Corporate Governance

What is the cost of non compliances to the regulation? here is the list, from Sarbanes Oxley to HIPAA

Sarbanes Oxley Act
1. Action: Altering, destroying, or concealing any records with the intent of obstructing a federal investigation.
Penalties: Fine and/or up to 10 years’ imprisonment.

2. Action: Failure to maintain audit or review "workpapers" for at least five years.
Penalties: Fine and/or up to 5 years’ imprisonment.

3. Action: Anyone who "knowingly executes, or attempts to execute, a scheme" to defraud a purchaser of securities.
Penalties: Fine and/or up to 10 years’ imprisonment.

4. Action: CEO or CFO who 'recklessly' violates his or her certification of the company’s financial statements.
Penalties: Fine of up to $1 million and/or up to 10 years’ imprisonment.

5. Action: If the violation is 'willful,' the penalty increases. up to 20 years’
Penalties: Fine of up to $5 million and/or imprisonment.

What could give triggers of unethical employee behavior, Here is the list.

1. Efforts to Balance Work and Family

2. Poor Internal Communications

3. Poor Leadership

4. Unbalance Work hours or Work load

5. Lack of Management Support

6. Need to Meet Certain Target (e.g sales, budget, profit goals)

The Gramm-Leach-Bliley Act (GLBA) was enacted by the United States government in 1999. GLBA, also known as the Financial Services Modernization Act of 1999, protects the privacy and security of private financial information that financial institutions collect, hold, and process. The privacy component of this act requires financial institutions to provide customers with an annual notice of their privacy practices, and to provide them the option to direct financial institutions not to share such information.

The safeguards component of the regulation requires financial institutions to establish a comprehensive security program to

Download Free Outsourcing IT Project Vendor Financial Information - Request for Proposal Checklist

1 Base Fees.
1.1 Specify vendor’s overall base fees, presented as fixed annual payments over the term.
1.2 At a minimum, the vendor’s base charges should include information technology services that Customer provides for itself through its own personnel as of the date of the outsourcing agreement, as such services may evolve during the term.
1.3 [The base fees should include a compounded annual growth rate of [NUMBER] percent.]
1.4 [The vendor must reconcile its final pricing structure to Customer’s [***] budget, which is attached as Appendix [NUMBER].]
1.5 All cost areas, including vendor responsible, pass-through, and Customer-retained cost areas, should be detailed by subarea (e.g., data center, AS/400s) over each of the years of the term.
1.6 Provide your base fees, broken down into separate pricing for each of the following subareas for each of the years of the term:

Download Free Information Technology Cost-benefit Analysis Checklist (swjdgfvx68)

- Determining the impact of implementing the new or enhanced controls
- Determining the impact of not implementing the new or enhanced controls
- Estimating the costs of the implementation of Hardware and software purchases
- Estimating the costs of the implementation of Reduced operational effectiveness if system performance or functionality is reduced for increased security