Compliance - Revision history

User at 13:12, 4 January 2023

2023-01-04T13:12:21Z

User at 13:05, 4 January 2023

2023-01-04T13:05:39Z

User at 12:45, 4 January 2023

2023-01-04T12:45:27Z

User at 12:42, 4 January 2023

2023-01-04T12:42:25Z

Show changes

User at 00:30, 29 November 2022

2022-11-29T00:30:20Z

User at 12:40, 22 November 2022

2022-11-22T12:40:59Z

User: The LinkTitles extension automatically added links to existing pages (https://github.com/bovender/LinkTitles).

2021-02-06T14:43:17Z

The LinkTitles extension automatically added links to existing pages (https://github.com/bovender/LinkTitles).

Show changes

User at 14:22, 15 February 2019

2019-02-15T14:22:00Z

User: Regulatory compliance describes the goal that organisations aspire to achieve in their efforts to ensure that they are aware of and take steps to comply with relevant laws and regulations.

2018-12-13T18:18:25Z

Regulatory compliance describes the goal that organisations aspire to achieve in their efforts to ensure that they are aware of and take steps to comply with relevant laws and regulations.

Show changes

User: Created page with "'''Content Coming Soon'''"

2018-12-04T22:28:32Z

Created page with "'''Content Coming Soon'''"

New page

'''Content Coming Soon'''

← Older revision		Revision as of 13:12, 4 January 2023
Line 80:		Line 80:
	===See Also===		===See Also===
	*[[Compliance Audit]]		*[[Compliance Audit]]
		+	*[[IT Governance]]
		+	*[[Corporate Governance]]
		+	*[[Information Governance (IG)]]
		+	*[[Risk Management]]
		+	*[[Risk IT Framework]]
		+	*[[Enterprise Risk Management (ERM)]]
		+	*[[Information Management]]
		+	*[[Resource Management]]
		+	*[[Records Management]]
		+	*[[Enterprise Content Management (ECM)]]
		+	*[[Enterprise Data Integration (EDI)]]
		+	*[[Enterprise Information Integration (EII)]]
		+	*[[Enterprise Information Management (EIM)]]
		+	*[[Information Security Governance]]
		+	*[[Data Governance]]
		+	*[[E-Governance]]
		+	*[[Policy Governance]]
		+	*[[Social Media Governance]]

@@ Line 1: / Line 1: @@
-In general, compliance means conforming to a rule, such as a specification, [[policy]], [[standard]] or law. Regulatory compliance describes the goal that organisations aspire to achieve in their efforts to ensure that they are aware of and take steps to comply with relevant laws and regulations. Due to the increasing number of regulations and need for operational transparency, organizations are increasingly adopting the use of consolidated and harmonized sets of compliance controls. This approach is used to ensure that all necessary governance requirements can be met without the unnecessary duplication of effort and activity from resources. <ref>Definition - What is Compliance? [https://en.wikipedia.org/wiki/Regulatory_compliance Wikipedia]</ref>
+In general, compliance means conforming to a rule, such as a specification, policy, standard or law. Regulatory compliance describes the goal that organisations aspire to achieve in their efforts to ensure that they are aware of and take steps to comply with relevant laws and regulations. Due to the increasing number of regulations and need for operational transparency, organizations are increasingly adopting the use of consolidated and harmonized sets of compliance controls. This approach is used to ensure that all necessary governance requirements can be met without the unnecessary duplication of effort and activity from resources. <ref>Definition - What is Compliance? [https://en.wikipedia.org/wiki/Regulatory_compliance Wikipedia]</ref>
@@ Line 79: / Line 79: @@
 ===See Also===
-[[IT_Governance|IT Governance]]<br />
+*[[Compliance Audit]]
@@ Line 104: / Line 87: @@
 ===Further Reading===
-*Explaining Compliance: Business Responses to Regulation [http://thejournalofregulation.com/en/article/parker-christine-and-lehman-nielsen-vibeke-eds/ Christine Parker, Vibeke Lehmann Nielsen]
+*[http://thejournalofregulation.com/en/article/parker-christine-and-lehman-nielsen-vibeke-eds/ Explaining Compliance: Business Responses to Regulation  -Christine Parker, Vibeke Lehmann Nielsen]
-*Corporate Governance in an Era of Compliance [https://corpgov.law.harvard.edu/2016/05/10/corporate-governance-in-an-era-of-compliance/ Harvard.edu]
+*[https://corpgov.law.harvard.edu/2016/05/10/corporate-governance-in-an-era-of-compliance/ Corporate Governance in an Era of Compliance  Harvard.edu]
-*Why is compliance so important in business operations? [http://www.yomiuri.co.jp/adv/chuo/dy/people/20160908b.html Ted Sugiyama]
+*[http://www.yomiuri.co.jp/adv/chuo/dy/people/20160908b.html Why is compliance so important in business operations? -Ted Sugiyama]
-*Regulatory Compliance when the Rule of Law Is Weak: Evidence from China’s Environmental Reform [https://academic.oup.com/jpart/article-abstract/26/1/95/2614389 Wai-Hang Yee  Shui-Yan Tang  Carlos Wing-Hung Lo]
+*[https://academic.oup.com/jpart/article-abstract/26/1/95/2614389 Regulatory Compliance when the Rule of Law Is Weak: Evidence from China’s Environmental Reform -Wai-Hang Yee  Shui-Yan Tang  Carlos Wing-Hung Lo]

