. Since the enactment of the Sarbanes-Oxley legislation, companies have had to be even more cognizant of their controls in order to provide the necessary assurances that both their internal and external outputs (e.g. financial statements) to stakeholders are accurate and reliable. http://www.compliancehome.com/resources/SOX/Articles/abstract18929.html Mon, 03 May 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18913.html The Federal Deposit Insurance Corporation (FDIC) issued a proposal that would add what it deemed risky compensation practices to the list of risk factors it uses in determining assessments on financial institutions. The FDICs move follows proposed guidance by the Federal Reserve Board, which in October last year proposed guidance it believed would help curb executive compensation practices that encourage excessive risk taking. http://www.compliancehome.com/resources/SOX/Articles/abstract18913.html Wed, 21 Apr 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18890.html Virtually all government and private security regulations, such as Sarbanes-Oxley and the Payment Card Industrys Data Security Standard, have a few common requirements: that access to sensitive data and servers be granted only to those whose job function requires it, and that those individuals are granted only the privileges they need to perform their duties. This least-privilege security model has obvious merits in theory, but in practice it can be challenging to implement, particularly in Linux and UNIX environments, where it is still all too common for administrators to share passwords to root or other superuser accounts. How, for example, do you give backup administrators the superuser privilege to copy a database and move it to another volume without giving them access to the database itself? While sudo and other tools provide some help, they can be cumbersome to manage and implement and become unworkable in complex environments with hundreds of heterogeneous servers and multip http://www.compliancehome.com/resources/SOX/Webinars/abstract18890.html Fri, 09 Apr 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18863.html In 2009, databases were the number one source of breached records globally. Databases are an attractive target, containing organizations' most sensitive data, including financial records, credit card information and customer data. It is also the reason they are increasingly subject to regulations such as SOX, PCI DSS and the EU Data Privacy Directive. http://www.compliancehome.com/resources/SOX/Webinars/abstract18863.html Fri, 09 Apr 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18848.html Sens. Jay Rockefeller (D-W. Va.) and Olympia Snowe (R-Maine) have formulated a new cybersecurity bill that they described in Fridays Wall Street Journal. (Use Google news to get to the full article.) The bill as proposed will be very disruptive to the operations of every business and will do essentially nothing to prepare the U.S. for cyberwar. http://www.compliancehome.com/resources/SOX/Articles/abstract18848.html Fri, 09 Apr 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18839.html High-profile losses of confidential data from TJ Maxx, the US Department of Veterans Affairs, the UKs Child Benefit department, and other large organizations have raised awareness of the need to protect information. Governments and industry worldwide have responded with an increasing number of more complex and frequently changing regulations. This has made compliance more expensive to manage and has raised it as asignificant issue for organizations today. http://www.compliancehome.com/resources/SOX/Articles/abstract18839.html Fri, 09 Apr 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18838.html A U.S. law protecting whistle-blowers at publicly traded companies also covers mutual fund firms, a federal judge ruled in a case involving two former Fidelity Investments employees. The ruling late by U.S. District Judge Douglas Woodlock in Boston marked the first time a federal court has applied the provisions of the Sarbanes-Oxley Act to fund companies, a lawyer for one of the employees said. http://www.compliancehome.com/resources/SOX/Articles/abstract18838.html Fri, 09 Apr 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18837.html Constant utilization of instant messaging, peer-to-peer, mobile synchronization, games and other non-approved applications on the corporate network zaps productivity and is a source of malware infection and data loss. Controlling applications is a sound security policy and is required to be compliant with Sarbanes-Oxley, HIPAA and other data protection legislation. But, monitoring and controlling applications is difficult and time consuming for resource constrained IT staff. http://www.compliancehome.com/resources/SOX/Articles/abstract18837.html Wed, 31 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18832.html Use of instant messaging, peer-to-peer, mobile synchronization, games and other non-approved applications on the corporate network zaps productivity and is a source of malware infection and data loss. Controlling applications is a sound security policy and is required to be compliant with Sarbanes-Oxley, HIPAA and other data protection legislation. But, monitoring and controlling applications is difficult and time consuming for resource constrained IT staff. http://www.compliancehome.com/resources/SOX/Webinars/abstract18832.html Tue, 23 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18810.html In Tides v. Boeing, a federal district court in Seattle ruled that two employees who leaked documents to the media were not protected whistleblowers under the Sarbanes Oxley Act ( http://www.compliancehome.com/resources/SOX/Articles/abstract18810.