SlideShare une entreprise Scribd logo

Optimizing Compliance Programs in Organizations: A Top Down Approach

Ethisphere
Ethisphere

Optimizing Compliance Programs in Organizations: A Top Down Approach

Carrière
1  sur  42
Télécharger pour lire hors ligne
GOOD. SMART. BUSINESS. PROFIT. TM
Optimizing Compliance Programs in Organizations: A Top-Down Approach March 19, 2015
Kevin McCormack Managing Director, Content & Programming kevin.mccormack@ethisphere.com 303.819.9817 We welcome you to submit any questions for the presenters through the chat function you see on your screen. HOST QUESTIONS RECORDING The event recording and PowerPoint will be provided post event. 3
Skadden, Arps, Slate, Meagher & Flom LLPCyberattacks 2014 – How to Prepare Today and Respond Tomorrow │4 Danny Goldberg Founder GOLD SRD Terence Lee Regional VP GRC Solutions MetricStream, Inc. SPEAKING TODAY
INTRODUCTION
Danny M. Goldberg • Founder, GOLDSRD (www.goldsrd.com) • Former Director of Corporate Audit/SOX at Dr Pepper Snapple Group • Former CAE - Tyler Technologies • Published Author (Book/Articles) • Texas A&M University – 97/98 • Chairman of the Leadership Council of the American Lung Association - North Texas – Calendar Year 2012 • Served on the Audit Committee of the Dallas Independent School District (CY 2008) • Current Dallas and Fort Worth IIA Programs Co-Chair • Fort Worth IIA Board Member • IIA North America Learning Committee Member Certifications: • CPA – Since 2000 • CIA – Since 2008 • CISA – Since 2008 • CGEIT - Since 2009 • CRISC - Since 2011 • CRMA – Since 2011 • CCSA – Since 2007 • CGMA – Since 2012 LAUGH
Danny M. Goldberg (cont.) • Highly-Rated, Internationally Recognized Speaker – One of the Top Rated Speakers, 2014 IIA All-Star Conference – 7th Rated Speaker, 2014 ISACA ISRM Conference – One of the Top Rated Speakers, 2014 IIA Mid-Atlantic Conference – One of the Top Rated Speakers, 2014 IIA Gaming Conference – 6th Highest Rated Speaker (out of 116), 2013 IIA International Conference – 3rd and 5th Rated Sessions, 2013 IIA Central Regional Conference – 8th Rated Speaker (out of 120), 2012 IIA International Conference
Danny M. Goldberg (cont.) • Published Author – HFTP Journal: Practice Ethics (November 2014) – Bureau of National Affairs - Internal Audit: Fundamental Principles and Best Practices (Professional Commentator) – College & University Auditor (March 2014 Cover) – Project Management – Audit Report Articles (June 2013 Cover, March 2012, March 2011, June 2010 Cover) – “Critical Thoughts on Critical Thinking” – ISACA Journal (May 2012, August 2012) – Internal Auditor Articles (August 2007, December 2007, October 2010) – Dallas Business Journal (January 2011) – “The Yes Man Phenomenon”
Agenda • Overview of Compliance and Integration Challenges • Top-Down Risk Based Approach (Centralized Oversight) • Compliance as a key enterprise risk • Key Aspects for Integrated Auditing • Differentiation between External, Internal and Regulatory • Differences (Sample Sizes, Substantive versus Controls) 9
Compliance Today • Business is NOT being deregulated; standards are increasing and becoming more stringent • Silo approach to compliance in many large organizations – Little to no integration (competing priorities) – Compliance is not viewed as value-add (“we have to do it”) 10
Implications of Lack of Integration • Who owns compliance? Which line of defense? • Limited compliance knowledge in the business/process owners • Advanced preparation becomes a necessity • Lack of separation between auditors (“We get audited all the time”) 11
Top-Down Approach • Board Oversight and Support (Compliance Program) • Management Messaging (Continuous) – Focus on Value of Compliance • Continuous Monitoring/Auditing • Incentive Plans tied to Compliance 12
Compliance Program • Compliance is Part of Management • Considered at the Strategic/Enterprise Level • Addressed as Part of ERM Program • Address Root Causes when Non- Compliance is uncovered • Consider/Identify business process interdependencies 13
Definition of Internal Audit Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. 14
Key Enterprise Risks • Focus on Value of Compliance • Top Five risk in most/many industries • Compliance is not optional • Lack of Compliance – Do Not Focus on Fines – Unable to do Business? – Not aligned with Company’s Strategic Objectives? 15
Messaging How Do You Get People to Do What They Do Not Want to Do? • Socialize Importance of Compliance • Continuous Communication • Training • Embed in the Business 16
Integrated Audit – Natural Similarities Integrated Audit 17
Integrated Auditing • Starts at the Top • Umbrella Approach to GRC? – All functions reporting through same authority line • Must start at the Risk Assessment Level – Combine Audit Risks with Compliance Risks (if possible) • Integrate Pool of Auditors 18
Types of Continuous GRC • Data Analytics – Continuous Monitoring – Continuous Auditing • Continuous Risk Assessment • Continuous Controls Monitoring • Data Warehousing • Data Mining • Fraud Detection Tool 19
Continuous Controls Monitoring • Process performed by management to determine whether policies are operating effectively • Uses automated tests to identify activities and transactions that fail to comply with controls • Allows management to fix control problems timely • Similar to continuous risk assessment – find the key controls, understand how they can be monitored through the system, etc. 20
“Who is Auditing Me Now?” • Confusion with Auditees as to who does what • Perception is that audits happen “all the time” – there is no end • Integration will assist perception • Important to delineate between internal and external 21
Differences Between Compliance and Internal Audit • Controls testing versus Substantive testing • Non-statistical Sampling versus Statistical Sampling • Concluding on initial sample versus extending sample sizes 22
Benefits of Compliance Optimization • Efficiency and Effectiveness of Compliance Process = Money • Real-Time Information (KPI’s) – pushes understanding and acceptance • Increased Readiness to Respond to Third- Parties 23
Summary • Compliance must be viewed as a key risk (ERM) • Integration is key to efficiency and effectiveness • Automation (CA/CM) is key to effective response • Can generate new revenue, etc. = Business Opportunity 24
© 2015 MetricStream, Inc. All Rights Reserved. Optimizing Compliance Programs in Organizations: A Top-Down Approach Terence Lee Regional Vice President | GRC Solutions MetricStream tlee@metricstream.com
© 2015 MetricStream, Inc. All Rights Reserved. Agenda • Challenges faced by the Business today • Facing the Compliance Challenge • Compliance as a Management Function • Benefits of an Effective Compliance Program • Q & A
© 2015 MetricStream, Inc. All Rights Reserved. Challenges faced by the Business today
© 2015 MetricStream, Inc. All Rights Reserved. Challenges • Addressing changing regulations and mandates. • Management of Regulatory Changes in silos. • Management of policies related to Governance, risk, compliance, ethics, and business conduct. • Lack of systematized operational testing. • Disconnect with BPM and Issue Tracking tools.
© 2015 MetricStream, Inc. All Rights Reserved. Facing the Compliance Challenge Managing the Compliances
© 2015 MetricStream, Inc. All Rights Reserved. Facing The Compliance Challenge • Standardize Internal Controls – Create a central repository for all types of company’s control systems, including those for operational efficiency, regulatory compliance, and financial reporting. – Have control linkages to related GRC content (regulations, processes, risks etc.) to get a bigger picture . • Use Business Process Management tools – Provide a framework for managing complex processes, ensuring that changes can be made in line with regulations. • Implement Standard Documentation – Have an integrated document repository to store documents pertaining to processes and controls across all subsidiaries. • Simplify Change Management – Enable sharing of documented risks and controls across processes. – Rationalize and reduce documented controls
© 2015 MetricStream, Inc. All Rights Reserved. Facing The Compliance Challenge (contd..) • Enable Operational Testing – Test internal controls in a consistent manner across all operations within the company and over time. – Export report data into spreadsheets to simplify the overall operational testing process. • Automate Issue Management – Provide complete visibility into the entire lifecycle of issues – from identification through root cause analysis to remediation. • Enhance Reporting Capabilities – Build executive dashboards which provide enterprise- wide visibility into the internal controls and processes. – Build reports and scorecards for status tracking. – Provide statistics and data by a variety of parameters such as business units, processes, and divisions.
© 2015 MetricStream, Inc. All Rights Reserved. Compliance Management Approach
© 2015 MetricStream, Inc. All Rights Reserved. Compliance Management Approach Document Mgmt. Translate Rules Into Policies & Procedures Policies & Procedures Rules & Regulations Construct Compliance Strategies Risk / Cost of Compliance Compliance Reporting & Dashboards  G&A  T&E  HR  FCPA, OFAC, AML  Corporate Ethics  Financial Processes  Adherence to Rules & Laws  SEC Rules & Regs.  Financial Controls  Independence  Non-Key Controls  Code of Conduct  OFAC FERC/NERC Controls Self- Testing 3rd Party Testing Training & Certification Notifications & Alerts Attestation Examples Build a control structure that matches company risks
© 2015 MetricStream, Inc. All Rights Reserved. A Typical Compliance Management Workflow Planning Organizing Operating Controlling
© 2015 MetricStream, Inc. All Rights Reserved. • Risk 1 • Risk 2 • Risk 3 … … … Risks • Control 1 • Control 2 • Control 3 … … … Controls • IT • Function 1 … … … Functions/ Standards • Process 1 • Process 2 • Process 3 … … … Processes • Control Test 1 • Control Test 2 • Control Test 3 … … … Control Tests • Risk-Based • Requirement-Based • Business Unit-Based Risk Assessments • Action Plan • Implement • Monitor Issues • SEC • NASD • PCI • ISO • SOX … Area of Compliance • Regulation 1 • Regulation 2 • Standard 1 • Standard 2 … … References • Policy 1 • Procedure 1 • Work Instruction 1 … … … Policies/Documents Single Platform for Multiple Compliance Programs
© 2015 MetricStream, Inc. All Rights Reserved. Benefits of an Effective Compliance Program
© 2015 MetricStream, Inc. All Rights Reserved. Benefits • Reduced Cost, Time, and Effort – Automated information flows, assessments and testing, and remediation assignments will reduce over all compliance costs. • Increased Efficiency and Collaboration – Groups will be able to carry out team activities in a productive manner within the collaborative environment. – Business will understand, control and manage business processes within strict tolerances. • Streamlined Change Control – Integrated document management with change control capabilities will keep documentation and processes in sync. This will significantly reduced the amount of redo of documentation for ongoing compliance. • Enhanced Transparency and Visibility – Risk of non-compliance will reduce, assuring the executives of higher customer and investor confidence. • Improved Reporting Capabilities – Enterprise-wide visibility into the financial controls management and compliance process will improve and also highlight issues that need to be addressed.
© 2015 MetricStream, Inc. All Rights Reserved. • Over 1,700 employees • Headquarters in Palo Alto, California with offices worldwide • Over 350 enterprise customers • Privately held – backed by leading global VCs, including Goldman Sachs About MetricStream Integrated Governance, Risk and Compliance for Better Business PerformanceVision Solutions • Enterprise Risk Management • Operational Risk Management • Vendor Risk Management • Audit Management • Third Party Management Partners Differentiators • Technology - GRC Platform – 9 Patents • Breadth of Solutions – Single Vendor for all GRC needs • Cross-industry Best Practices and Domain Knowledge • ComplianceOnline.com - Largest Compliance Portal on the Web •GRCIntelligence.com- One stop solution for curated intelligence Organization • EHS & Sustainability • Compliance Management • SOX Compliance • IT-GRC • Quality Management
Q&A
This webcast and all future Ethisphere webcasts are available complimentary and on demand for BELA members. BELA members are also offered complimentary registration to Ethisphere’s Global Ethics Summit and other Summits around the world. For more information on BELA contact: Laara van Loben Sels Senior Director, Engagement Services laara.vanlobensels@ethisphere.com 480.397.2663 Business Ethics Leadership Alliance (BELA)
THANK YOU

