Prediction No. 2: Manpower Reductions
With more and more manual processes associated with Sarbanes-Oxley compliance activities being automated through technology, we expect the people costs for SOX to fall off dramatically in 2006.
This is actually a pretty safe bet since it will be the third year that large public companies have had to manage SOX compliance. One could assume that everyone is getting more adept, including the independent auditors, so manpower costs should go down as a percentage of overall costs associated with SOX
Let Us Predict
The holiday season is now officially out of its cage and you know what that means . . . Yup, it's time for that annual right of analysts, pundits, journalists and wags everywhere to vent their predictions for the coming year.
But rather than wait and wrap all predictions up in a nice holiday bundle, I think I'll meter out our guesswork in the time-honored tradition of seasonal marketing campaigns that dictate the emergence of flocked trees and jingle bells shortly after the back-to-school sale
Something Else To Worry About, Or Not
It's right before Thanksgiving and I'm trying hard not to think curmudgeonly thoughts but just in case you haven't noticed your users downloading AOL's spiffy new IM client (which is much more than an IM client) be aware that instant messages aren't the only thing that could be breaking your compliance policies.
The new AIM Triton service, which became available for free download today, is an integrated communications client that off
What Happens In The Clubhouse Doesn't Stay In The Clubhouse
There is a code of conduct in professional sports dictating that what happens or gets said in the locker room stays in the locker room. Well, a quick scan of the sports headlines shows how closely that honor rule is followed. And the same holds true for corporate teams with the added problem of incidental and accidental information leakage.
I've been on a bit of a harangue the last couple weeks about monitoring the internal flow of information for compliance policy violations, as well as the i
Data Misuse Comes In Many Forms
Yesterday I issued a reminder that data security and compliance meant protecting the data stores as well as the network perimeter, but good compliance practices also require a consistent and thorough monitoring of the way your users are interacting with the enterprise applications, in particular your databases.
Once again we are talking mostly about internal intruders, those getting access to information they are not authorized to use or using authorized information in an unauthorized manner.
Stop Making It So Easy
An out-of-site, out-of-mind attitude toward data protection should leave most corporate exectives with that insecure, non-compliant feeling in the pit of their archives. And guess what? It does, but not enough take action—at least not yet.
The threat is still perceived to be at the barriers, while stored data remains relatively unprotected. The reason for this continued problem remains relatively simple. Companies set up policies and systems and then monitor activity at the borders with t
Regs Aren't Putting The Hurt On Fraud
We would never get a chance to be a fly on the wall during something as sensitive as a fraud examination, but Oversight Systems provides us with the next best thing. The company released today the results of a survey of 204 U.S. fraud examiners identifying current institutional fraud trends. And the findings are, well, eye-opening, to say the least.
Despite the increase in regulatory oversight, only seven perc