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18790.html The quick evolution and maturity of cloud storage providers creates a new opportunity for managed service providers to offer cloud backup services. Backup to the cloud can provide a compelling cost advantage for SMB and SME customers and it opens up a new model for VARs and MSPs to profit with cloud-based backup services. http://www.compliancehome.com/resources/SOX/Articles/abstract18790.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18788.html In today's environment, IMS backup and recovery has taken on a whole new meaning because it involves more than an image copy and forward recovery. IMS backup and recovery must embrace Performance, Protection and Prevention to reduce resource utilization, meet SOX compliance, and if possible Prevent the need for recovery if at all possible. In the case where recovery is the only response, assist with the recovery action to insure its successful completion. http://www.compliancehome.com/resources/SOX/Webinars/abstract18788.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18782.html Many businesses are struggling to meet compliance requirements, and for most, the biggest challenge is e-mail. E-mail compliance is a complex endeavor, since administrators need to save e-mail conversations, archive them, build indexes and have a means to retrieve those conversations. Whats more, the stored conversations must be protected from tampering and deletion. http://www.compliancehome.com/resources/SOX/Articles/abstract18782.html Tue, 09 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18775.html e-Smart Technologies Inc. has been ordered by OSHA to pay back wages with interest and approximately $600,000 in compensatory damages to a California worker who was discharged after raising concerns about misinformation contained in a draft public filing. The agency also ordered the company to reinstate the whistleblower to his former position. e-Smart makes biometric smart cards and other products designed for security and homeland defense. The Labor Department does not release the names of employees involved in whistleblower complaints. http://www.compliancehome.com/resources/SOX/Articles/abstract18775.html Tue, 02 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18772.html IEEE, a professional association for the advancement of technology, and the Cloud Security Alliance (CSA), a not-for-profit organization formed to promote the use of best practices for providing security assurance within cloud computing, have announced results of a survey of IT professionals that reveals overwhelming agreement on the importance and urgency of cloud computing security standards. http://www.compliancehome.com/resources/SOX/Articles/abstract18772.html Sun, 14 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18745.html Norms and Guidelines have become mandated or recommended to assist businesses in their governance responsibilities. However, implementation alone will not result in an on-going and effective security management program. Nowadays, management needs to assign priority to GRC (Governance, Risk and Compliance) and provide it the same level of attention as all other critical business needs. http://www.compliancehome.com/resources/SOX/Articles/abstract18745.html Mon, 18 Jan 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18718.html The Securities and Exchange Commission has approved a new auditing standard that aims to toughen the requirements for concurring reviews of the work of audit teams. Auditing Standard No. 7, Engagement Quality Review, was adopted by the Public Company Accounting Oversight Board on July 28, 2009, and was approved last Friday by the SEC. http://www.compliancehome.com/resources/SOX/Articles/abstract18718.html Mon, 18 Jan 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18716.html One of the most important tasks an organization performs is implementing email retention, compliance or e-Discovery software. Without a solid policy behind the software investment, companies risk wasting time and money. IT professionals have a critical role in ensuring the success of email retention, compliance, or e-Discovery software implementations. The first step is to decide who should be involved in defining your organizations email policies. Understand how your business is affected by various government and industry standards, and then take the time to carefully think out your policy, documenting each step. http://www.compliancehome.com/resources/SOX/Articles/abstract18716.html Mon, 11 Jan 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18707.html Today, most IT organizations face a silent enemy: Rogue software components running in the datacenter, policies that cant be consistently enforced, and lack of transparency in deployment and update processes. Growing software complexity and the emergence of virtualization and cloud computing are pushing compliance to the brink. The stakes are high. At risk is noncompliance with PCI, HIPAA, SOX and other regulatory, corporate and IT mandates. And virtualization and cloud computing only compound the problem. http://www.compliancehome.com/resources/SOX/Webinars/abstract18707.html Mon, 11 Jan 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18690.html Even in a challenging business environment, your business still needs to deliver secure, highly available applications across its global WAN from corporate headquarters to branch offices and mobile workers. Managed service providers can help by letting your business reduce costs and simplify complexity. Learn from the analysts at IDC how your organization can address these challenges and benefit from managed services focused on application delivery to get the most out of your WAN. http://www.compliancehome.com/resources/SOX/Webinars/abstract18690.html Mon, 11 Jan 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18689.html The pressure is on as organizations today face mounting demands to maintain an enterprise-wide security posture while adhering to the