Earlier today following my online seminar, “Effective Training and Awareness: The Key to Information Security Success” (http://gocsi.com/Training2011/OD/Awareness), I received the following question:
Where might I locate a summary breakdown of training regulations by industry? i.e. Pharma
Organizations have faced legal and regulatory requirements for literally decades. However, IT compliance is relatively young.
U.S. healthcare organizations reacted with alarm over the passage of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The U.S. financial organizations soon followed suit with their reaction to the passage of the Gramm Leach Bliley Act (GLBA), also known as the Financial Modernization Act, of 1999. But probably the biggest whammy felt by the largest numbers of organizations was the passage of the Sarbanes Oxley (SOX) Act of 2002.
On September 17 the COSO “Guidance on Monitoring Internal Control Systems” discussion document was released, with public comment on the paper being accepted until October 31.
On August 21, 2007, there was a significant court decision made possibly impacting future Sarbanes-Oxley Act decisions in “CENTRAL LABORERS‚Äô PENSION FUND v.INTEGRATED ELECTRICAL SERVICES INC; HERBERT ALLEN; WILLIAM W REYNOLDS; JEFFREY PUGH”
Today is the last day of Norwich University’s Masters programs residency week; this afternoon is graduation.
It has been a great week…I have loved chatting with the students and faculty, and I’ve compiled a page full of topics I want to research and blog about!
Yesterday the U.S. Securities and Exchange Commission (SEC) approved new guidance documents for SOX Section 404 compliance, modernization of smaller company capital — raising and disclosure requirements, and voted to adopt final rules to implement the Credit Rating Agency Reform Act of 2006.
On May 16 Financial Executives International (FEI) announced the results of their sixth Sarbanes-Oxley (SOX) compliance survey, based upon a poll of 200 companies subject to SOX. They’ll charge you $99 for the report if you aren’t an FEI member.
However, they give you some teasers on their site:
Something that has irritated me for a very long time are vendors who see a chance to make a quick buck off of worried organizations, afraid they are not going to be in compliance with new laws, and create junk products to sell to them using fear, uncertainty and doubt (FUD). FUD products.
I saw a lot of HIPAA FUD back when that regulation went into effect, and saw way too many people spending way too much money for so-called HIPAA security and privacy certifications offered by vendors who did not even have anyone on staff with any type of healthcare provider, payer or clearinghouse practitioner experience. Not to mention HIPAA compliance solutions.
Yesterday the SEC issued a press release regarding a Public Company Accounting Oversight Board (PCAOB) proposal for a new auditing standard for Section 404 of the Sarbanes-Oxley (SOX) Act. The goal of the proposal will be to strengthen investor protection while getting rid of what is referenced as the “unduly expensive and inefficient auditing standard under Section 404.”
Subscribe to this site's RSS feed. However over icon to see which services are supported.