Skip to main content

Home/ WPPS C-Suite News/ Group items tagged board

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
sandy ingram

Study Finds Companies Struggle to Measure Effectiveness of the Compliance Function - 0 views

www.pwc.com/...PwC-Compliance-Week.jhtml

Privacy security compliance survey

shared by sandy ingram on 24 May 11 - No Cached
  • Senior compliance officers at more than 100 leading U.S. companies responded to 28 questions in four key areas critical for the compliance function: leadership, reporting relationships and structure; compliance function scope, focus and risk; metrics to gauge program effectiveness; and budget, staffing and resources. A major finding of the study: One of the biggest obstacles facing Chief Compliance Officers (CCOs) is measuring the effectiveness of their compliance functions - almost 40 percent of the companies surveyed said they make no attempt to measure the effectiveness of their compliance program.
  • “An effective compliance program is the cornerstone of cooperation credit allowed under the U.S. Sentencing Guidelines and stakeholders are demanding much higher transparency in how compliance risk is effectively managed,” said Miles Everson, PwC principal and global and U.S. risk and compliance leader.
  • “Without a clear measure of the compliance department’s effectiveness, much else is in jeopardy. Lacking this,
  • ...8 more annotations...
  • how does the board know that compliance risks are effectively addressed?  Let alone that the compliance function itself is effective? 
  • According to the study, a critical element to the compliance department’s success is the perceived stature of the CCO and his or her influence among other top leadership.
  • “It’s essential that the compliance function have visibility and direct access both to senior executives in the organization and to the board or one of its committees,” added Everson. “This access helps keep risk and compliance issues on the company’s agenda and lets key ethics and compliance issues surface in a timely fashion.”
  • The State of Compliance survey also provided another interesting glimpse into corporate compliance when it asked about reporting structures. Regulators have long preferred that a company’s top compliance officer report directly to the board, and just last year the U.S. Sentencing Guidelines were revised to state more clearly that CCOs should not be, nor report to, the general counsel.
  • PwC and Compliance Week also found that, over the next 18 months, CCOs anticipate significant challenges when it comes to risk - and that when issues arise, they expect the consequences to be severe.
  • When asked about several high-level categories of risk, such as compliance risk, security risk, reputational risk and others, 48 percent believed the likelihood of a compliance failure was high or very high. 
  • What's more, 65 percent of respondents felt the impact of a compliance risk event, should it occur, would be high or very high. 
  • Effective compliance programs need input and guidance from many different voices in the company (IT, internal audit, finance, security). It is in the company’s benefit for the compliance department to borrow resources from those teams to achieve its goals, rather than build its own expertise in each department.
  • sandy ingram on 24 May 11
     
    "The results of The State of Compliance: 2011, an inaugural study conducted by PwC US and Compliance Week, will be released today at the Compliance Week 2011 6th Annual Conference for corporate financial, legal, risk, audit and compliance officers in Washington, D.C. The report - the first of its kind - identifies a wide range of compliance issues confronting organizations today and will stay current as new companies participate, accurately reflecting the changing compliance landscape."
sandy ingram

REPORT: show lack of executive oversight in data protection. - 0 views

www.marketwatch.com/...story.aspx

informaiton executive board cybersecurity Report Carnegie Mellon Red Flag

shared by sandy ingram on 03 Dec 08 - Cached
  • survey also said that cybersecurity issues need to be seen as an enterprise risk management problem rather than an IT issue.
  • "Managing cyber risk is not just a technical challenge, but it is a managerial and strategic business challenge,"
  • senior management has not budgeted for key positions requiring expertise in cybersecurity or privacy areas. "No wonder the number of security breaches has doubled in the past year
  • sandy ingram on 03 Dec 08
     
    survey also said that cybersecurity issues need to be seen as an enterprise risk management problem rather than an IT issue.
1 - 2 of 2
Showing 20 items per page