Tag Archive: sox

Out of Order: 5 Compliance Projects Gone Terribly Wrong

Written by - May 26, 2017
managing third party risk

No one wants to admit that compliance can go horribly wrong, but it does happen. If you’re worried about how to handle a problem, Reciprocity’s seasoned GRC experts can assure you they’ve seen it all. In this webinar, Matt Kelly, Editor of Radical Compliance talks with our own Aaron Kraus, Dave Schmoeller, and Dave Driggers as they share their stories of working on implementing compliance projects, how projects can detour, and what compliance executives should focus on during GRC implementation.   Aaron Kraus Reciprocity’s director of GRC security has consulted in every field necessary including government, financial services, and healthcare in a variety of roles including designing, implementing, and auditing. He’s also experienced in teaching CISSP exam preparation, Mac OSX,…

Infosec Standards and Regulations: A Primer Sorting Compliance By Hogwarts House

Written by - May 23, 2017
infosec standards and regulations

Infoc standards and regulations being sorted into Hogwarts houses seems silly, but it helps organize the way we think of them.

Understanding SOX Requirements & The Sarbanes-Oxley Act

Written by - April 27, 2017
Sarbanes-Oxley

The Sarbanes-Oxley Act of 2002 (SOX), named after Paul Sarbanes and Michael Oxley, is a law that implements regulations on publicly traded companies. In 2002, the US Congress passed the Sarbanes-Oxley Act (SOX) after a series of public scandals by large corporations such as Enron Corporation, Tyco International PLC, and WorldCom that led to a stock market plummet only a few months before the 2002 elections. The legislation intended to quell public fears of corporate misconduct and to require greater accountability by management and Boards of Directors when reporting financial data. However, Sarbanes-Oxley turned into a larger and more complex piece of legislation than originally planned. The Major Provisions of Sarbanes-Oxley The Sarbanes-Oxley Act of 2002 presented five main provisions. First, it created…

Top 3 Challenges When Updating Your Compliance Framework

Written by - October 7, 2015
Top 3 Challenges When Updating Your Compliance Framework

Well, it’s happened again. The framework you worked so hard to implement across your company needs updating. This typically occurs every 4-6 years to provide organizations with enough time to prepare. For example, Sarbanes-Oxley, GLBA/FFIC, FISMA, and HIPAA are frameworks associated with traditional computing. Traditional frameworks like these took a long time to update. Yet, in the last several years, frameworks covering new technology change every 2-3 years. Standards that cover cloud, mobile, encryption, and vendor management fit this new model.  Thus, you will need to prepare to update your framework on an annual basis to keep up with all the changes. Each change to your existing compliance framework will pose a challenge. First, you should understand the impact the…

Tags: , , , ,
Categorized in: