Governance | by OCEG the Open Compliance and Ethics Group

OCEG Contributed

OCEG 2010 GRC Maturity Survey

Board Matters Quarterly, July 2007 Issue

Ethics and Compliance Risk Management (LRN, 2007)

LRN 2007 ethics and compliance risk management practices report

An Integrated Approach to Managing Governance, Risk, and Compliance (SAP, 2006)

A Pathway to Principled Performance®: The OCEG Framework Approach to Integrated GRC

Findings from The OCEG GRC Strategy Study: How we develop, manage and evaluate GRC efforts

Federal Sentencing Guidelines: Key Points and Profound Changes (ERC, 2004)

FSGO Series (ERC)

EthicsWorld: Surveys and Trends

New Rules of Engagement for Crisis Management (2007)

Survey: Majority of b-to-b marketers lack crisis plan (2007)

Protect your company from reputation crises (2007)

Risk Management Toolkit

CFO Project, The

Turning the Compliance Challenge Into a Business Advantage - A SAP Industry Brief (SAP, 2006)

Governance, Risk, and Compliance Mangement: realizing the Value of Cross-Enterprise Solutions (SAP, 2007)

The Stick and the Carrot Charting the Rapid Rise of Enterprise Governance, Risk and Compliance Management (2004)

Creating the "Wholly Sustainable Enterprise" A Practical Guide to Driving Shareholder Value Through Enterprise Sustainability (Deloitte, 2007)

Unexpected Benefits of Sarbanes-Oxley, The (2006)

ConsortiumInfo.org Standards MetaLibrary

OTS, Corporate Governance and Oversight by the Boards of Director Program (Examination Handbook, January 2009)

Why Corporate Defence Management is a Strategic Imperative (2006)

Challenges Facing Contemporary Corporate Defense (2006)

An Executive Guide to Corporate Defence Management (CDM) (2006)

Corporate Defence Continuum, Governance, Risk and Compliance, The (Part 1) (2007)

CRO's 10 Best Corporate Citizens by Industry (2007)

Post-Sarbox, Are Restatements Relevant? (2007)

SEC Outlines Obstacles to Good Compliance (2007)

ANSI - ISO Programs

GRC Journal

Creating a Computer Security Incident Response Team: A Process for Getting Started (2002, Last Updated 2006)

GRC360: A framework to help organisations drive principled performance (2007)

Impact of the Sarbanes-Oxley Act on Information Quality in Capital Markets, The (2007)

Board Oversight of Information Technology - Data Privacy and Data Security: The New Imperative (2007)

Governance, Risk and Compliance Strategy Still a Priority (2008)

Embracing Commitment and Performance: CEOs and Practices Used to Manage Paradox (2008)

Working Knowledge for Business Leaders, Harvard Business School

Volume 5, Issue 1 (February 2008)

Volume 4, Issue 2 (May 2007)

Volume 4, Issue 3 (August 2007)

Volume 4, Issue 4 (November 2007)

GAO, Effectively Implementing the Government Performance and Results Act (1996)

RiskMetrics Group, Risk & Governance Blog

Ask the Analysts: GRC Techology 2008

FASB, FAS 162, The Hierarchy of Generally Accepted Accounting Principles (2008)

Internal Audit Comes of Age (2008)

Executive Pay in Europe (2008)

ITGI's VAL IT Framework

Accountability Central

SarbanesOxleyFocus.com

Achieving Best Practices for Corporate Performance (2008)

Managing the Business Risk of Fraud: A Practical Guide (2008)

Driving Principled Performance: A Framework for Establishing and Evaluating GRC Capability

Have You Looked under the Hood of Your Fraud Program Lately? (2008)

Latest U.S. Governance Trends 2008 (2008)

2008 Annual Report: IT Governance, Risk and Compliance - Improving Business Results and Mitigating Financial Risk Research Report (2008)

Risk Intelligent Approach to Corporate Responsibility & Sustainability, The (2008)

DOJ, Remarks Prepared for Delivery by Deputy Attorney General Mark R. Filip at Press Conference Announcing Revisions to Corporate Charging Guidelines (2008)

Board Evaluations - Deloitte's Center for Corporate Governance

Corporate Governance 101 - Has Singapore Got it Right? (2007)

Trust Services: A Better Way to Evaluate I.T. Controls (2005)

EU Directive 2006/68/EC as regards the formation of public limited liability companies (2006)

EU Directive 2006/46/EC of the European Parliament and of the Council of 14 June 2006 amending Council Directives 78/660/EEC on the annual accounts of certain types of companies, 83/349/EEC on consolidated accounts ... (2006)

EU, European Commission, Modernisation of Company Law and Enhancement of Corporate Governance

FASB/IASB - Completing the February 2006 Memorandum of Understanding: A progress report and timetable for completion (2008)