Recommandé

Essential Elements of Global Compliance Programs
Essential Elements of Global Compliance ProgramsEssential Elements of Global Compliance Programs
Essential Elements of Global Compliance ProgramsEthisphere
 
Key Steps to Creating a Strong Compliance Culture Through Effective Leadership
Key Steps to Creating a Strong Compliance Culture Through Effective LeadershipKey Steps to Creating a Strong Compliance Culture Through Effective Leadership
Key Steps to Creating a Strong Compliance Culture Through Effective LeadershipEthisphere
 
Compliance Strategy and Performance
Compliance Strategy and PerformanceCompliance Strategy and Performance
Compliance Strategy and PerformanceEthisphere
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013FixNix Inc.,
 
The Changing Role of Compliance | Accenture
The Changing Role of Compliance | AccentureThe Changing Role of Compliance | Accenture
The Changing Role of Compliance | AccentureAccenture Operations
 
Legal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceLegal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceEffacts
 
Protiviti's Tips - Will you be ready for an IPO when the market is?
Protiviti's Tips - Will you be ready for an IPO when the market is?Protiviti's Tips - Will you be ready for an IPO when the market is?
Protiviti's Tips - Will you be ready for an IPO when the market is?Ellie Ahmadi
 

Recommandé

Essential Elements of Global Compliance Programs
Essential Elements of Global Compliance ProgramsEssential Elements of Global Compliance Programs
Essential Elements of Global Compliance ProgramsEthisphere
 
Key Steps to Creating a Strong Compliance Culture Through Effective Leadership
Key Steps to Creating a Strong Compliance Culture Through Effective LeadershipKey Steps to Creating a Strong Compliance Culture Through Effective Leadership
Key Steps to Creating a Strong Compliance Culture Through Effective LeadershipEthisphere
 
Compliance Strategy and Performance
Compliance Strategy and PerformanceCompliance Strategy and Performance
Compliance Strategy and PerformanceEthisphere
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013FixNix Inc.,
 
The Changing Role of Compliance | Accenture
The Changing Role of Compliance | AccentureThe Changing Role of Compliance | Accenture
The Changing Role of Compliance | AccentureAccenture Operations
 
Legal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceLegal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceEffacts
 
Protiviti's Tips - Will you be ready for an IPO when the market is?
Protiviti's Tips - Will you be ready for an IPO when the market is?Protiviti's Tips - Will you be ready for an IPO when the market is?
Protiviti's Tips - Will you be ready for an IPO when the market is?Ellie Ahmadi
 
The New Competitive Advantage – How a robust compliance program can both prot...
The New Competitive Advantage – How a robust compliance program can both prot...The New Competitive Advantage – How a robust compliance program can both prot...
The New Competitive Advantage – How a robust compliance program can both prot...PECB
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Alex Todd
 
SEC & FINRA 2017 Priorities: A Midyear Update
SEC & FINRA 2017 Priorities: A Midyear UpdateSEC & FINRA 2017 Priorities: A Midyear Update
SEC & FINRA 2017 Priorities: A Midyear UpdateMyComplianceOffice
 
ISO Standards support for Anti-Bribery investigations and audits in the cyber...
ISO Standards support for Anti-Bribery investigations and audits in the cyber...ISO Standards support for Anti-Bribery investigations and audits in the cyber...
ISO Standards support for Anti-Bribery investigations and audits in the cyber...PECB
 
Pfm reform webinar master slides
Pfm reform webinar master slidesPfm reform webinar master slides
Pfm reform webinar master slidesVanessaMcGinley1
 
Whistleblowers – A key but misunderstood tool in the fight against corruption
Whistleblowers – A key but misunderstood tool in the fight against corruptionWhistleblowers – A key but misunderstood tool in the fight against corruption
Whistleblowers – A key but misunderstood tool in the fight against corruptionPECB
 