growing number of compliance regulations. Without the right processes and tools to effectively navigate through the security and compliance maze, IT professionals often resort to manually poring through spreadsheets and pulling together all of the necessary data and proof points to pass their audit and check the compliance box. But it doesn't have to be this painful with today's innovations in compliance and IT risk management. http://www.compliancehome.com/resources/SOX/Webinars/abstract18689.html Mon, 11 Jan 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18688.html Mounting regulations across the globe have increased the cost and burden on organizations. The high cost is especially felt by organizations which must adhere to multiple requirements - 75 percent of organizations must comply with two or more regulations and corresponding audits and more than 40 percent must comply with three or more regulations. http://www.compliancehome.com/resources/SOX/Webinars/abstract18688.html Sun, 03 Jan 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18681.html ABSTRACT: In todays world of highly regulated industries, companies are overwhelmed with the complexity of complying with a multitude of laws, regulations and standards. Furthermore, IT is being asked to determine the business impact of IT control failures and to develop strategies to reduce the risk associated with these failures. Is your IT organization suffocating under the weight of conducting multiple assessments of duplicative controls and supporting too many controls where the cost greatly outweighs the benefit? The way to tame this beast is to leverage the commonality of multiple laws and regulations to harmonize and reduce the number of IT controls. In addition, automation of IT risk and compliance will help to reduce and in some cases eliminate error-prone manual processes for assessing and monitoring the state of IT risk and compliance. http://www.compliancehome.com/resources/SOX/Webinars/abstract18681.html Sun, 03 Jan 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18680.html The prime focus of Austin, Texas,-based StoredIQ formed in the late 1990s was on helping organizations manage storage growth and its attendant costs. At the time, companies tended to solve their data explosion problems by just buying more storage, but this sort of head-in-the-sand response became untenable as compliance regulations such as HIPAA and Sarbanes-Oxley took effect. And as the majority of enterprise data moved online, e-discovery became an increasingly expensive concern. http://www.compliancehome.com/resources/SOX/Articles/abstract18680.html Tue, 29 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18666.html With hundreds and thousands of automated systems producing log data, an organization's ability to respond to http://www.compliancehome.com/resources/SOX/Webinars/abstract18666.html Tue, 29 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18665.html A new security solution that integrates palm vein biometric technology from Fujitsu with IBM's single sign on solution, improves security and better manage compliance with healthcare, financial services and government regulations. Employees can securely access applications, files and websites with a single scan of their palm by eliminating the need to remember multiple passwords and the threats posed by those lost or stolen. http://www.compliancehome.com/resources/SOX/Articles/abstract18665.html Tue, 29 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18657.html A leading global affinity marketer of value-added membership, insurance and package enhancement programs and services to consumers, Affinion Group, Inc.,announced that Tom Williams, the Companys Chief Financial Officer, will be leaving the Company after a suitable transition period. http://www.compliancehome.com/resources/SOX/Articles/abstract18657.html Tue, 29 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18654.html For organizations currently using traditional infrastructures, a cloud will enable users to consume IT resources in the data center in ways that were never before available. Agencies following traditional data center management practices know that making IT resources available to an end user can be time-intensive. A cloud dramatically alleviates this problem by implementing automation, business workflows and resource abstraction. So why havent more agencies moved toward cloud computing. Where does your agency stand? Join us in this cloud computing Webcast to hear Teri Robinson, contributing editor of 1105 Media Group, discuss current issues and hot topics in debate around cloud computing. 1105 Media talks regularly with IT managers, vendors, procurement and many others, and has deep insights into the questions being asked, the worries and fears, as well as the triumphs and successes of those who have taken the plunge. In addition, you will hear Howard Levenson, a cloud expert from http://www.compliancehome.com/resources/SOX/Webinars/abstract18654.html Tue, 22 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18642.html In one hour, gain the insights and guidance you need to measure compliance, reduce manual efforts, and streamline executive and auditor reporting. http://www.compliancehome.com/resources/SOX/Webinars/abstract18642.html Tue, 22 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18639.html Regulations such as SOX and PCI, along with high-profile data breaches, have focused attention on ensuring the integrity of corporate data and preventing information leakage from the data center. As a result, the responsibility for implementing data-centric security is moving from database administrators to the IT security organization, which may now find itself in unfamiliar territory. The presenter will describe how to elevate the security of the enterprise applications (Oracle, SAP, PeopleSoft, Siebel, etc.) and underlying