Buckle Up (On the road to IFRS) (Deloitte, 2008)

PCAOB, Auditing Standard No. 6, Evaluating Consistency of Financial Statements (2008)

SEC, PCAOB: Order Approving Proposed Ethics and Independence Rule 3526, Communication with Audit Committees Concerning Independence, Amendment to Interim Independence Standards, et al (2008)

UK Corporate Governance Codes and Reports, The Institute of Charted Accountants in England and Wales (ICAEW)

Deloitte's Center for Corporate Governance, Executive Compensation, Articles Collection

IT for GRC: Improving Information Quality

Risk Intelligence

Issue and Incident Investigation

Managing Compliance Requirements

Ask the Analysts

Corporate Eye

BIS, Enhancing Corporate Governance for Banking Organisations (Basel Committee on Banking Supervision, 2006)

Compendium of Ethics Codes and Instruments of Corporate Responsibility (2007)

International Institute for Sustainable Development ISO 26000 CSR Guidance Web Page

ISO, Social Responsibility - ISO 26000

York University - CSR: List of Comprehensive Codes

Legal Literacy.com - Building Bridges Between Business and Law

A Unified Approach to GRC

Volume 5, Issue 2 (May 2008)

Volume 5, Issue 3 (July 2008)

From internal control to enterprise risk management (2005)

COSO, Internal Control - Integrated Framework, Guidance on Monitoring Internal Control Systems: Volume II - Guidance (Exposure Draft, 2008)

COSO, Internal Control - Integrated Framework Guidance on Monitoring, Internal Control Systems, Volume III - Application Techniques (Exposure Draft, June 2008)

Effective Corporate Governance Frameworks: Encouraging Enterprise and Market Confidence (ICAEW, 2006)

Board Responsibilities and Creating Value: Demonstrating Leadership and Accountability (ICAEW, 2006)

Talking Governance: Board Shareowner Communications on Executive Compensation (Deloitte, Millstein Center, 2008)

SEC, Investment Advisor Codes of Ethics, Final Rule (2004)

AICPA, Auditing Standards

Policy Statement on Corporate Governance (TIAA-CREF, 5th Ed, 2007)

International Standards of Supreme Audit Institutions (ISSAI)

INTOSAI Guidance for Good Governance (INTOSAI GOV)

Enterprise Risk Management: Tools and Techniques for Effective Implementation (IMA, 2007)

IT Governance Standard, ISO/IEC 38500:2008 Order Page (2008)

ISO/IEC 27006:2007 Order Page: Information technology -- Security techniques -- Requirements for bodies providing audit and certification of information security management systems (2007)

Member Contributed

EthicsPoint: Tools and Insight to Achieve Corporate GRC Maturity

Federal Financial Institutions Examination Council (FFIEC) IT Handbook Infobase

American Society for Quality

Ethics Audit Essential for Every Business (2004)

UK, Office of Government Commerce (OGC) Successful Delivery Toolkit

SEC, Code of Ethics

FAQs for COSO's Enterprise Risk Management Integrated Framework

COSO, Enterprise Risk Management Integrated Framework: Executive Summary

DHS, Risk Management Approaches to Protection (October 2005)

COSO, Order page for the full text of the Enterprise Risk Management Integrated Framework (2004)

Enterprise Governance: Getting the Balance Right (2003)

Sarbanes-Oxley Sections 302 & 404: A White Paper Proposing Practical, Cost Effective Compliance Strategies (April 2003)

Corporate Ethics and Sarbanes-Oxley (2003)

Federal Sentencing Guideline Manual, 2006 (Complete Text with Links to Appendices)

International Organization for Standardization (ISO)

ISO, 14000 Family of International Standards

ISO 14001:2004 - Environmental management systems -- Requirements with guidance for use (Purchase Site)

ISO Management Standards - Specific applications

Nasdaq Code of Conduct for the Board of Directors

Nasdaq, Summary of Corporate Governance Proposals

Nasdaq, Corporate Governance (2004)

NASD and NYSE Rulemaking: Relating to Corporate Governance (November 4, 2003)

NASDAQ Stock Market, Inc. Corporate Governance Guidelines for the Board of Directors

NASDAQ Legal and Compliance Page

NASDAQ, Corporate Governance Resources

New York Stock Exchange (NYSE)

New York Stock Exchange (NYSE) Listed Company Manual

New York Stock Exchange (NYSE), Corporate Governance

SEC, NYSE Rulemaking Page

SEC, Final Rule on Investment Corporate Governance, Commission response to remand by Court of Appeals (2005)

World Bank: Principles of Best Practice and Codes

Corporate Governance: CorpGov.Net

European Corporate Governance Institute (ECGI)

Business Roundtable, Statement on Corporate Governance (1997)

