The Six Signs of Internal Fraud, SmartPros
According to a recent speech at the ACFE Fraud Conference, there are signs in all organizations that can improve your chances of detecting fraud.

Growing Demand for Internal Auditors Results in Real-world Educational Initiative, Business Wire
Internal audit is cited as one of the top five fastest growing professions. The IIA is spearheading an effort to ensure that the right type of educational resources are available to train the future generation of internal auditors.

The End of Ethics? Going Beyond Compliance Requirements, IT Business Edge
There is a distinction between ethics and compliance; and veteran ethics professionals are concerned that the ethics movement hasn't succeeded in actually producing more responsible behavior or creating a "culture of ethics."

An audit for auditor profession, Financial Week
A Treasury Department committee is slated to examine increasing auditor costs and the sustainability of the auditor profession. The committee plans to issue recommendations next summer focusing on quality of current audits, the need for changing auditor skill sets, and the structure of audit firms.

The Growing Role of the Chief Risk Officer, RM Magazine
Sarbanes-Oxley and Basel II have contributed to the growth of the CRO position which requires greater accounting oversight and measurement of international banking capital. The new CRO role requires being a single point person for all risks to which an organization might be exposed -- from accounting policies and procedures to technology networks. (Free registration required)

Down To Business: Manage Risk, But Don't Become Paralyzed By It, Corporate Governance
The ability to anticipate technological, economic, financial, regulatory, and other risks could play a significant role in the success of a business. This ability doesn’t rest on IT as a whole but on IT leaders, like the CIO, who must be able to manage all of these business risks at a complex level and fast pace.

Thinking through uncertainty: CFOs scrutinize non-financial risk, IBM
In this survey, researchers explore a variety of companies, their increasing involvement in non-financial risk management, and why this is becoming a more popular component of organizational risk management.

The Five Major Trends That Are Changing IT, Global Association of Risk Professionals
Five major discontinuities—including Web 2.0, software as a service (SaaS), global-class computing, the consumerization of IT and open-source software—will upset the balance of power between users and their IT organization; and force organizations to change long-standing practices for procuring and managing IT, according to a recent Gartner study.

Mid-Caps Continuing to Spend on Sarbanes-Oxley, Sarbanes-Oxley Compliance Journal
Mid-cap companies are paying out large amounts for SOX compliance but lack the financial and human resources of many larger companies.

Take a Risk-Based Approach To Testing, Sarbanes-Oxley Compliance Journal
Two new reports released by Financial Executives International discuss the outcomes of Sarbanes-Oxley compliance -- identifying best practices and providing insight into for SOX implementation.

Sarbox Peels Back The Onion, Forbes
Michael Oxley, co-author of the Sarbanes-Oxley legislation, recently spoke about how SOX is taking hold as a global standard, as countries in Europe and Asia are take measures to adopt similar requirements.

Our Markets Are Losing! Motley Fool
Is SOX to blame for the fact that foreign IPOs have been going to markets other than the New York Stock Exchange or Nsadaq? While many market watchers believe so, there is evidence that a significant number of these companies would not have qualified to list on Nasdaq or the NYSE in the first place, and that the majority of companies listed on the Shanghai exchange have overwhelmingly deficient levels of corporate governance.

Key Elements to an Effective Business Continuity Plan, AT&T White Paper
A good business continuity plan(BCP) requires understanding what is critical to the business, and encompassing all of those necessary parts – personnel, network platforms, applications and data – when evaluating the components that support critical processes. This article discusses effective BC planning, which should include a few basic steps. (Free registration required)

The rise of crimeware, CNET
More criminals are defacing popular websites using codes pasted on the company website that re-direct browsers causing users to download content unknowingly. This up-and-coming company lists 10 toolkits that can be used to help prevent the rise in crime ware.

10 things you can do to make sure your data doesn't walk out the door, TechRepublic
Protecting against hacker attacks, viruses and worms, and other high profile damage is not the only security issue your company should be focused on. This article lists ten measures to help keep your company’s data from walking out the door.

You don't want to hear it: 10 pieces of lousy security advice, ComputerWorld
Sometimes advice from security experts is less than stellar. Here are examples of telltale phrases that signal troublesome advice and the underlying messages in these phrases that can trigger faulty software.