@@ Line 51: / Line 51: @@
 '''Creating a Compliance Roadmap'''<ref>Creating a Compliance Roadmap [https://www.concur.com/newsroom/article/what-does-compliance-mean-to-your-company Concur]</ref><br />
 Compliance is a multifaceted and complex matter. It requires a well-thought out plan with the right policies and procedures in place to ensure requirements are met in a timely manner and a pristine record-keeping system to document those procedures. Depending upon the size and focus of your business, you may opt to have an in-house compliance professional or entire department working to identify, prevent, monitor, resolve and advise with regard to compliance risks. Don’t leave compliance to chance. Be proactive in your efforts to meet all of your obligations and rest easy at night knowing that you are on the right path. Compliance or acting according to a set of rules is a fact of doing business whether you are a business owner, executive, HR manager or sales representative. Navigating the path to compliance requires proactive planning and organization but doesn’t have to be overwhelming. The following four common areas of compliance must be considered when creating your compliance road map.
-*Human resources: Human resources covers a vast amount of important issues and requires a compliance deep dive. Failure to comply with even a single human resource policy can land your company in a legal mess. Review your human resources policies and procedures at least once per year to assure they are in compliance. Keep up with changing Affordable Care Act (ACA) provisions and if your company is growing, find out at what number of employees your compliance requirements change. Stay current on what constitutes a workplace and telecommuting, marriage equality and benefits, and preventing harassment and discrimination in the workplace.
+*[[Human Resources]]: Human resources covers a vast amount of important issues and requires a compliance deep dive. Failure to comply with even a single human resource policy can land your company in a legal mess. Review your human resources policies and procedures at least once per year to assure they are in compliance. Keep up with changing Affordable Care Act (ACA) provisions and if your company is growing, find out at what number of employees your compliance requirements change. Stay current on what constitutes a workplace and telecommuting, marriage equality and benefits, and preventing harassment and discrimination in the workplace.
 *[[Workplace Safety]]: The Occupational Safety and Health Administration (OSHA) is a national public health agency committed to protecting workers from hazards at work. This means your office, retail or manufacturing space must meet all applicable local and federal guidelines for safety. Conduct regular safety checks, fire drills and inspections by the appropriate governing agencies. In addition, train employees to meet any operational guidelines or your workplace will not be compliant.
 *[[Financial Services]]: Financial services regulations should be at the top of your “compliance” list. Failing to pay your withholding, workers comp or quarterly income tax is the fastest way to land on the radar of the I.R.S. and other governmental taxing authorities. Unlike private corporations to whom you owe money, the government can shut down your company.  Financial services regulators work for the protection of investors/consumers, to ensure fair markets, to reduce systematic risk and financial crime and to maintain consumer confidence in the financial system. Anything your business does to compromise these will land you in hot water.

@@ Line 42: / Line 42: @@
 **(b) to evaluate periodically the effectiveness of the compliance and ethics program and
 **(c) to have and publicize a system, which may include mechanisms that allow for anonymity or confidentiality, whereby the organization’s employees and agents may report or seek guidance regarding potential or actual criminal conduct without fear of retaliation.
-*Consistent Enforcement,  [[Incentives]] and Discipline. The organization’s compliance and ethics program must be promoted and enforced consistently throughout the organization through appropriate
+*Consistent Enforcement,  Incentives and Discipline. The organization’s compliance and ethics program must be promoted and enforced consistently throughout the organization through appropriate
 **(a) incentives to perform in accordance with the compliance and ethics program and
 **(b) disciplinary measures for engaging in criminal conduct and for failing to take reasonable steps to prevent or detect criminal conduct.

