“In many cases, organizations and their company officers found to be non-compliant may be subject to fines or legal action, in addition to facing exposure to risks associated with internal data breaches. “
Did
you know?
In general,
compliance means conforming to a specification or policy,
standard or law that has been clearly defined.
Corporate scandals and breakdowns such as the
Enron case in 2001
have highlighted the need for stronger compliance
regulations for publicly listed companies. The most
significant regulation in this context is the
Sarbanes-Oxley Act developed by
two U.S. congressmen, Senator
Paul Sarbanes and
Representative
Michael Oxley in 2002 which
defined significant tighter personal responsibility of
corporate top management for the accuracy of reported
financial statements.
Compliance in the USA generally means compliance with laws
and regulations. These laws can have criminal or civil
penalties or can be regulations. The definition of what
constitutes an effective compliance plan has been elusive.
Most authors, however, continue to cite the guidance
provided by the United States Sentencing Commission
in
Chapter 8 of the Federal Sentencing
Guidelines.
On October 12 2006, the U.S. Small Business Administration
re-launched
Business.gov which provides
a single point of access to government services and
information that help businesses comply with government
regulations.
There are a number of other regulations such as
GLBA,
FISMA, and
HIPAA. In some cases
other compliance frameworks (such as COBIT) or standards
(NIST) inform on how to comply with the regulations
The
Chief Compliance Officer (CCO) of a
company is the officer primarily responsible for overseeing
and managing compliance issues within an
organization. Generally, a
CCO is in charge of overseeing and managing compliance
issues within an organization, ensuring, for example, that
a company is complying with regulatory requirements, and
that the company and its employees are complying with
internal policies and procedures. The CCO typically reports
to the Chief Executive Officer. The role has long existed
at companies that operate in heavily regulated industries
such as
financial services and
healthcare.
Will you be next?
German
bank data theft a wake up call, say security experts
Wednesday
10 December 2008 11:51
Data
theft culture ‘flourishing,’ survey finds
Tuesday
21 November 2006 02:42
Note: Alcatraz: Photographed
by and copyright of (c) David Corby (User:Miskatonic,
uploader) 2006