database infrastructure. It will explore key topics such as SQL injection, monitoring privileged insiders, establishing granular access controls around sensitive data, practical alternatives to database encryption, and baselining the database environment to identify anomalous behavior. http://www.compliancehome.com/resources/SOX/Webinars/abstract18639.html Tue, 22 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18628.html Most of the users give little thought about the technology behind the service when it comes to fax over IP, or FoIP. While it may seem easy to deploy, there are a number of intricacies running behind the scenes. As noted in Part I of TMCnets FoIP series, Max Schroeder (News - Alert), senior vice president of FaxCore, a Denver-based fax server application provider, showcased legacy technologies, such as fax boards and fax machines. http://www.compliancehome.com/resources/SOX/Articles/abstract18628.html Tue, 22 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18627.html Businesses are embracing Web-based services to speed up innovation, collaborate on a global scale, reduce operational costs, and grow their bottom line. Falling IT budgets, a shift by businesses from CAPEX to OPEX spending for IT solutions, and the maturing of on-demand technologies are driving businesses to outsourced models. As a result, new and traditional IT vendors, including Microsoft, are transitioning to a subscription-based services model. Regardless of the terms cloud computing, on-demand, SaaS, or virtualized delivery, IT and business applications are increasingly being acquired and consumed as a utility. http://www.compliancehome.com/resources/SOX/Articles/abstract18627.html Tue, 22 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18626.html IT faces a number of challenges supporting the business today. Economic pressure to save money and do more with less is driving even more applications outside of the firewall and into the Cloud. Users demand Internet Single Sign-On, applications need to securely share user identity and IT needs to manage user accounts in tens or even hundreds of remote directories. All of this must be accomplished in a secure, fast, easy, scalable and cost effective way that complies with regulations like Sarbanes-Oxley and HIPAA. Ping Identity proudly announces the release of PingFederate 6.0, the first Secure Internet Identity Platform to fulfill these requirements both inside and outside of the firewall. http://www.compliancehome.com/resources/SOX/Webinars/abstract18626.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18622.html Regulatory compliance will continue to influence data security projects in 2010, as a slew of security and privacy regulations are due to go into effect. New rules at both the federal and state level will require IT managers to deploy protective technologies such as encryption to achieve compliance. http://www.compliancehome.com/resources/SOX/Articles/abstract18622.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18621.html The Fair Fund distribution of approximately $418 million to more than a million investors who were harmed by market timing activities in certain Invesco mutual funds managed by Invesco Funds Group, Inc., announced by the Securities and Exchange Commission. The distribution includes $325 million in disgorgement and penalties collected from the IFG after the Commission settled proceedings with IFG in 2004, plus $39 million in accrued interest. http://www.compliancehome.com/resources/SOX/Articles/abstract18621.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18611.html Database attacks, rogue insider threats and compliance (SOX, PCI-DSS, NIST 800-53, SAS70) are driving enterprises to take a closer look at how they manage database vulnerabilities, enforce change controls and log database activity. The presenter of this webcast discusses how to protect heterogeneous database infrastructures with automated and centralized controls - without degrading performance, generating massive amounts of unfiltered log events or creating more work for the DBAs. How to automate vulnerability and configuration assessments in order to rapidly identify vulnerable procedures, empty passwords and misconfigured privileges that cybercriminals exploit to compromise the corporate and customer data, is also discussed. http://www.compliancehome.com/resources/SOX/Webinars/abstract18611.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18610.html The attendee of this webcast will learn the top 5 scenarios and essential best practices for preventing database attacks and insider threats, as well as best practices for reducing compliance complexity by automating and centralizing cross-DBMS controls for key regulations such as SOX/COBIT, PCI-DSS, NIST 800-53, SAS70 and data protection laws. http://www.compliancehome.com/resources/SOX/Webinars/abstract18610.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18609.html The attendee of this webcast will learn why Guardium S-GATE is the only cross-DBMS technology that blocks privileged users from accessing sensitive data - without disrupting applications or changing database configurations. The attendee will learn how S-GATE provides preventive controls that complement http://www.compliancehome.com/resources/SOX/Webinars/abstract18609.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18608.html Regulations such as SOX and PCI, along with high-profile data breaches, have focused attention on ensuring the integrity of corporate data and preventing information leakage from the data center. As a result, the responsibility for implementing data-centric security is moving from database administrators to the IT security organization, which may now find itself in unfamiliar territory. The presenter will describe how to elevate the security of the enterprise applications (Oracle, SAP, PeopleSoft, Siebel, etc.) and underlying database infrastructure. It will explore key topics such as SQL injection, monitoring privileged insiders, establishing granular access controls around sensitive data, practical alternatives to database encryption, and baselining the database environment to identify anomalous behavior. http://www.compliancehome.com/resources/SOX/Webinars/abstract18608.