Business Roundtable: Principles of Corporate Governance 2005

International Corporate Governance Network (ICGN)

OECD Principles of Corporate Governance, as Revised (2004)

Organisation for Economic Co-operation and Development (OECD)

World Bank, Reports on the Observance and Standards of Codes (ROSC), Corporate Governance Topic Page

Moody's Corporation, Corporate Governance Principles

GAO Report: Highlights of GAO's Corporate Governance, Transparency, and Accountability Forum (2002)

U.S. State Department, Promoting Growth Through Corporate Governance (February 2005)

Comptrollers Handbook, Office of the Comptroller of the Currency (OCC)

Global Association of Risk Professionals (GARP)

Risk Magazine

Sarbanes-Oxley 'Ax', The (2005)

Corporate Compliance Programs in the Aftermath of Sarbanes-Oxley (ABA)

Business Ethics and Compliance in the Sarbanes-Oxley Era (2003)

Public Company Accounting Oversight Board: Standards Setting, Text of Auditing Standards and Standards Related Rules

Business Ethics: A Manual for Managing a Responsible Business Enterprise in Emerging Market Economies (ITA)

GAO Forum on Governance and Accountability: Challenges to Restore Public Confidence in U.S. Corporate Governance and Accountability Systems (2003)

General Rules and Regulations Promulgated under the Securities Exchange Act of 1934

Enterprise Risk Management Resources: The Many Faces of Risk

Government in Financial Services: Options and Dilemmas (Ernst & Young, 2009)

Directive on Information Relating to Corporate Governance, SWX Swiss Exchange, Switzerland (2002)

Swiss Code of Best Practice for Corporate Governance (2002)

COSO Internal Control Framework Resources

SEC Final Rule: Management's Report on Internal Control over Financial Reporting Implementing SOX Section 404 (2003)

FDIC, Strategies for Enhancing Corporate Governance, Audit Report No. 04-032 (2004)

International Trade Administration (ITA), Good Governance Site

Index of Risk Assessment Articles, Information Systems Audit and Control Association (ISACA)

Federal Sentencing Guidelines Manual §8B2.1. Effective Compliance and Ethics Program (2010)

Time Is Ticking On QAS Compliance

Sustaining SOX Compliance: Moving from chaos to consistency (2005)

Time to Consider Revising Compliance and Ethics Programs in Light of New Federal Sentencing Guidelines (2004)

Federal Sentencing Guidelines: Enterprise Risk Management (2004)

SEC, Spotlight On: Internal Control Reporting Provisions

Enterprise Risk Management Specialty Guide May 2006 (Society of Actuaries)

United Kingdom, The Orange Book Management of Risk - Principles and Concepts (2004)

International Institute for Public Ethics (IIPE): The Open Corporation: Evaluation of Corporate Self-Regulation of Responsibility

Top Ten Compliance Challenges for the Health Care Industry (2005)

NIST: Risk Management Guide for Information Technology Systems (2002)

GAO, Information Security Risk Assessment: Practices of Leading Organizations (1999)

GAO, Risk Management: Further Refinements Needed to Assess Risks and Prioritize Protective Measures at Ports and Other Critical Infrastructure (2005)

DOJ, Holder Memorandum, Bringing Criminal Charges Against Corporations, Federal Prosecution of Corporations (June 16, 1999)

APQC Process Classification Framework

OCEG Corporate Governance Maturity Model

GRC Issues, Professional Blogs

International Journal of Disclosure and Governance

NACD - Frequently Asked Questions in Corporate Governance (FAQs)

Corporate Governance Alliance Digest: Special Issue on Corporate Governance Reform (July 2006)

Enterprise Risk Management Initiative

A Model of Maturity: The OCEG Corporate Governance Maturity Model (2007)

Sarbanes-Oxley and Corporate Risk-Taking (2007)

Federation of European Risk Management Associations (FERMA)

Australia, Better Practice Guides, Appendix 6 - Risk Management

SAPinsider Magazine: Governance, Risk Management, and Compliance

Power of Principles: How to Get Back to Business Through Sensible Integration of Governance, Risk, and Compliance (PWC, May 25, 2007)

ERM Institute International, Ltd (ERM-II)

Professional Risk Managers International Association (PRMIA)

Society for Risk Analysis (SRA)

United Kingdom's Turnbull Report Financial Reporting Council Internal Control Revised Guidance for Directors on the Combined Code, October 2005

ERM: Frameworks, Elements, and Integration (2006)

Asian Corporate Governance Association (ACGA)

Tokyo Stock Exchange (TSE)

Risk Management Magazine (Australia)

IT Audit Checklist: Risk Management (2006)

China Moves to Enhance Corporate Social Responsibility in Multinational Companies (2006)

Society of Corporate Secretaries and Governance Professionals

Corporate Secretary & Governance Professional Newsletter