ISO 19600 Section 4.5 - Know your Obligations
ISO 19600 Section 4.5 - Know your ObligationsISO 19600 Section 4.5 - Know your Obligations
ISO 19600 Section 4.5 - Know your ObligationsNimonik
 
Conduct Risk – What Corporates Can Learn From The Financial Sector
Conduct Risk – What Corporates Can Learn From The Financial SectorConduct Risk – What Corporates Can Learn From The Financial Sector
Conduct Risk – What Corporates Can Learn From The Financial SectorEversheds Sutherland
 
RIA in the context of regulatory policy and governance: UK
RIA in the context of regulatory policy and governance: UKRIA in the context of regulatory policy and governance: UK
RIA in the context of regulatory policy and governance: UKOECD Governance
 
The Real Deal Webinar Series: Practical Advice from a Former Chief Compliance...
The Real Deal Webinar Series: Practical Advice from a Former Chief Compliance...The Real Deal Webinar Series: Practical Advice from a Former Chief Compliance...
The Real Deal Webinar Series: Practical Advice from a Former Chief Compliance...Winston & Strawn LLP
 
Compliance Risk Assessment
Compliance Risk AssessmentCompliance Risk Assessment
Compliance Risk AssessmentCompliance Consultant
 
Competition Assessment: UK
Competition Assessment: UKCompetition Assessment: UK
Competition Assessment: UKOECD Governance
 
Defining the problem: UK
Defining the problem: UKDefining the problem: UK
Defining the problem: UKOECD Governance
 
Investigating Corruption: First responses to signs of trouble
Investigating Corruption: First responses to signs of troubleInvestigating Corruption: First responses to signs of trouble
Investigating Corruption: First responses to signs of troublePECB
 
CORPORATE GOVERNANCE IN A CHANGING ORGANIZATION
CORPORATE GOVERNANCE IN A CHANGING ORGANIZATIONCORPORATE GOVERNANCE IN A CHANGING ORGANIZATION
CORPORATE GOVERNANCE IN A CHANGING ORGANIZATIONIgor
 
Regulatory & Compliance Account Opening
Regulatory & Compliance Account OpeningRegulatory & Compliance Account Opening
Regulatory & Compliance Account OpeningAxis Technology, LLC
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 
The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field Resolver Inc.
 
DAH15 : Bray Goverance - Not Dirty Words
DAH15 : Bray Goverance - Not Dirty WordsDAH15 : Bray Goverance - Not Dirty Words
DAH15 : Bray Goverance - Not Dirty WordsoGuild .
 
Create a Winning BPI Playbook
Create a Winning BPI PlaybookCreate a Winning BPI Playbook
Create a Winning BPI PlaybookInfo-Tech Research Group
 
Stop the madness - Never doubt the quality of BI again using Data Governance
Stop the madness - Never doubt the quality of BI again using Data GovernanceStop the madness - Never doubt the quality of BI again using Data Governance
Stop the madness - Never doubt the quality of BI again using Data GovernanceMary Levins, PMP
 
2016 Akili Business Process Management Service Offering
2016 Akili Business Process Management Service Offering2016 Akili Business Process Management Service Offering
2016 Akili Business Process Management Service Offeringrnaramore
 

Contenu connexe

Tendances

The New Competitive Advantage – How a robust compliance program can both prot...
The New Competitive Advantage – How a robust compliance program can both prot...The New Competitive Advantage – How a robust compliance program can both prot...
The New Competitive Advantage – How a robust compliance program can both prot...PECB
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Alex Todd
 
SEC & FINRA 2017 Priorities: A Midyear Update
SEC & FINRA 2017 Priorities: A Midyear UpdateSEC & FINRA 2017 Priorities: A Midyear Update
SEC & FINRA 2017 Priorities: A Midyear UpdateMyComplianceOffice
 
ISO Standards support for Anti-Bribery investigations and audits in the cyber...
ISO Standards support for Anti-Bribery investigations and audits in the cyber...ISO Standards support for Anti-Bribery investigations and audits in the cyber...
ISO Standards support for Anti-Bribery investigations and audits in the cyber...PECB
 
Pfm reform webinar master slides
Pfm reform webinar master slidesPfm reform webinar master slides
Pfm reform webinar master slidesVanessaMcGinley1
 
Whistleblowers – A key but misunderstood tool in the fight against corruption
Whistleblowers – A key but misunderstood tool in the fight against corruptionWhistleblowers – A key but misunderstood tool in the fight against corruption
Whistleblowers – A key but misunderstood tool in the fight against corruptionPECB
 
ISO 19600 Section 4.5 - Know your Obligations
ISO 19600 Section 4.5 - Know your ObligationsISO 19600 Section 4.5 - Know your Obligations
ISO 19600 Section 4.5 - Know your ObligationsNimonik
 
Conduct Risk – What Corporates Can Learn From The Financial Sector
Conduct Risk – What Corporates Can Learn From The Financial SectorConduct Risk – What Corporates Can Learn From The Financial Sector
Conduct Risk – What Corporates Can Learn From The Financial SectorEversheds Sutherland
 
RIA in the context of regulatory policy and governance: UK
RIA in the context of regulatory policy and governance: UKRIA in the context of regulatory policy and governance: UK
RIA in the context of regulatory policy and governance: UKOECD Governance
 
The Real Deal Webinar Series: Practical Advice from a Former Chief Compliance...
The Real Deal Webinar Series: Practical Advice from a Former Chief Compliance...The Real Deal Webinar Series: Practical Advice from a Former Chief Compliance...
The Real Deal Webinar Series: Practical Advice from a Former Chief Compliance...Winston & Strawn LLP
 
Competition Assessment: UK
Competition Assessment: UKCompetition Assessment: UK
Competition Assessment: UKOECD Governance
 
Defining the problem: UK
Defining the problem: UKDefining the problem: UK
Defining the problem: UKOECD Governance
 
Investigating Corruption: First responses to signs of trouble
Investigating Corruption: First responses to signs of troubleInvestigating Corruption: First responses to signs of trouble
Investigating Corruption: First responses to signs of troublePECB
 
CORPORATE GOVERNANCE IN A CHANGING ORGANIZATION
CORPORATE GOVERNANCE IN A CHANGING ORGANIZATIONCORPORATE GOVERNANCE IN A CHANGING ORGANIZATION
CORPORATE GOVERNANCE IN A CHANGING ORGANIZATIONIgor
 
Regulatory & Compliance Account Opening
Regulatory & Compliance Account OpeningRegulatory & Compliance Account Opening
Regulatory & Compliance Account OpeningAxis Technology, LLC
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 

Tendances (17)

The New Competitive Advantage – How a robust compliance program can both prot...
The New Competitive Advantage – How a robust compliance program can both prot...The New Competitive Advantage – How a robust compliance program can both prot...
The New Competitive Advantage – How a robust compliance program can both prot...
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)
 
SEC & FINRA 2017 Priorities: A Midyear Update
SEC & FINRA 2017 Priorities: A Midyear UpdateSEC & FINRA 2017 Priorities: A Midyear Update
SEC & FINRA 2017 Priorities: A Midyear Update
 
ISO Standards support for Anti-Bribery investigations and audits in the cyber...
ISO Standards support for Anti-Bribery investigations and audits in the cyber...ISO Standards support for Anti-Bribery investigations and audits in the cyber...
ISO Standards support for Anti-Bribery investigations and audits in the cyber...
 
