All Internal Controls articles – Page 47
-
Article
Effective governance and the Three Lines of Defense
Compliance officers, internal auditors, fraud investigators, controllers—all of them might work at one company together to assist the business in managing risk. The trick to effective governance is to assign all those professionals (and more) to their proper places in the Three Lines of Defense model.
-
Blog
COSO 2.0: Same Same but Different
Image: After 18 months of forewarning, the new COSO framework for internal control went into effect last week—and despite all the promises that COSO 2.0 isn’t substantively different than the old framework companies have used for a decade to manage SOX compliance, in reality, Compliance Week Editor Matt Kelly writes, ...
-
Blog
Report: Companies Struggle to Secure Sensitive Data
Many companies still struggle with how to secure their most sensitive data, elevating the risk of a data breach, according to a new cyber-security report of nearly 500 IT and security professionals conducted by information-security firm Trustwave. The report reveals significant security deficiencies and common security weaknesses still remain in ...
-
Article
Netflix Lawsuit a Lesson in Proper Internal Controls
Netflix is suing a former IT executive, alleging the man created a kickback scheme that netted him more than $500,000 as he executed contracts and approved invoices through sham arrangements with two vendors. Painful for Netflix, yes, but we have key lessons in segregation of duties and internal control worth ...
-
Blog
Some Predictions for the Coming Year in Corporate Governance
As 2014 enters its final month and the coming year looms just around the corner, it’s time for those lists of predictions of what 2015 will bring. Inside, columnist Richard Steinberg takes a look into his crystal ball for what developments will be shaping corporate governance in the coming year. ...
-
Blog
Rising Tides Around IT Audit
Image: At long last, IT audit is finding its place in the sun—so says the latest IT Audit Benchmarking Study, published last week by ISACA. By almost any measure, IT audit is getting a higher profile at large organizations. What does that mean for compliance officers, and how can they ...
-
Blog
Effective ICFR? The Citigroup Example
Earlier this year, Citigroup received a comment letter from the SEC asking about the effectiveness of its internal control over financial reporting, given the discovery of fraud in its Banamex division in Mexico. In this guest post, Audit Analytics examines the issues raised by the SEC, how Citi responded, and ...
-
Resource
e-Book: What to Look Out for When Implementing the COSO Framework Update
Like a house built with a solid frame, internal controls are at the core of ensuring effective compliance and risk management. Two recent developments have spurred companies to review that system of internal controls. The first is an update, published by COSO last year, to the framework most public companies ...
-
Article
Separation Conundrum: Should Compliance Be Independent of Legal?
Image: Title: RubinDespite the ongoing push for companies to separate the compliance and legal functions, giving chief compliance officers greater independence than they might otherwise enjoy while reporting to the general counsel, not everyone agrees it’s the only way to go. “I don’t think there is a right or wrong ...
-
Article
The Real Data Breach Risks Are Right Under Your Nose
While companies fret about shadowy hackers based in Russia and China hell bent on stealing customer information, employees—not cyber-criminals—pose the biggest threat to create data breaches and data loss, according to a recent study. Ungoverned and negligent file-sharing by employees is hitting epidemic proportions: More than half of respondents to ...
-
