Use Internal Auditing to Improve Processes, Compliance Advisor
The internal audit team can truly give management the “warm fuzzies” by taking serious its obligation to add value to the organization and by becoming a partner with management. Every audit is an opportunity to share best practices, provide objective and constructive evaluation of the organization’s progress against plan, and share findings in a manner that helps cultivate a culture of continuous improvement.

President Bush’s Identity Theft Task Force Releases Plan, SmartPros
The President’s Identify Theft Task Force released its strategic recommendations for fighting against identify theft, which call for reducing the unnecessary use of Social Security numbers, establishing national standards to safeguard personal data; implementing a sustained awareness campaign; and creating a National Identity Theft Law Enforcement Center.

T&E Expense Policy and Reimbursement Process: Not What it Was a Few Short Years Ago, SmartPros
As companies look to shore up policy gaps, control costs, and cultivate an ethical work environment, the last bastion of free-wheeling – travel and entertainment (T&E) expenses – has come under increased scrutiny as companies clamp down on reimbursable activities, eliminate cash advances, and negotiate favorable rates with preferred vendors, among other things.

Disaster Planning: Focus on Employees Instead of Infrastructure, U. S. Banker
Employees are not machines, agreed? Then why is it that most companies have taken precautions to ensure continued workability in case of technological problems, but fail to take those same precautions when it comes to potential workforce stoppage or disruption due to risks of the human condition, such as pandemic flu? Continuity planning is evolving to incorporate a new focus on employees.

The Double Whammy: Regulation and Litigation, Chief Executive
CEOs have done a good job of separating litigation and regulation, and compartmentalizing the distinct response mechanisms for each. But it may all be for naught since it seems that the country’s legal system can punish you for both in much the same way.

Best Practices for Enterprise Risk Management, Compliance Advisor
Risk is integral to doing business in financial organizations, like banks and insurance companies, which actively seek out opportunities to bear certain kinds of risk.  Classification of various risks into functional categories defines risks in a way that enables differentiated and appropriate action, and forms the basis for a sound ERM program for these institutions.

Sarbanes-Oxley advice for smaller public companies, SearchCIO
After hearing consecutive years of complaints from their larger brethren about the excessive cost and burden of Section 404, it’s only natural that small companies that are now being forced to comply with SOX are becoming more nervous as their day of reckoning approaches. This article offers practical advice to help small cap companies prepare.

Send Sarbanes-Oxley to the Court of Investors, AMERICAN.COM: A Magazine of Ideas
Everyday there seem to be more questions around whether SOX is necessary or as beneficial as initially anticipated. This list of pros and cons points out pertinent facts and observations, giving readers a chance to decide for themselves.

Companies are Choosing to Invest More in Internal Control, Ernst & Young
In this survey, which investigates whether organizations not subject to Sarbanes-Oxley are investing in internal control, (75%) of respondents — comprising some of the world's largest organizations — plan to invest more in internal control after seeing significant business benefits.

The IT Strategic Plan Step-By-Step, Forrester Research
This article provides a step-by-step guide for developing a long-range IT strategic plan, including a detailed operating plan, to raise the value of your IT function within the organization. A well-developed plan must be current, purposeful, aligned with the business’ needs, and must include an honest assessment of IT’s capacity to support the business’ needs, among other things. Free registration required.

Information Technology and the Board, Deloitte & Touche
IT professionals have established their importance, among middle and upper management, as the muscle behind organizational strategy, and has earned a seat at the strategy table. But if the Board fails to embrace the power of IT, they could be missing a key opportunity to increase shareholder value as well.

Thumb Drives Replace Malware As Top Security Concern, InformationWeek
According to a recent study of IT professionals, the popularity of portable storage devices -- like USB flash drives and MP3 devices -- has become a major data security concern for their ability to download large amounts of data quickly, and their tendency to become lost or misplaced. While their use and popularity are gaining and widespread, most companies have no policy to govern use of the devices.

Moving Targets: The Risk of Mobile Devices, IT Compliance Institute
Although Blackberries, PDAs and IPODs afford extreme convenience, they could become a very costly convenience to businesses given the significant risk of lost or stolen data, and the attending security breach that could result. Companies are becoming more sophisticated in their efforts to control the risks associated with these devices by assessing critical areas of mobile data management.

Sarbanes-Oxley: Lessons Learned, Insurance Networking News
Insurance companies are beginning to understand the possibilities of using technology to monitor internal controls and to perform "continuous auditing," which includes detecting questionable transactions as they occur, as well as preventing errors or fraud through proper controls in ERP and financial accounting systems.

NAIC Adopts Model Law Development Framework, NAIC News Release
Earlier this month, the National Association of Insurance Commissioners adopted a new Model Law development framework that will enable the organization to effectively respond to state, national, and international regulatory developments for priorities that require national, uniform legislation and regulation. The new Framework calls for the parent committee and Executive Committee to approve, by simple majority vote, the development of a Model Law before drafting begins.

Enterprise Risk Management for Insurers: Actuary Theory in Practice, Contingencies
As insurers begin to compete more aggressively with non-insurance entities for market share and capital, they must begin to balance the total mix of assets and liabilities and ERM provides this conduit. Enterprise risk management (ERM) in tandem with actuarial analysis allows for more informed decisions in today’s increasingly transparent business climate.

Insurers Making Progress at First Anniversary of Anti-money Laundering Regulation...But Challenges Remain, Insurance Newsnet
One year after the Department of Treasury’s Anti-money Laundering (AML) regulations took effect for insurance companies in 2006, this study, "Anti-Money Laundering Survey for the U.S.-Based Life Insurance Industry," provides insight into the insurers’ success with respect to meeting AML regulations, and the hurdles they still face in fully implementing their AML programs.

Banks' AML Strategies May Increase Risk Factors, Bank Systems & Technology
In large organizations, technology is an important component to implementing a consistent AML program across the entire enterprise and moving toward multidimensional risk indicators rather than working in silos. Banks that falter in the manner in which they implement AML strategies could be putting their institutions at further risk.

Subprime Lending Market: Mitigating Risk in a Risky Business, Deloitte &Touche
At one time the subprime lending market was just as rewarding as it was risky, but with increasing foreclosures and bankruptcies, these lenders have to begun to take the steps to lessen the risks.

Departing Fed Governor Susan Bies Offers Risk Management Advice, ABA Banking
Departing Federal Reserve Board Governor, Susan Schmidt Bies, offers an appealing idea on how regulators and examiners can make better use of soft skills in the banking industry to make their work more meaningful and beneficial to all.

SOX Survey: Financial Execs Bullish on Continuous Monitoring, SmartPros
In a recent study of financial executives, nearly all (90 percent) report a cultural change among U.S. business leaders toward institutional integrity and fraud prevention as a result of the high-profile corporate scandals of the early millennium.