Pfm reform webinar master slides
Pfm reform webinar master slidesPfm reform webinar master slides
Pfm reform webinar master slides
 
Whistleblowers – A key but misunderstood tool in the fight against corruption
Whistleblowers – A key but misunderstood tool in the fight against corruptionWhistleblowers – A key but misunderstood tool in the fight against corruption
Whistleblowers – A key but misunderstood tool in the fight against corruption
 
ISO 19600 Section 4.5 - Know your Obligations
ISO 19600 Section 4.5 - Know your ObligationsISO 19600 Section 4.5 - Know your Obligations
ISO 19600 Section 4.5 - Know your Obligations
 
Conduct Risk – What Corporates Can Learn From The Financial Sector
Conduct Risk – What Corporates Can Learn From The Financial SectorConduct Risk – What Corporates Can Learn From The Financial Sector
Conduct Risk – What Corporates Can Learn From The Financial Sector
 
RIA in the context of regulatory policy and governance: UK
RIA in the context of regulatory policy and governance: UKRIA in the context of regulatory policy and governance: UK
RIA in the context of regulatory policy and governance: UK
 
The Real Deal Webinar Series: Practical Advice from a Former Chief Compliance...
The Real Deal Webinar Series: Practical Advice from a Former Chief Compliance...The Real Deal Webinar Series: Practical Advice from a Former Chief Compliance...
The Real Deal Webinar Series: Practical Advice from a Former Chief Compliance...
 
Compliance Risk Assessment
Compliance Risk AssessmentCompliance Risk Assessment
Compliance Risk Assessment
 
Competition Assessment: UK
Competition Assessment: UKCompetition Assessment: UK
Competition Assessment: UK
 
Defining the problem: UK
Defining the problem: UKDefining the problem: UK
Defining the problem: UK
 
Investigating Corruption: First responses to signs of trouble
Investigating Corruption: First responses to signs of troubleInvestigating Corruption: First responses to signs of trouble
Investigating Corruption: First responses to signs of trouble
 
CORPORATE GOVERNANCE IN A CHANGING ORGANIZATION
CORPORATE GOVERNANCE IN A CHANGING ORGANIZATIONCORPORATE GOVERNANCE IN A CHANGING ORGANIZATION
CORPORATE GOVERNANCE IN A CHANGING ORGANIZATION
 
Regulatory & Compliance Account Opening
Regulatory & Compliance Account OpeningRegulatory & Compliance Account Opening
Regulatory & Compliance Account Opening
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & compliance
 

Similaire à Optimizing Compliance Programs in Organizations: A Top Down Approach

The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field Resolver Inc.
 
DAH15 : Bray Goverance - Not Dirty Words
DAH15 : Bray Goverance - Not Dirty WordsDAH15 : Bray Goverance - Not Dirty Words
DAH15 : Bray Goverance - Not Dirty WordsoGuild .
 
Stop the madness - Never doubt the quality of BI again using Data Governance
Stop the madness - Never doubt the quality of BI again using Data GovernanceStop the madness - Never doubt the quality of BI again using Data Governance
Stop the madness - Never doubt the quality of BI again using Data GovernanceMary Levins, PMP
 
2016 Akili Business Process Management Service Offering
2016 Akili Business Process Management Service Offering2016 Akili Business Process Management Service Offering
2016 Akili Business Process Management Service Offeringrnaramore
 
MIS Session 6
MIS Session 6MIS Session 6
MIS Session 6sant190
 
The Challenges of Post-Merger Integration-Luis Taveras, RWJ Barnabas Health
The Challenges of Post-Merger Integration-Luis Taveras, RWJ Barnabas HealthThe Challenges of Post-Merger Integration-Luis Taveras, RWJ Barnabas Health
The Challenges of Post-Merger Integration-Luis Taveras, RWJ Barnabas HealthHealthcare Network marcus evans
 
Core Skills for Change Agents
Core Skills for Change AgentsCore Skills for Change Agents
Core Skills for Change AgentsCaltech
 
Game Changing Quality Strategies that Drive Organizational Excellence
Game Changing Quality Strategies that Drive Organizational ExcellenceGame Changing Quality Strategies that Drive Organizational Excellence
Game Changing Quality Strategies that Drive Organizational Excellencekushshah
 
Maclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear LLC
 
2015 ISACA NACACS - Audit as Controls Factory
2015 ISACA NACACS - Audit as Controls Factory2015 ISACA NACACS - Audit as Controls Factory
2015 ISACA NACACS - Audit as Controls FactoryNathan Anderson
 
The 4 ERP governance best practices you can’t ignore
The 4 ERP governance best practices you can’t ignoreThe 4 ERP governance best practices you can’t ignore
The 4 ERP governance best practices you can’t ignoreGrant Thornton LLP
 
What ISO Management Systems can learn from Balanced Scorecard?
What ISO Management Systems can learn from Balanced Scorecard?What ISO Management Systems can learn from Balanced Scorecard?
What ISO Management Systems can learn from Balanced Scorecard?PECB
 
Productivity improvement through right governance
Productivity improvement through right governanceProductivity improvement through right governance
Productivity improvement through right governanceChandan Patary
 
Governing Agile Teams: Disciplined Strategies to Increase Agile Effectiveness
Governing Agile Teams: Disciplined Strategies to Increase Agile EffectivenessGoverning Agile Teams: Disciplined Strategies to Increase Agile Effectiveness
Governing Agile Teams: Disciplined Strategies to Increase Agile EffectivenessTechWell
 
Data architecture around risk management
Data architecture around risk managementData architecture around risk management
Data architecture around risk managementSuvradeep Rudra
 
It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013James Sutter
 
It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013Jim Sutter
 
How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...
How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...
How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...DATAVERSITY
 

Similaire à Optimizing Compliance Programs in Organizations: A Top Down Approach (20)

The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field
 
DAH15 : Bray Goverance - Not Dirty Words
DAH15 : Bray Goverance - Not Dirty WordsDAH15 : Bray Goverance - Not Dirty Words
DAH15 : Bray Goverance - Not Dirty Words
 
Create a Winning BPI Playbook
Create a Winning BPI PlaybookCreate a Winning BPI Playbook
Create a Winning BPI Playbook
 
Stop the madness - Never doubt the quality of BI again using Data Governance
Stop the madness - Never doubt the quality of BI again using Data GovernanceStop the madness - Never doubt the quality of BI again using Data Governance
Stop the madness - Never doubt the quality of BI again using Data Governance
 
2016 Akili Business Process Management Service Offering
2016 Akili Business Process Management Service Offering2016 Akili Business Process Management Service Offering
2016 Akili Business Process Management Service Offering
 
MIS Session 6
MIS Session 6MIS Session 6
MIS Session 6
 
The Challenges of Post-Merger Integration-Luis Taveras, RWJ Barnabas Health
The Challenges of Post-Merger Integration-Luis Taveras, RWJ Barnabas HealthThe Challenges of Post-Merger Integration-Luis Taveras, RWJ Barnabas Health
The Challenges of Post-Merger Integration-Luis Taveras, RWJ Barnabas Health
 
Core Skills for Change Agents
Core Skills for Change AgentsCore Skills for Change Agents
Core Skills for Change Agents
 
Game Changing Quality Strategies that Drive Organizational Excellence
Game Changing Quality Strategies that Drive Organizational ExcellenceGame Changing Quality Strategies that Drive Organizational Excellence
Game Changing Quality Strategies that Drive Organizational Excellence
 
Maclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and Trends
 
2015 ISACA NACACS - Audit as Controls Factory
2015 ISACA NACACS - Audit as Controls Factory2015 ISACA NACACS - Audit as Controls Factory
2015 ISACA NACACS - Audit as Controls Factory
 
SSCG 8D Problem Solving
SSCG 8D Problem SolvingSSCG 8D Problem Solving
SSCG 8D Problem Solving
 
The 4 ERP governance best practices you can’t ignore
The 4 ERP governance best practices you can’t ignoreThe 4 ERP governance best practices you can’t ignore
The 4 ERP governance best practices you can’t ignore
 
What ISO Management Systems can learn from Balanced Scorecard?
What ISO Management Systems can learn from Balanced Scorecard?What ISO Management Systems can learn from Balanced Scorecard?
What ISO Management Systems can learn from Balanced Scorecard?
 
