Spreadsheet Compliance Risks and How to Avoid Them, IT Compliance Institute
According to a recent study, 88 percent of firms use spreadsheets of material importance in financial reporting – a statistic that raises big compliance questions given the spreadsheet’s popularity and unstructured history. Understand the benefits, limitations, and audit implications of spreadsheet use in your organization.

Internal Controls to Examine When Auditing Backend Operations of Messaging Systems, IT Audit
Businesses rely on electronic messaging to accomplish a broad range of business tasks and mission-critical objectives. Securing your increasingly-important messaging system requires the right mix of controls, processes, and operating procedures.

Statement of Charles D. Niemeier on the Adoption of a Revised Auditing Standard on Internal Control over Financial Reporting, PCAOB
In the PCAOB’s open meeting on May 24th preceding adoption of the new Auditing Standard 5, Niemeier shares his opinions and insights, including the need to balance concerns about cost with the fact that Sarbanes-Oxley’s provisions on internal control reporting and auditing have been resoundingly beneficial to investors.

Risk Management in the Enterprise, Enterprise Servers
SAS Institute's Annual International Benchmark survey on Enterprise Risk Management (ERM) in the financial sector recently revealed that 25% of respondents had no current strategy regarding ERM, and that "compliance fatigue" is taking a toll on the industry.

Plug the Gaps in Your Enterprise Risk Management Strategy, IT Compliance Institute
Despite the various risk assessment models or frameworks -- CobiT, ITIL, ISO 27002, and NIST 800-30 -- no single standard or framework really addresses security completely and effectively. Consider the four strong security models and methodologies recommended here to plug any security gaps in your risk management program.

How Microsoft Deals With Risk Management, CIO Today
One Microsoft risk manager finds excitement in her job by getting an understanding of how the company is growing and bringing new and exciting innovations to market and the approach required to manage those risks.

The Yin and Yang of Risk, Tone at the Top
Many believe that new and stringent regulations are causing boards to focus more on preventing downside risk than on creating upside potential; and eroding shareholder value in the process. (Click July 2007 edition)

AS5 Guidelines Make SOX 404 Compliance as Easy as 1-2-3? SmartPros
AS5, the new auditing standard approved by the SEC, replaces the PCAOB’s Auditing Standard No. 2, and is supposed to provide clear management guidance, including clearer explanations and definitions, top-down risk assessments, and focus on controls that have the potential to detect or prevent material misstatements.

Corporate Governance Handbook 2007 Provides Practical Guidance To Directors, The Conference Board Issues
The complexity of the legal environment and pressure from multiple constituents, pose challenging issues for corporate directors. A new handbook, Legal Standards and Board Practices, explains the revised functions of the director’s job, including delegation to board committees, conduct of board meetings, adoption of governance guidelines, succession planning, engagement oversight, risk governance, and more.

Study Reveals Continued High Cost of Being Public, Foley & Lardner LLP
Since the onset of SOX, companies have faced a 171% increase in compliance cost between fiscal years 2001 and 2006. Board compensation, audit fees, and legal fees are the primary drivers of out-of-pocket costs.

Investors Say Sarbanes-Oxley Got It Right, Compliance Home
In a recent survey, 57% of investors believe that the requirements of the Sarbanes-Oxley Act, that keeps CEOs and senior management accountable for the accuracy of their companies, is right on the mark -- making corporate management adhere to higher standards of conduct and transparency.

Organized crime infiltrates financial IT, InfoWorld
The newest crime being carried out in enterprise financial businesses is employees who are working for criminals on the outside to steal sensitive information. A new report published by anti-fraud software maker Actimize claims that employee fraud is being carried out by IT workers trained and recruited by organized criminals to steal sensitive data.

Change Management IT Audit Checklist, IT Compliance
With the dependency on interdependent IT systems, risks have increased proportionally. Change management can control objectives, policies, and procedures associated with new elements and other modifications in IT environments. (Free registration required)

10 physical security measures every organization should take, TechRepublic
According to this technology consultant, software based security is not the only way to secure the network for organizations; network security should start at the physical level. The top 10 physical security tactics are discussed, including locking the server room, using surveillance, using rack mount services, and disabling drivers.

GNAIE Backs FASB International Contract Standards Project, National Underwriter Life & Health
Many government employers are still unclear about how they will implement the new rules for managing retiree health benefit obligations since passage of the December 2006 GASB rule requiring them to include non-pension retirement benefit obligations as expenses in annual statements.

Public Employers Prepare For Health Accounting Shift, National Underwriter Life & Health
As of December 15, 2006, city, state and county employers that will be affected by new Government Accounting Standards Board rules requiring them to comply with stricter rules for managing retiree health benefit obligations.

LIMRA Report Forecasts More Than 360,000 U.S. Firms May Soon Add a New Voluntary Benefit, insurancenewsnet.com
LIMRA forecasts strong opportunities in the voluntary benefits market with an estimated 360,000+ U.S. firms soon looking to add new voluntary benefits for employees.

Towers Perrin Survey Indicates Increase in Companies' Use of Value-Based Measures for Financial Reporting, insurancenewsnet.com
Value-based measures have significantly increased for internal reporting, executive compensation, and performance measurement according to Tillinghast’s latest insurance-company CFO survey.

FASB Asks For Insurance Contract Accounting Comments, National Underwriter Life & Health
The Financial Accounting Standards Board is soliciting opinions from the makers and users of financial reports for a project that would provide accounting and reporting guidance for both the issuer and the holder of an insurance contract.

Policy Group Urges Increase In CHIP Cut-Off Age, National Underwriter Life & Health
The increasing number of uninsured young adults is a national concern, and Congress recently responded by passing a measure, as part of The CHIP reauthorization bill, that would allow states to increase access to CHIP plans and dependent Medicaid coverage up to age 25.

A Common-Sense Approach to Board Evaluations, Bank Director
While small banks are not forced to comply the Sarbanes-Oxley Act which requires large banks to evaluate their board of directors regularly, evaluating your board could be the key to the growth and success of a smaller bank.

The Top 10 Lessons of Katrina, Banking Strategies
Hurricane Katrina caused enormous damage shutting down most the retail banks across the area, and triggering these banks to create a disaster plan without any preparation. If disaster strikes again, these banks will have a much better chance at recovery than others who never faced disaster. Here are ten lessons to help banks prepare for recovery after a natural disaster.

Stiff Fines Prompt Amex to Bolster Money-Laundering Vigilance, eWeek.com
A US District Court in Miami filed an uncontested charge against American Express Bank International for a single count of failing to maintain an effective anti-money laundering program. As a result, the bank must pay $65 million for not installing/maintaining anti-money laundering software in its Miami office location.

Wrapping Your Arms around IT Compliance, Bank Director
Because of bank’s data systems, today’s bank directors are taking technology compliance more seriously and realizing that they need more than guards, physical security systems, and vaults to stay protected.

Flood of State Laws Crack Down on Elder Abuse, U. S. Banker
More than 2 million senior citizens become victims of financial fraud every year by family members, caregivers, con men, or banks; and states are responding with new laws that hold banks accountable for neglecting to report evidence of financial abuse.

Pandemic Exercise Sets Goals – 650 Institutions Already Registered, BankInfo Security
Over 650 institutions have registered for the Pandemic Plan National Exercise being sponsored by the US Treasury Department and operated by the Financial Services sector Coordinating Council for Critical Infrastructure Protection, Homeland Security, and the Financial Banking Information Infrastructure Committee. This will be the first such exercise conducted to target the entire financial services sector. (Free subscription required.)