CA on Governance, Risk and Compliance (GRC)
- Insights and observations on happenings in the GRC market
Oct 30 08
EuroSOX - Does it really exist?
Against a whole wave of financial scandals driven by fraudulent accounting practices that involved major US corporations such as Worldcom, Enron and Tyco, the US Senate and House of Representatives …
Read MoreOct 28 08
OCEG Webinar on Achieving a Unified Approach to GRC - Wednesday 2pm ET
Interested in learning more about achieving a unified approach to GRC? On Wednesday, October 29 at 2 pm Eastern, join me for a webcast hosted by the OCEG (Open Compliance and Ethics Group).
I’m looking forward to sharing an outline for …
Read MoreOct 27 08
Accountants Point Fingers at Failed Corporate Governance as Cause of Financial Crisis
Compliance Week recently reported on a policy paper issued by the Association of Chartered Certified Accountants attributing the current financial crisis to failed corporate governance, not sub-prime mortgage defaults as others have suggested. CA’s Christopher Fox takes a look at the ACCA’s findings and weighs in with his thoughts.
Read MoreOct 24 08
CA Global Survey Highlights Key Compliance Trends
Results of a recent CA global survey of nearly 575 IT professionals finds that the continuing high cost of compliance and manual processes remain top issues for compliance executives. Read this recap of the survey findings by CA's Sumner Blount to learn more.
Read MoreOct 23 08
CA’s Yves Le Roux Presenting at ISACA Info Security Management Forum
If you plan to attend the ISACA Information Management Security Forum in Scottsdale, AZ next week, make sure to introduce yourself to CA’s Yves Le Roux. He is presenting two sessions at the event on Monday, Oct. 27.
In …
Read MoreOct 21 08
Auditing Standard No. 5: Helping to Streamline SOX Compliance Efforts
Familiar with Auditing Standard No. 5? CA's Christopher Daugherty offers up an interpretation of the standard and touches on one of the key benefits -- that following the guidance presented in the AS 5 standard can help to streamline SOX compliance efforts.
Read MoreOct 16 08
ISACA IT Governance, Risk & Compliance Conference – Event Recap
In today’s post, CA’s Allan Gajadhar provides a recap of the ISACA IT Governance, Risk & Compliance conference.
Read MoreOct 14 08
Our Take on a Centralized and Unified GRC Strategy - OCEG GRC360 Fall 2008 Issue
In the Fall 2008 issue of OCEG’s GRC360 publication, you’ll find an article outlining our vision for a unified approach to GRC. In talking to companies, we often find that risk and compliance activities are handled …
Read MoreOct 8 08
Policy Lifecycles: The Foundation for a Unified GRC Approach
Most companies seem to agree that a unified approach to GRC is the right path, but many may be struggling to get there. In this post, Sumner Blount shares CA's take on the policy lifecycle approach and its role as the foundation for unified GRC.
Read MoreOct 6 08
Cyberwar: New Regulations Address External Cyber Threats & Increase Need for a Centralized View
Ever considered the implications cyber-warfare may have on your GRC initiatives? Allan Gajadhar takes a look at the federal IT security landscape, touching on the increasingly complex regulatory environment, and weighs in on how organizations can better manage oversight of their IT security initiatives through a more centralized approach.
Read MoreOct 3 08
CA World 2008 — New GRC Track & Exclusive OCEG Luncheon
Each fall here at CA, we host a big customer and partner event called CA World. Some of you may have even joined us in the past – to learn about the latest and greatest from us and …
Read MoreOct 2 08
Sometimes Even the Politicians Get It Wrong
Comments from a panelist on “This Week with George Stephanopolous” point to the lack of regulation (particularly SOX) as a cause for the current financial crisis. Sumner Blount weighs in on how they got it wrong and shares his thoughts on the real intent of SOX.
Read MoreOct 1 08
Are You Counting on a PCI Guarantee?
Likening PCI compliance to locking your windows and doors to prevent a burglary, Mike Hoefgen explores a dangerous assumption that some experts still seem to be making: That becoming PCI compliant means you’re fully protected from a data breach.
Read More