Productivity improvement through right governance
Productivity improvement through right governanceProductivity improvement through right governance
Productivity improvement through right governance
 
Governing Agile Teams: Disciplined Strategies to Increase Agile Effectiveness
Governing Agile Teams: Disciplined Strategies to Increase Agile EffectivenessGoverning Agile Teams: Disciplined Strategies to Increase Agile Effectiveness
Governing Agile Teams: Disciplined Strategies to Increase Agile Effectiveness
 
Data architecture around risk management
Data architecture around risk managementData architecture around risk management
Data architecture around risk management
 
It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013
 
It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013
 
How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...
How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...
How Ally Financial Achieved Regulatory Compliance with the Data Management Ma...
 

Plus de Ethisphere

Safe Harbor Webinar
Safe Harbor WebinarSafe Harbor Webinar
Safe Harbor WebinarEthisphere
 
Corruption In China: Recovery-Led Investigations
Corruption In China: Recovery-Led InvestigationsCorruption In China: Recovery-Led Investigations
Corruption In China: Recovery-Led InvestigationsEthisphere
 
Building on the Foundation of Ethics and Compliance to Achieve Sustainability
Building on the Foundation of Ethics and Compliance to Achieve SustainabilityBuilding on the Foundation of Ethics and Compliance to Achieve Sustainability
Building on the Foundation of Ethics and Compliance to Achieve SustainabilityEthisphere
 
Special Challenges of Doing Business in Russia
Special Challenges of Doing Business in RussiaSpecial Challenges of Doing Business in Russia
Special Challenges of Doing Business in RussiaEthisphere
 
Russian Sanctions: What the U.S. and OFAC Directives Mean for Global Companies
Russian Sanctions: What the U.S. and OFAC Directives Mean for Global CompaniesRussian Sanctions: What the U.S. and OFAC Directives Mean for Global Companies
Russian Sanctions: What the U.S. and OFAC Directives Mean for Global CompaniesEthisphere
 
Risk Containment: Tailoring Contract Provisions with Third Parties to Minimiz...
Risk Containment: Tailoring Contract Provisions with Third Parties to Minimiz...Risk Containment: Tailoring Contract Provisions with Third Parties to Minimiz...
Risk Containment: Tailoring Contract Provisions with Third Parties to Minimiz...Ethisphere
 
Reputation Risk: Why Companies Need to Care
Reputation Risk: Why Companies Need to CareReputation Risk: Why Companies Need to Care
Reputation Risk: Why Companies Need to CareEthisphere
 
Doing Business in Mexico: Compliance Implications of the Pact for Mexico
Doing Business in Mexico: Compliance Implications of the Pact for MexicoDoing Business in Mexico: Compliance Implications of the Pact for Mexico
Doing Business in Mexico: Compliance Implications of the Pact for MexicoEthisphere
 
Hotline Confidential: Is Your Company Using Best Practices for Whistleblower ...
Hotline Confidential: Is Your Company Using Best Practices for Whistleblower ...Hotline Confidential: Is Your Company Using Best Practices for Whistleblower ...
Hotline Confidential: Is Your Company Using Best Practices for Whistleblower ...Ethisphere
 
Anti-Corruption Update: Naughty or Nice? When Giving Gifts Will Get You a Lum...
Anti-Corruption Update: Naughty or Nice? When Giving Gifts Will Get You a Lum...Anti-Corruption Update: Naughty or Nice? When Giving Gifts Will Get You a Lum...
Anti-Corruption Update: Naughty or Nice? When Giving Gifts Will Get You a Lum...Ethisphere
 
Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...
Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...
Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...Ethisphere
 
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Ethisphere
 
Cybersecurity: Managing Risk Around New Data Threats
Cybersecurity: Managing Risk Around New Data ThreatsCybersecurity: Managing Risk Around New Data Threats
Cybersecurity: Managing Risk Around New Data ThreatsEthisphere
 
Anti-Corruption and Third Parties: Mitigating the Risks
Anti-Corruption and Third Parties: Mitigating the RisksAnti-Corruption and Third Parties: Mitigating the Risks
Anti-Corruption and Third Parties: Mitigating the RisksEthisphere
 
Corporate Cyber Attacks: Managing Risk to Avoid Reputation Harm
Corporate Cyber Attacks: Managing Risk to Avoid Reputation HarmCorporate Cyber Attacks: Managing Risk to Avoid Reputation Harm
Corporate Cyber Attacks: Managing Risk to Avoid Reputation HarmEthisphere
 
Conflict Minerals: The First Year and What's to Come
Conflict Minerals: The First Year and What's to ComeConflict Minerals: The First Year and What's to Come
Conflict Minerals: The First Year and What's to ComeEthisphere
 
Conflict Minerals Update: Making Sense of the Appellate Court Decision and SE...
Conflict Minerals Update: Making Sense of the Appellate Court Decision and SE...Conflict Minerals Update: Making Sense of the Appellate Court Decision and SE...
Conflict Minerals Update: Making Sense of the Appellate Court Decision and SE...Ethisphere
 
Compliance Control: Assessing Your Program For Anti-Corruption Effectiveness
Compliance Control: Assessing Your Program For Anti-Corruption Effectiveness Compliance Control: Assessing Your Program For Anti-Corruption Effectiveness
Compliance Control: Assessing Your Program For Anti-Corruption Effectiveness Ethisphere
 
Open Disclosure: Why and How to manage Conflict of Interest Disclosure
Open Disclosure: Why and How to manage Conflict of Interest DisclosureOpen Disclosure: Why and How to manage Conflict of Interest Disclosure
Open Disclosure: Why and How to manage Conflict of Interest DisclosureEthisphere
 
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...Ethisphere
 

Plus de Ethisphere (20)

Safe Harbor Webinar
Safe Harbor WebinarSafe Harbor Webinar
Safe Harbor Webinar
 
Corruption In China: Recovery-Led Investigations
Corruption In China: Recovery-Led InvestigationsCorruption In China: Recovery-Led Investigations
Corruption In China: Recovery-Led Investigations
 
Building on the Foundation of Ethics and Compliance to Achieve Sustainability
Building on the Foundation of Ethics and Compliance to Achieve SustainabilityBuilding on the Foundation of Ethics and Compliance to Achieve Sustainability
Building on the Foundation of Ethics and Compliance to Achieve Sustainability
 
Special Challenges of Doing Business in Russia
Special Challenges of Doing Business in RussiaSpecial Challenges of Doing Business in Russia
Special Challenges of Doing Business in Russia
 
Russian Sanctions: What the U.S. and OFAC Directives Mean for Global Companies
Russian Sanctions: What the U.S. and OFAC Directives Mean for Global CompaniesRussian Sanctions: What the U.S. and OFAC Directives Mean for Global Companies
Russian Sanctions: What the U.S. and OFAC Directives Mean for Global Companies
 
Risk Containment: Tailoring Contract Provisions with Third Parties to Minimiz...
Risk Containment: Tailoring Contract Provisions with Third Parties to Minimiz...Risk Containment: Tailoring Contract Provisions with Third Parties to Minimiz...
Risk Containment: Tailoring Contract Provisions with Third Parties to Minimiz...
 
Reputation Risk: Why Companies Need to Care
Reputation Risk: Why Companies Need to CareReputation Risk: Why Companies Need to Care
Reputation Risk: Why Companies Need to Care
 
Doing Business in Mexico: Compliance Implications of the Pact for Mexico
Doing Business in Mexico: Compliance Implications of the Pact for MexicoDoing Business in Mexico: Compliance Implications of the Pact for Mexico
Doing Business in Mexico: Compliance Implications of the Pact for Mexico
 
Hotline Confidential: Is Your Company Using Best Practices for Whistleblower ...
Hotline Confidential: Is Your Company Using Best Practices for Whistleblower ...Hotline Confidential: Is Your Company Using Best Practices for Whistleblower ...
Hotline Confidential: Is Your Company Using Best Practices for Whistleblower ...
 