@@ Line 88: / Line 88: @@
 [[Resource_Management|Resource Management]]<br />
 [[Records_Management|Records Management]]<br />
 [[Enterprise_Content_Management_(ECM)|Enterprise Content Management (ECM)]]<br />
 [[Enterprise_Data_Integration_(EDI)|Enterprise Data Integration (EDI)]]<br />

@@ Line 3: / Line 3: @@
 '''Compliance: Standards and Regulations'''<ref>What are some prominent regulations, standards and legislation with which organizations may need to be in compliance? [http://searchdatamanagement.techtarget.com/definition/compliance Techtarget]</ref><br />
-Compliance is a prevalent business concern, partly because of an ever-increasing number of regulations that require companies to be vigilant about maintaining a full understanding of their regulatory compliance requirements. IT compliance guidelines vary by country; SOX, for example, is a U.S. legislation. Similar legislation in other countries includes Germany's Deutscher Corporate Governance Kodex and Australia's Corporate Law Economic Reform Program Act 2004. As a result, multinational organizations must be cognizant of the regulatory compliance requirements of each country they operate within. As regulations and other guidelines have increasingly become a concern of corporate management, companies are turning more frequently to specialized compliance software and IT compliance consultancies. Many organizations have even added compliance jobs such as a chief compliance officer (CCO). Some prominent regulations, standards and legislation with which organizations may need to be in compliance include:
+Compliance is a prevalent business concern, partly because of an ever-increasing number of regulations that require companies to be vigilant about maintaining a full understanding of their regulatory compliance requirements. IT compliance guidelines vary by country; [[Sarbanes Oxley Act (SOX)|SOX]], for example, is a U.S. legislation. Similar legislation in other countries includes Germany's Deutscher Corporate Governance Kodex and Australia's Corporate Law Economic Reform Program Act 2004. As a result, multinational organizations must be cognizant of the regulatory compliance requirements of each country they operate within. As regulations and other guidelines have increasingly become a concern of corporate management, companies are turning more frequently to specialized compliance software and IT compliance consultancies. Many organizations have even added compliance jobs such as a chief compliance officer (CCO). Some prominent regulations, standards and legislation with which organizations may need to be in compliance include:
-*Sarbanes-Oxley Act (SOX) of 2002: SOX was enacted in response to the high-profile Enron and WorldCom financial scandals to protect shareholders and the general public from accounting errors and fraudulent practices in the enterprise. Among other provisions, the law sets rules on storing and retaining business records in IT systems.
+*[[Sarbanes Oxley Act (SOX)|Sarbanes-Oxley Act (SOX)]] of 2002: SOX was enacted in response to the high-profile Enron and WorldCom financial scandals to protect shareholders and the general public from accounting errors and fraudulent practices in the enterprise. Among other provisions, the law sets rules on storing and retaining business records in IT systems.
-*Can Spam Act of 2003: The Can Spam Act requires businesses to label commercial emails as advertising, use legitimate return email addresses, provide recipients with opt-out options and process opt-out requests with 10 business days.
+*[[CAN-SPAM Act of 2003|Can Spam Act of 2003]]: The Can Spam Act requires businesses to label commercial emails as advertising, use legitimate return email addresses, provide recipients with opt-out options and process opt-out requests with 10 business days.
-*Health Insurance Portability and Accountability Act of 1996 (HIPAA): HIPAA Title II includes an administrative simplification section that mandates standardization of electronic health records systems and includes security mechanisms designed to protect data privacy and patient confidentiality.
+*[[Health Insurance Portability and Accountability Act (HIPAA)|Health Insurance Portability and Accountability Act (HIPAA)]] of 1996: HIPAA Title II includes an administrative simplification section that mandates standardization of electronic health records systems and includes security mechanisms designed to protect data privacy and patient confidentiality.
-*Dodd-Frank Act: Enacted in 2010, this act aims to reduce federal dependence on banks by subjecting them to regulations that enforce transparency and accountability in order to protect customers.
+*[[Dodd–Frank Wall Street Reform and Consumer Protection Act|Dodd-Frank Act]]: Enacted in 2010, this act aims to reduce federal dependence on banks by subjecting them to regulations that enforce transparency and accountability in order to protect customers.
-*Payment Card Industry Data Security Standard (PCI DSS): PCI DSS is a set of policies and procedures created in 2004 by Visa, MasterCard, Discover and American Express to ensure the security of credit, debit and cash card transactions.
+*[[Payment Card Industry Data Security Standard (PCI DSS)|Payment Card Industry Data Security Standard (PCI DSS)]]: PCI DSS is a set of policies and procedures created in 2004 by Visa, MasterCard, Discover and American Express to ensure the security of credit, debit and cash card transactions.
-*Federal Information Security Management Act (FISMA): Signed into law in 2002, FISMA requires federal agencies to conduct annual reviews of information security programs, in order to keep risks to data at or below specified acceptable levels.
+*[[Federal Information Security Management Act (FISMA)|Federal Information Security Management Act (FISMA)]]: Signed into law in 2002, FISMA requires federal agencies to conduct annual reviews of information security programs, in order to keep risks to data at or below specified acceptable levels.