P3. Policies

Order by:Group by:

OCEG Contributed

OCEG One Minute Poll: Policy Management March 2011
Effective Policy Management and Communication
Policy Management Illustrated Series - #1 Effective Policy Management
Policy Management Illustrated Series - #6 Measurement and Assessment
P3 Politicas -v2.1
Managing the Business Risk of Fraud: A Practical Guide (2008)
BusinessStandards.com
From internal control to enterprise risk management (2005)
COSO, Internal Control - Integrated Framework, Guidance on Monitoring Internal Control Systems: Volume II - Guidance (Exposure Draft, 2008)
COSO, Internal Control - Integrated Framework Guidance on Monitoring, Internal Control Systems, Volume III - Application Techniques (Exposure Draft, June 2008)
IT Governance Standard, ISO/IEC 38500:2008 Order Page (2008)
ISO/IEC 27006:2007 Order Page: Information technology -- Security techniques -- Requirements for bodies providing audit and certification of information security management systems (2007)
AS8015-2005 - Australian Standard for Corporate Governance of Information and Communication Technology (ICT)
SEC, Enforcement Manual (2008)
Business Continuity Maturity Model® (BCMM®)
SEC Publishes Its Guidance for Management on Evaluating Internal Controls (FSA, IIA, 2007)
OCEG One Minute Poll: How do You Manage Policies?
Brabeion Software Joins the Open Compliance and Ethics Group's Technology Council
OCEG for Technology
Managing Legal & Regulatory Policies and Procedures - How do You Measure Up?
OCEG One Minute Poll: Policy Management - How do You Measure Up?
EU, European Commission's Site on Corporate Social Responsibility
Final Guidance on Sound Incentive Compensation Policies (June 25, 2010)
Corporate Governance and Executive Compensation Provisions of the Dodd-Frank Act (July 2010)
Brief Summary of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010
Asian Corporate Governance Association (ACGA) - Singapore Codes and Rules
Future of Finance: Driving Business Value Through Performance of the Finance Function (Ernst & Young, 2010)
The Maturity of GRC in the Public Sector: Where Are We Today? Where Are We Going? (2010)

Member Contributed

Operational Controls
Sarbanes-Oxley Sections 302 & 404: A White Paper Proposing Practical, Cost Effective Compliance Strategies (April 2003)
International Organization for Standardization (ISO)
ISO, 14000 Family of International Standards
ISO Management Standards - Specific applications
ISO, Quality management principles
ISO 9001 Auditing Practices Group
ISO 9001 Accreditation Auditing Practices Group
ISO Code of Ethics
ISO Annual Reports
ISO Strategic Plan 2005 – 2010
New York Stock Exchange (NYSE) Listed Company Manual
Fraud Prevention: An Investment No One Can Afford to Forego (2006)
Corporate Codes of Ethics - BellSouth Office of Ethics and Compliance
Corporate Codes of Ethics - Boeing Ethics Site
Corporate Codes of Ethics - Raytheon Business Ethics and Compliance Home Page
Corporate Codes of Ethics – PG&E Ethics Compliance
Basic Concept of Corporate Governance – Panasonic (Matsushita)
Center for the Study of Ethics in the Professions (IIT) - Codes of Ethics Online
Center for the Study of Ethics in the Professions (IIT) - Resources for Writing a Code of Ethics
Center for Ethics and Social Justice at Loyola University, Chicago: Corporate Ethics
Legal Compliance and Ethics Center, LRN
Selection and Use of the ISO 9000:2000 family of standards (ISO 9001:2000.)
Case for Compliance, The: An article from the American Bar Association (ABA, 2003)
Corporate Compliance Programs in the Aftermath of Sarbanes-Oxley (ABA)
Business Ethics and Compliance in the Sarbanes-Oxley Era (2003)
Public Company Accounting Oversight Board: Standards Setting, Text of Auditing Standards and Standards Related Rules
SEC, Public Company Accounting Oversight Board: Releases Issued by the SEC on PCAOB Rule Proposals
Business Ethics: A Manual for Managing a Responsible Business Enterprise in Emerging Market Economies (ITA)
GAO Forum on Governance and Accountability: Challenges to Restore Public Confidence in U.S. Corporate Governance and Accountability Systems (2003)
Sarbanes-Oxley and ISO 9000 (2005)
ANSI-ASQ National Accreditation Board (ANAB)
Advisories: ANSI-ASQ National Accreditation Board (ANAB)
Disarming the Value Killers: A Risk Management Study (2005)
Putting COSO's Theory into Practice (2005)
SEC Final Rule: Management's Report on Internal Control over Financial Reporting Implementing SOX Section 404 (2003)
FDIC, Strategies for Enhancing Corporate Governance, Audit Report No. 04-032 (2004)
Enterprise risk management: Aligning design principles to corporate goals (An IBM Executive Brief)
OTS, Proposed Rulemaking, Risk-Based Capital Guidelines; Implementation of New Basel Capital Accord (August 4, 2003)
Compliance Journey: Balancing Risk and Controls with Performance Improvement (KPMG)
Federal Sentencing Guidelines Manual §8B2.1. Effective Compliance and Ethics Program (2010)
Proposed Amendments to U.S. Sentencing Guidelines Portend Significant Changes to Corporate Compliance Programs (July 2004)
USSC, Organizational Guidelines Page
New Federal Sentencing Guidelines for Organizations: Great for Prosecutors, Tough on Organizations, Deadly for the Privilege; The (March 2005)
Federal Sentencing Guidelines: Enterprise Risk Management (2004)
SEC, Briefing Paper: Roundtable on Implementation of Internal Control Reporting Provisions (2005)
SEC, Spotlight On: Internal Control Reporting Provisions
Key Elements of Antifraud Programs and Controls (2003)
Seven Habits Of Highly Effective Compliance Programs, Executive Summary (July 12, 2005)
Internal Control Guide for Managers, The State of Massachusetts, Office of the Comptroller
Enterprise Risk Management Specialty Guide May 2006 (Society of Actuaries)
United Kingdom, The Orange Book Management of Risk - Principles and Concepts (2004)
International Institute for Public Ethics (IIPE): The Open Corporation: Evaluation of Corporate Self-Regulation of Responsibility
Top Ten Compliance Challenges for the Health Care Industry (2005)
Struggling to incorporate the COSO recommendations into your audit process? Here's one audit shop's winning strategy.
Building a Partnership for Effective Compliance: The Third Government-Industry Roundtable
Sprint Nextel Corporation: Audit Committee Charter (2005)
Helpline/Hotline Operation in France: CNIL Requirements and the Single Authorization Process Explained
Sarbanes-Oxley's Effects on Small Firms: What is the Evidence? (June 2007)

All Access Pass

OCEG All Access Pass

Related terms
P7. Risk Financing
P5. Incentives
P4. Education
P2. Codes Of Conduct
P1. Proactive Actions & Controls
P3. Policies
P6. Stakeholder Relations
Featured OCEG Programs
GRC Fundamentals on Demand