Anti-Corruption Update: Naughty or Nice? When Giving Gifts Will Get You a Lum...
Anti-Corruption Update: Naughty or Nice? When Giving Gifts Will Get You a Lum...Anti-Corruption Update: Naughty or Nice? When Giving Gifts Will Get You a Lum...
Anti-Corruption Update: Naughty or Nice? When Giving Gifts Will Get You a Lum...
 
Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...
Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...
Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...
 
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
 
Cybersecurity: Managing Risk Around New Data Threats
Cybersecurity: Managing Risk Around New Data ThreatsCybersecurity: Managing Risk Around New Data Threats
Cybersecurity: Managing Risk Around New Data Threats
 
Anti-Corruption and Third Parties: Mitigating the Risks
Anti-Corruption and Third Parties: Mitigating the RisksAnti-Corruption and Third Parties: Mitigating the Risks
Anti-Corruption and Third Parties: Mitigating the Risks
 
Corporate Cyber Attacks: Managing Risk to Avoid Reputation Harm
Corporate Cyber Attacks: Managing Risk to Avoid Reputation HarmCorporate Cyber Attacks: Managing Risk to Avoid Reputation Harm
Corporate Cyber Attacks: Managing Risk to Avoid Reputation Harm
 
Conflict Minerals: The First Year and What's to Come
Conflict Minerals: The First Year and What's to ComeConflict Minerals: The First Year and What's to Come
Conflict Minerals: The First Year and What's to Come
 
Conflict Minerals Update: Making Sense of the Appellate Court Decision and SE...
Conflict Minerals Update: Making Sense of the Appellate Court Decision and SE...Conflict Minerals Update: Making Sense of the Appellate Court Decision and SE...
Conflict Minerals Update: Making Sense of the Appellate Court Decision and SE...
 
Compliance Control: Assessing Your Program For Anti-Corruption Effectiveness
Compliance Control: Assessing Your Program For Anti-Corruption Effectiveness Compliance Control: Assessing Your Program For Anti-Corruption Effectiveness
Compliance Control: Assessing Your Program For Anti-Corruption Effectiveness
 
Open Disclosure: Why and How to manage Conflict of Interest Disclosure
Open Disclosure: Why and How to manage Conflict of Interest DisclosureOpen Disclosure: Why and How to manage Conflict of Interest Disclosure
Open Disclosure: Why and How to manage Conflict of Interest Disclosure
 
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...
 

Dernier

内布拉斯加大学林肯分校毕业证录取书( 退学 )学位证书硕士
内布拉斯加大学林肯分校毕业证录取书( 退学 )学位证书硕士内布拉斯加大学林肯分校毕业证录取书( 退学 )学位证书硕士
内布拉斯加大学林肯分校毕业证录取书( 退学 )学位证书硕士obuhobo
 
Delhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Dubai Call Girls Naija O525547819 Call Girls In Dubai Home Made
Dubai Call Girls Naija O525547819 Call Girls In Dubai Home MadeDubai Call Girls Naija O525547819 Call Girls In Dubai Home Made
Dubai Call Girls Naija O525547819 Call Girls In Dubai Home Madekojalkojal131
 
CALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual serviceanilsa9823
 
Experience Certificate - Marketing Analyst-Soham Mondal.pdf
Experience Certificate - Marketing Analyst-Soham Mondal.pdfExperience Certificate - Marketing Analyst-Soham Mondal.pdf
Experience Certificate - Marketing Analyst-Soham Mondal.pdfSoham Mondal
 
VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...
VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...
VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...Suhani Kapoor
 
Internshala Student Partner 6.0 Jadavpur University Certificate
Internshala Student Partner 6.0 Jadavpur University CertificateInternshala Student Partner 6.0 Jadavpur University Certificate
Internshala Student Partner 6.0 Jadavpur University CertificateSoham Mondal
 
Resumes, Cover Letters, and Applying Online
Resumes, Cover Letters, and Applying OnlineResumes, Cover Letters, and Applying Online
Resumes, Cover Letters, and Applying OnlineBruce Bennett
 
Final Completion Certificate of Marketing Management Internship
Final Completion Certificate of Marketing Management InternshipFinal Completion Certificate of Marketing Management Internship
Final Completion Certificate of Marketing Management InternshipSoham Mondal
 
女王大学硕士毕业证成绩单(加急办理)认证海外毕业证
女王大学硕士毕业证成绩单(加急办理)认证海外毕业证女王大学硕士毕业证成绩单(加急办理)认证海外毕业证
女王大学硕士毕业证成绩单(加急办理)认证海外毕业证obuhobo
 
VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...
VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...
VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...Suhani Kapoor
 
CALL ON ➥8923113531 🔝Call Girls Husainganj Lucknow best Female service 🧳
CALL ON ➥8923113531 🔝Call Girls Husainganj Lucknow best Female service 🧳CALL ON ➥8923113531 🔝Call Girls Husainganj Lucknow best Female service 🧳
CALL ON ➥8923113531 🔝Call Girls Husainganj Lucknow best Female service 🧳anilsa9823
 
Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
VIP Call Girl Bhiwandi Aashi 8250192130 Independent Escort Service Bhiwandi
VIP Call Girl Bhiwandi Aashi 8250192130 Independent Escort Service BhiwandiVIP Call Girl Bhiwandi Aashi 8250192130 Independent Escort Service Bhiwandi
VIP Call Girl Bhiwandi Aashi 8250192130 Independent Escort Service BhiwandiSuhani Kapoor
 
PM Job Search Council Info Session - PMI Silver Spring Chapter
PM Job Search Council Info Session - PMI Silver Spring ChapterPM Job Search Council Info Session - PMI Silver Spring Chapter
PM Job Search Council Info Session - PMI Silver Spring ChapterHector Del Castillo, CPM, CPMM
 
VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...
VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...
VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...Suhani Kapoor
 
Booking open Available Pune Call Girls Ambegaon Khurd 6297143586 Call Hot In...
Booking open Available Pune Call Girls Ambegaon Khurd 6297143586 Call Hot In...Booking open Available Pune Call Girls Ambegaon Khurd 6297143586 Call Hot In...
Booking open Available Pune Call Girls Ambegaon Khurd 6297143586 Call Hot In...Call Girls in Nagpur High Profile
 
Delhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call Girls
Delhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call GirlsDelhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call Girls
Delhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call Girlsshivangimorya083
 
TEST BANK For Evidence-Based Practice for Nurses Appraisal and Application of...
TEST BANK For Evidence-Based Practice for Nurses Appraisal and Application of...TEST BANK For Evidence-Based Practice for Nurses Appraisal and Application of...
TEST BANK For Evidence-Based Practice for Nurses Appraisal and Application of...robinsonayot
 

Dernier (20)

内布拉斯加大学林肯分校毕业证录取书( 退学 )学位证书硕士
内布拉斯加大学林肯分校毕业证录取书( 退学 )学位证书硕士内布拉斯加大学林肯分校毕业证录取书( 退学 )学位证书硕士
内布拉斯加大学林肯分校毕业证录取书( 退学 )学位证书硕士
 
Delhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Ex 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Dubai Call Girls Naija O525547819 Call Girls In Dubai Home Made
Dubai Call Girls Naija O525547819 Call Girls In Dubai Home MadeDubai Call Girls Naija O525547819 Call Girls In Dubai Home Made
Dubai Call Girls Naija O525547819 Call Girls In Dubai Home Made
 
CALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gosainganj Lucknow best sexual service
 
Call Girls In Prashant Vihar꧁❤ 🔝 9953056974🔝❤꧂ Escort ServiCe
Call Girls In Prashant Vihar꧁❤ 🔝 9953056974🔝❤꧂ Escort ServiCeCall Girls In Prashant Vihar꧁❤ 🔝 9953056974🔝❤꧂ Escort ServiCe
Call Girls In Prashant Vihar꧁❤ 🔝 9953056974🔝❤꧂ Escort ServiCe
 
Experience Certificate - Marketing Analyst-Soham Mondal.pdf
Experience Certificate - Marketing Analyst-Soham Mondal.pdfExperience Certificate - Marketing Analyst-Soham Mondal.pdf
Experience Certificate - Marketing Analyst-Soham Mondal.pdf
 
VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...
VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...
VIP Call Girls Service Cuttack Aishwarya 8250192130 Independent Escort Servic...
 
