Financial-Statement Fraud not a Solo Job, Institute of Fraud Prevention
This new study investigates fraudulent financial restatements that were filed prior to the enactment of Sarbanes-Oxley to assess and document the characteristics and level of complicity involved in corporate financial fraud. An average of seven people were involved in the fraud cases studied, which often involved the CEO and a management-driven board of directors.

Pressures Build for Continual Focus on Risk, PwC Study
This annual study of risk assessment trends reveals a lack of consistency across U.S. companies and even within many companies; and offers imperatives for strengthening the internal audit risk assessment process.

IIA reports increase in internal auditors, AccountingWeb
The internal audit profession has experienced unprecedented growth, increased salaries, greater visibility, and an enhanced perception of the position and role of internal auditors.

Risk in the Strategic Planning Process, Business Performance Management
Today’s technology-enabled business environment has more-than doubled the level of risk and uncertainty which appears directly related to rapidly-changing conditions and raised expectations for businesses to anticipate and respond immediately, or risk losing their competitive edge.

Tools and Techniques for Effective Implementation, Institute Management Accountants
This report discusses how companies can benefit from the ERM knowledge that finance professionals bring to the process, and how finance executives and management accountants can partner with the board and senior management to effectively implement their ERM programs (free registration required).

IBM Deepens Focus on Governance and Risk Management, CIO Business Technology Leadership
Through a series of strategic acquisitions, IBM has come to own several governance, compliance, and risk-related technologies which it is unveiling as a suite of new and improved IT products and services designed to meet the demand for IT governance and risk management software and services, and assist users in their efforts to comply with the increasing number of mandated regulations.

Reform of the Sarbanes-Oxley Section 404 Internal Control over Financial Reporting Regime, CCH White Papers
Last month was quite productive for the regulatory bodies: the SEC issued management guidance and amended a number of internal controls rules; while the PCAOB adopted a new Auditing Standard No. 5 on the audit of internal control over financial reporting. The Board also adopted a rule requiring audit committee pre-approval of non-audit internal control services. This white paper provides an analysis of the new standards, rules, and guidance.

The SEC, Corporate Disclosure and the Regulation of Substantive Behavior, Social Sclence Research Network
This essay explores the SEC’s use of disclosure in monitoring and influencing corporate governance practices since passage of The Sarbanes-Oxley Act, and investigates whether the SEC has become more overtly involved in the corporate governance process, and what potential such a trend could have for changing traditional corporate governance.

10 compliance threats to smaller companies, AccountingWEB.com
This list provides useful information that Smaller public companies performing their first management assessment under Sarbanes-Oxley Section 404 may find helpful in developing a strategy to assess high level risks within their companies.

FEI Survey says SOX Compliance Costs Fall 23%, ProfessorBainbridge
According to a recent FEI survey, Section 404 compliance cost 23% less in 2006 than in the previous year; but most executives maintain that the costs of SOX still exceed the benefits.

Navigating IT Management, Forrester Research
This document is a primer on Forrester's coverage of IT management trends, concerns, and advice which covers traditional roles and responsibilities of the IT organization as well as IT's role in driving business innovation and managing governance, risk, and compliance across the enterprise (free registration required).

Prevent identity theft by avoiding these seven common mistakes, Tech Republic
This article highlights seven common mistakes and oversights that many companies fail to identify as potential risks contributing to the loss or theft of personally-identifiable information (PII) which can place employee or customer data in the wrong hands (free registration required).

IT Audit vs. IT Compliance Responsibilities, IT Compliance Institute
It can be difficult to definitively establish the divide between the responsibilities of IT compliance and IT audit professionals given the broad and diverse roles of both groups from one organization to the next. This column provides insight from an auditor’s perspective.

10 dumb things users do that can mess up their computers, TechRepublic
With technology moving a warp speed, computer users within most organizations have varying degrees of technological savvy. This article suggests taking a baseline approach and provides tips that IT professionals should share to train employees on the basics of computer security, and to avoid common-sense mistakes that often occur because users just didn’t know any better (free registration required).

The next frontier in IT strategy, The McKinsey Quarterly
Unlike ten years ago, senior IT executives now believe they are well-aligned with their business partners in shaping corporate IT strategy, according to this survey of CIO’s (free registration required).

Modernizing Insurance Regulation, Insurance Information Institute
This article provides historical background regarding the state-regulated nature of the insurance industry and discusses the emerging trends surfacing within the national discussion on insurance industry reform, including a dual (federal/state) chartering system and modernization of the state system.

Corporate Governance Changing For Insurers, National Underwriter
Ratings giant, Moody’s Investor Service, recently released a report highlighting the need for insurance companies to improve board oversight of the risk they face, particularly in light of increasing regulatory pressure. The industry has responded, in part, by investing heavily in executive training for inexperienced board members.

Industry leaders debate federal vs. state regulation with Democratic Congress shift, Insurance Journal
This roundtable discussion features a diverse panel of industry leaders including a state regulator, who volley targeted questions in a debate over who should regulate the industry, and how the Democratic shift in Congress would impact the issue.

Captives & Other Risk Financing Options, Insurance Information Institute
This paper provides a comprehensive overview of the role of traditional insurance and reinsurance products, and chronicles development of the alternative market, including alternative risk transfer (ART) products, captives, self insurance, risk-retention groups, and other alternative market mechanisms which have come to cover 30 percent of the U.S. commercial market

Lawyers looking for needles in banks’ email haystacks, ABA Banking Online
Attorneys have found that email is one of the most productive mines during the process of “discovery.”  According to a 2004 study, more than one in five employers surveyed has had employee e-mail and instant messages subpoenaed pursuant to a lawsuit or investigation making this an increasingly risky communication preference.

Cyber Security: Insurance Not Standard Yet, But Choices Abound, U.S. Banker
New and evolving insurance products are designed to help companies mitigate the potential cost of a security breach resulting in loss or theft of data, and include a new online calculator which puts the cost of such a loss at $166 per data record.

Financial industry plans catastrophe drill, InvestmentNews
Government and financial-services industry groups are working together to produce a simulated pandemic scenario designed test the US financial services industry’s ability to respond to natural catastrophes and terrorism.

Planning the Profitability Road Ahead, Hyperion - TechRepublic
This paper describes effective profitability planning for banks, including establishing a framework for accountability and providing a system for determining and monitoring employee performance goals and compensation.