Archiving and Storing E-mail, TechRepublic
With the growth of email and instant messaging, email records-management is a developing concern and IT’s new point of focus. New laws and increased enforcement of old laws now require companies to re-evaluate their records-management policies. (Free registration required)

CIOs Say Mobile Devices Pose Security Risk, BankNet360
According to a recent survey, CIO’s are increasingly concerned with data loss - technical product data, sales data, and customer details – accessible on mobile devices; and are seeking new ways to keep this information secure. (Free registration required.)

Compliance Provides Benefits Beyond The Obvious, InformationWeek
With consumers increasingly more concerned about the security of their personal information, companies that comply with the new regulations could gain a competitive edge over businesses that are not.

Pay-as-You-Live Insurance and Active Risk Management will help Industry Bridge to the future, Enterprise Networks and Servers
The results of a year-long global study conducted by IBM examined disruptive forces that will influence the industry over the coming years; and indicate that, by the year 2020, the insurance industry will take a whole new approach to product development that deals with life as it happens with products like Pay-as-You-Live insurance, and new processes that lower costs and broaden product appeal.

S&P Publishes Reinsurance Reports, Insurance Journal
Standard & Poor’s insurance ratings service has issued a series of reports on the reinsurance industry which cite challenging market conditions as the need for the industry to re-tool and deploy new and enhanced strategies — like increasing reliance on ERM, and taking a more disciplined approach — as critical elements of long-term success.

The SarBOX: Tsk, tsk...only worrying about the risk? Financial Week
While risk managers who are actively involved in Section 404 compliance report greater influence and visibility for their departments, many accuse these professionals of largely staying on the sidelines and failing to seize the opportunity, instead of when getting more involved as experts had hoped, especially when it comes to the enterprise risk management that the law’s Section 404 compliance seeks.

Insurers Want to Know: Does Enterprise Risk Management Add Value? Insurance Journal
According one critic, ERM proponents have paid little attention to demonstrating how it creates value. This raises concern that ERM will not survive, especially as CEOs and CFOs, who have invested massive resources into ERM programs, go unrewarded while the issue of maximizing the value of enterprise risk management remains inadequately addressed.

Companies penalizing workers with high health risks, USA Today
A small number of companies has linked health factors to what employees should pay for health benefits. This is a growing trend whereby businesses are deducting from employees' paychecks, adding insurance surcharges, or offering insurance discounts or rebates only to low-risk workers who are in good health. Some worry that this will soon amount to penalties for the sick or overweight, or serve as a prod to modify employee behavior.

A New Kind of Executive Needed for Future Bank CIOs, Bank Systems & Technology
Today’s 24-hour banking world has raised the bar for the requirements of the CIO. Banks now need someone who can operate among the other C-suite executives – making the CIO a top-priority position.

Rethinking Compliance in Consumer Credit, Banking Strategies
For the past 38 years, consumer credit regulation has improved drastically. But one consultant suggests a new approach to consumer credit compliance that would still uphold the law while reducing the amount of paperwork and cost to implement consumer credit regulations.

AML: Diligence Becomes More Pricey, U. S. Banker
Last year, U.S. institutions spent $147 million on anti-money laundering (AML) compliance products. The cost of analyzing and acting on information generated by automated AML tools has far surpassed expectations, and the banking industry is calling for a change.

Revised Bank Secrecy Act/anti-money Laundering Examination Manual Released, FDIC
The Federal Banking agencies and the Financial Crimes Enforcement Network have released the updated 2006 Bank Secrecy Act/Anti-money Laundering Examination Manual. The 2007 manual includes revised clarifications on supervisory expectations and incorporates regulatory changes.

Visa warns of higher fees for merchants who don't meet PCI deadline, ComputerWorld
Visa U.S.A. re-issued updates and clarifications to large merchants requiring them to meet PCI requirements by September 30th; or non-compliant merchants will no longer qualify for the best tiered interchange rates. PCI’s Data Security Standard (DSS) requires that all companies who process credit card or payment card transactions comply with the DSS standard which calls for encrypted transmission of cardholder data and periodic network scans among other things.

Banking Regulator Urges Lending Caution, Yahoo! Finance
In the aftermath of soaring mortgage defaults, Comptroller of the Currency John C. Dugan called on a return to more conservative lending practices, and urged bankers to be more cautious when making lending decisions at the recent annual convention of the American Bankers Association in San Diego.