Internshala Student Partner 6.0 Jadavpur University Certificate
Internshala Student Partner 6.0 Jadavpur University CertificateInternshala Student Partner 6.0 Jadavpur University Certificate
Internshala Student Partner 6.0 Jadavpur University Certificate
 
Resumes, Cover Letters, and Applying Online
Resumes, Cover Letters, and Applying OnlineResumes, Cover Letters, and Applying Online
Resumes, Cover Letters, and Applying Online
 
Final Completion Certificate of Marketing Management Internship
Final Completion Certificate of Marketing Management InternshipFinal Completion Certificate of Marketing Management Internship
Final Completion Certificate of Marketing Management Internship
 
女王大学硕士毕业证成绩单(加急办理)认证海外毕业证
女王大学硕士毕业证成绩单(加急办理)认证海外毕业证女王大学硕士毕业证成绩单(加急办理)认证海外毕业证
女王大学硕士毕业证成绩单(加急办理)认证海外毕业证
 
VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...
VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...
VIP High Profile Call Girls Jamshedpur Aarushi 8250192130 Independent Escort ...
 
CALL ON ➥8923113531 🔝Call Girls Husainganj Lucknow best Female service 🧳
CALL ON ➥8923113531 🔝Call Girls Husainganj Lucknow best Female service 🧳CALL ON ➥8923113531 🔝Call Girls Husainganj Lucknow best Female service 🧳
CALL ON ➥8923113531 🔝Call Girls Husainganj Lucknow best Female service 🧳
 
Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls South Delhi 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
VIP Call Girl Bhiwandi Aashi 8250192130 Independent Escort Service Bhiwandi
VIP Call Girl Bhiwandi Aashi 8250192130 Independent Escort Service BhiwandiVIP Call Girl Bhiwandi Aashi 8250192130 Independent Escort Service Bhiwandi
VIP Call Girl Bhiwandi Aashi 8250192130 Independent Escort Service Bhiwandi
 
PM Job Search Council Info Session - PMI Silver Spring Chapter
PM Job Search Council Info Session - PMI Silver Spring ChapterPM Job Search Council Info Session - PMI Silver Spring Chapter
PM Job Search Council Info Session - PMI Silver Spring Chapter
 
VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...
VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...
VIP Call Girls Firozabad Aaradhya 8250192130 Independent Escort Service Firoz...
 
Booking open Available Pune Call Girls Ambegaon Khurd 6297143586 Call Hot In...
Booking open Available Pune Call Girls Ambegaon Khurd 6297143586 Call Hot In...Booking open Available Pune Call Girls Ambegaon Khurd 6297143586 Call Hot In...
Booking open Available Pune Call Girls Ambegaon Khurd 6297143586 Call Hot In...
 
Delhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call Girls
Delhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call GirlsDelhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call Girls
Delhi Call Girls In Atta Market 9711199012 Book Your One night Stand Call Girls
 
TEST BANK For Evidence-Based Practice for Nurses Appraisal and Application of...
TEST BANK For Evidence-Based Practice for Nurses Appraisal and Application of...TEST BANK For Evidence-Based Practice for Nurses Appraisal and Application of...
TEST BANK For Evidence-Based Practice for Nurses Appraisal and Application of...
 