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18604.html The US House of Representatives passed a bill, backed by the Obama administration, to revise government regulations covering banks and financial firms. The bill has been widely reported in the media as the most sweeping reform of bank regulations since the New Deal measures passed in the wake of the stock market crash of 1929. It is being cast as a rebuke to Wall Street for its role in precipitating the financial crash and recession, and a major tightening of government oversight of the banks. http://www.compliancehome.com/resources/SOX/Articles/abstract18604.html Fri, 11 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18584.html The attendee of this webcast will learn the top 5 scenarios and essential best practices for preventing database attacks and insider threats, as well as best practices for reducing compliance complexity by automating and centralizing cross-DBMS controls for key regulations such as SOX/COBIT, PCI-DSS, NIST 800-53, SAS70 and data protection laws. http://www.compliancehome.com/resources/SOX/Webinars/abstract18584.html Fri, 11 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18573.html President Obama, as he laid out his latest fiscal stimulus proposals stressed that the main goal is to encourage the growth of the small businesses that create most new American jobs. House Democrats apparently have other priorities. As early as today, Pennsylvania Democrat Paul Kanjorski plans to introduce an amendment that would apply the most onerous Sarbanes-Oxley regulations to the smallest public companies. Supported by House Financial Services Chairman Barney Frank, this amendment to the financial re-regulation bill now moving through the House would inflict millions of dollars in compliance costs upon thousands of companies. http://www.compliancehome.com/resources/SOX/Articles/abstract18573.html Fri, 11 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18564.html The Supreme Court cast doubt on the validity of part of the anti-fraud law enacted in response to Enron and other corporate scandals early this decade. The court heard arguments in a case over the composition of the board that was created to tighten oversight of internal controls and outside auditors following accounting scandals at Enron Corp., WorldCom Inc., Tyco International Ltd. and other corporations. http://www.compliancehome.com/resources/SOX/Articles/abstract18564.html Fri, 11 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18563.html The number of Securities and Exchange Commission settlements declined for the second consecutive fiscal year in 2009, with 626 defendants, compared to 673 in FY 2008, according to NERA Economic Consulting's fiscal year-end SEC Settlements Trends report. The 2009 fiscal year-end figures represent the lowest annual number of settling defendants since the Sarbanes-Oxley Act (SOX) was implemented in 2002. http://www.compliancehome.com/resources/SOX/Articles/abstract18563.html Fri, 11 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18551.html A U.S. Supreme Court case may prompt Congress to scale back the 2002 Sarbanes-Oxley law, the measure that tightened oversight of financial disclosure after the Enron Corp. and WorldCom Inc. collapses. The justices will consider a challenge to one of the laws central features: creation of the Public Company Accounting Oversight Board as the auditing industrys watchdog. A Nevada accounting firm and a small-government advocacy group say the board lacks the presidential control that the Constitution requires for executive branch agencies. http://www.compliancehome.com/resources/SOX/Articles/abstract18551.html Fri, 04 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18544.html The Internet Security Alliance, an industry group affiliated with Carnegie Mellon's cybersecurity laboratory, issued a report that argues that giving businesses incentives and not regulating them will better safeguard the nation's IT systems. Entitled Implementing the Obama Cybersecurity Strategy Via the ISA Social Contract Model, the ISA contends the process of developing effective regulations is inherently time consuming and that any regulations specific enough to assure improved cybersecurity would become outdated soon after their enactment. http://www.compliancehome.com/resources/SOX/Articles/abstract18544.html Fri, 04 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18541.html The leaders of the Senate Banking are requested by the Center for Audit Quality Housing and Urban Affairs Committee to resist efforts to exempt small businesses from compliance with Section 404(b) of the Sarbanes-Oxley corporate reform act of 2002, according to a statement today by the accounting public policy organization. http://www.compliancehome.com/resources/SOX/Articles/abstract18541.html Fri, 04 Dec 2009 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18523.html To endure an IRS audit is the only way for a payroll manager to know how a company will fair in an IRS auditOr is it? Since calling in the IRS to conduct an internal audit is not an option, what about the next best thing? Conduct the same kind of comprehensive audit of all the company's taxation policies and practices yourself. Become the IRS agent. Seek out all the noncompliance issues. Hunt through all the practices with the intent of finding something amiss. When you self-audit, you hope you do find something so you can fix it and be in compliance. http://www.compliancehome.com/resources/SOX/Articles/abstract18523.html