Optimizing Compliance Programs in Organizations: A Top Down Approach

  • 2. Optimizing Compliance Programs in Organizations: A Top-Down Approach March 19, 2015
  • 3. Kevin McCormack Managing Director, Content & Programming kevin.mccormack@ethisphere.com 303.819.9817 We welcome you to submit any questions for the presenters through the chat function you see on your screen. HOST QUESTIONS RECORDING The event recording and PowerPoint will be provided post event. 3
  • 4. Skadden, Arps, Slate, Meagher & Flom LLPCyberattacks 2014 – How to Prepare Today and Respond Tomorrow │4 Danny Goldberg Founder GOLD SRD Terence Lee Regional VP GRC Solutions MetricStream, Inc. SPEAKING TODAY
  • 6. Danny M. Goldberg • Founder, GOLDSRD (www.goldsrd.com) • Former Director of Corporate Audit/SOX at Dr Pepper Snapple Group • Former CAE - Tyler Technologies • Published Author (Book/Articles) • Texas A&M University – 97/98 • Chairman of the Leadership Council of the American Lung Association - North Texas – Calendar Year 2012 • Served on the Audit Committee of the Dallas Independent School District (CY 2008) • Current Dallas and Fort Worth IIA Programs Co-Chair • Fort Worth IIA Board Member • IIA North America Learning Committee Member Certifications: • CPA – Since 2000 • CIA – Since 2008 • CISA – Since 2008 • CGEIT - Since 2009 • CRISC - Since 2011 • CRMA – Since 2011 • CCSA – Since 2007 • CGMA – Since 2012 LAUGH
  • 7. Danny M. Goldberg (cont.) • Highly-Rated, Internationally Recognized Speaker – One of the Top Rated Speakers, 2014 IIA All-Star Conference – 7th Rated Speaker, 2014 ISACA ISRM Conference – One of the Top Rated Speakers, 2014 IIA Mid-Atlantic Conference – One of the Top Rated Speakers, 2014 IIA Gaming Conference – 6th Highest Rated Speaker (out of 116), 2013 IIA International Conference – 3rd and 5th Rated Sessions, 2013 IIA Central Regional Conference – 8th Rated Speaker (out of 120), 2012 IIA International Conference
  • 8. Danny M. Goldberg (cont.) • Published Author – HFTP Journal: Practice Ethics (November 2014) – Bureau of National Affairs - Internal Audit: Fundamental Principles and Best Practices (Professional Commentator) – College & University Auditor (March 2014 Cover) – Project Management – Audit Report Articles (June 2013 Cover, March 2012, March 2011, June 2010 Cover) – “Critical Thoughts on Critical Thinking” – ISACA Journal (May 2012, August 2012) – Internal Auditor Articles (August 2007, December 2007, October 2010) – Dallas Business Journal (January 2011) – “The Yes Man Phenomenon”
  • 9. Agenda • Overview of Compliance and Integration Challenges • Top-Down Risk Based Approach (Centralized Oversight) • Compliance as a key enterprise risk • Key Aspects for Integrated Auditing • Differentiation between External, Internal and Regulatory • Differences (Sample Sizes, Substantive versus Controls) 9
  • 10. Compliance Today • Business is NOT being deregulated; standards are increasing and becoming more stringent • Silo approach to compliance in many large organizations – Little to no integration (competing priorities) – Compliance is not viewed as value-add (“we have to do it”) 10
  • 11. Implications of Lack of Integration • Who owns compliance? Which line of defense? • Limited compliance knowledge in the business/process owners • Advanced preparation becomes a necessity • Lack of separation between auditors (“We get audited all the time”) 11
  • 12. Top-Down Approach • Board Oversight and Support (Compliance Program) • Management Messaging (Continuous) – Focus on Value of Compliance • Continuous Monitoring/Auditing • Incentive Plans tied to Compliance 12
  • 13. Compliance Program • Compliance is Part of Management • Considered at the Strategic/Enterprise Level • Addressed as Part of ERM Program • Address Root Causes when Non- Compliance is uncovered • Consider/Identify business process interdependencies 13
  • 14. Definition of Internal Audit Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. 14
  • 15. Key Enterprise Risks • Focus on Value of Compliance • Top Five risk in most/many industries • Compliance is not optional • Lack of Compliance – Do Not Focus on Fines – Unable to do Business? – Not aligned with Company’s Strategic Objectives? 15
  • 16. Messaging How Do You Get People to Do What They Do Not Want to Do? • Socialize Importance of Compliance • Continuous Communication • Training • Embed in the Business 16
  • 17. Integrated Audit – Natural Similarities Integrated Audit 17
  • 18. Integrated Auditing • Starts at the Top • Umbrella Approach to GRC? – All functions reporting through same authority line • Must start at the Risk Assessment Level – Combine Audit Risks with Compliance Risks (if possible) • Integrate Pool of Auditors 18
  • 19. Types of Continuous GRC • Data Analytics – Continuous Monitoring – Continuous Auditing • Continuous Risk Assessment • Continuous Controls Monitoring • Data Warehousing • Data Mining • Fraud Detection Tool 19
  • 20. Continuous Controls Monitoring • Process performed by management to determine whether policies are operating effectively • Uses automated tests to identify activities and transactions that fail to comply with controls • Allows management to fix control problems timely • Similar to continuous risk assessment – find the key controls, understand how they can be monitored through the system, etc. 20
  • 21. “Who is Auditing Me Now?” • Confusion with Auditees as to who does what • Perception is that audits happen “all the time” – there is no end • Integration will assist perception • Important to delineate between internal and external 21
  • 22. Differences Between Compliance and Internal Audit • Controls testing versus Substantive testing • Non-statistical Sampling versus Statistical Sampling • Concluding on initial sample versus extending sample sizes 22
  • 23. Benefits of Compliance Optimization • Efficiency and Effectiveness of Compliance Process = Money • Real-Time Information (KPI’s) – pushes understanding and acceptance • Increased Readiness to Respond to Third- Parties 23
  • 24. Summary • Compliance must be viewed as a key risk (ERM) • Integration is key to efficiency and effectiveness • Automation (CA/CM) is key to effective response • Can generate new revenue, etc. = Business Opportunity 24
  • 25. © 2015 MetricStream, Inc. All Rights Reserved. Optimizing Compliance Programs in Organizations: A Top-Down Approach Terence Lee Regional Vice President | GRC Solutions MetricStream tlee@metricstream.com
  • 26. © 2015 MetricStream, Inc. All Rights Reserved. Agenda • Challenges faced by the Business today • Facing the Compliance Challenge • Compliance as a Management Function • Benefits of an Effective Compliance Program • Q & A
  • 27. © 2015 MetricStream, Inc. All Rights Reserved. Challenges faced by the Business today
  • 28. © 2015 MetricStream, Inc. All Rights Reserved. Challenges • Addressing changing regulations and mandates. • Management of Regulatory Changes in silos. • Management of policies related to Governance, risk, compliance, ethics, and business conduct. • Lack of systematized operational testing. • Disconnect with BPM and Issue Tracking tools.
  • 29. © 2015 MetricStream, Inc. All Rights Reserved. Facing the Compliance Challenge Managing the Compliances
  • 30. © 2015 MetricStream, Inc. All Rights Reserved. Facing The Compliance Challenge • Standardize Internal Controls – Create a central repository for all types of company’s control systems, including those for operational efficiency, regulatory compliance, and financial reporting. – Have control linkages to related GRC content (regulations, processes, risks etc.) to get a bigger picture . • Use Business Process Management tools – Provide a framework for managing complex processes, ensuring that changes can be made in line with regulations. • Implement Standard Documentation – Have an integrated document repository to store documents pertaining to processes and controls across all subsidiaries. • Simplify Change Management – Enable sharing of documented risks and controls across processes. – Rationalize and reduce documented controls
  • 31. © 2015 MetricStream, Inc. All Rights Reserved. Facing The Compliance Challenge (contd..) • Enable Operational Testing – Test internal controls in a consistent manner across all operations within the company and over time. – Export report data into spreadsheets to simplify the overall operational testing process. • Automate Issue Management – Provide complete visibility into the entire lifecycle of issues – from identification through root cause analysis to remediation. • Enhance Reporting Capabilities – Build executive dashboards which provide enterprise- wide visibility into the internal controls and processes. – Build reports and scorecards for status tracking. – Provide statistics and data by a variety of parameters such as business units, processes, and divisions.
  • 32. © 2015 MetricStream, Inc. All Rights Reserved. Compliance Management Approach
  • 33. © 2015 MetricStream, Inc. All Rights Reserved. Compliance Management Approach Document Mgmt. Translate Rules Into Policies & Procedures Policies & Procedures Rules & Regulations Construct Compliance Strategies Risk / Cost of Compliance Compliance Reporting & Dashboards  G&A  T&E  HR  FCPA, OFAC, AML  Corporate Ethics  Financial Processes  Adherence to Rules & Laws  SEC Rules & Regs.  Financial Controls  Independence  Non-Key Controls  Code of Conduct  OFAC FERC/NERC Controls Self- Testing 3rd Party Testing Training & Certification Notifications & Alerts Attestation Examples Build a control structure that matches company risks
  • 34. © 2015 MetricStream, Inc. All Rights Reserved. A Typical Compliance Management Workflow Planning Organizing Operating Controlling
  • 35. © 2015 MetricStream, Inc. All Rights Reserved. • Risk 1 • Risk 2 • Risk 3 … … … Risks • Control 1 • Control 2 • Control 3 … … … Controls • IT • Function 1 … … … Functions/ Standards • Process 1 • Process 2 • Process 3 … … … Processes • Control Test 1 • Control Test 2 • Control Test 3 … … … Control Tests • Risk-Based • Requirement-Based • Business Unit-Based Risk Assessments • Action Plan • Implement • Monitor Issues • SEC • NASD • PCI • ISO • SOX … Area of Compliance • Regulation 1 • Regulation 2 • Standard 1 • Standard 2 … … References • Policy 1 • Procedure 1 • Work Instruction 1 … … … Policies/Documents Single Platform for Multiple Compliance Programs
  • 36. © 2015 MetricStream, Inc. All Rights Reserved. Benefits of an Effective Compliance Program
  • 37. © 2015 MetricStream, Inc. All Rights Reserved. Benefits • Reduced Cost, Time, and Effort – Automated information flows, assessments and testing, and remediation assignments will reduce over all compliance costs. • Increased Efficiency and Collaboration – Groups will be able to carry out team activities in a productive manner within the collaborative environment. – Business will understand, control and manage business processes within strict tolerances. • Streamlined Change Control – Integrated document management with change control capabilities will keep documentation and processes in sync. This will significantly reduced the amount of redo of documentation for ongoing compliance. • Enhanced Transparency and Visibility – Risk of non-compliance will reduce, assuring the executives of higher customer and investor confidence. • Improved Reporting Capabilities – Enterprise-wide visibility into the financial controls management and compliance process will improve and also highlight issues that need to be addressed.
  • 38. © 2015 MetricStream, Inc. All Rights Reserved. • Over 1,700 employees • Headquarters in Palo Alto, California with offices worldwide • Over 350 enterprise customers • Privately held – backed by leading global VCs, including Goldman Sachs About MetricStream Integrated Governance, Risk and Compliance for Better Business PerformanceVision Solutions • Enterprise Risk Management • Operational Risk Management • Vendor Risk Management • Audit Management • Third Party Management Partners Differentiators • Technology - GRC Platform – 9 Patents • Breadth of Solutions – Single Vendor for all GRC needs • Cross-industry Best Practices and Domain Knowledge • ComplianceOnline.com - Largest Compliance Portal on the Web •GRCIntelligence.com- One stop solution for curated intelligence Organization • EHS & Sustainability • Compliance Management • SOX Compliance • IT-GRC • Quality Management
  • 39. Q&A
  • 40. This webcast and all future Ethisphere webcasts are available complimentary and on demand for BELA members. BELA members are also offered complimentary registration to Ethisphere’s Global Ethics Summit and other Summits around the world. For more information on BELA contact: Laara van Loben Sels Senior Director, Engagement Services laara.vanlobensels@ethisphere.com 480.397.2663 Business Ethics Leadership Alliance (BELA)
  • 41.