C4. Objectives

Order by:Group by:

OCEG Contributed

Risk Assessment Webinar Slides
OCEG One Minute Poll: GRC Charter December 2010
A Pathway to Principled Performance®: The OCEG Framework Approach to Integrated GRC
GRC Journal
Governance, Risk and Compliance Strategy Still a Priority (2008)
Staying Out of Trouble: The Role of a Global Anti-Corruption Program
A Unified Approach to GRC
COSO, Internal Control - Integrated Framework, Guidance on Monitoring Internal Control Systems: Volume II - Guidance (Exposure Draft, 2008)
COSO, Internal Control - Integrated Framework Guidance on Monitoring, Internal Control Systems, Volume III - Application Techniques (Exposure Draft, June 2008)
How to create an e-discovery employee awareness program (2008)
IT Governance Standard, ISO/IEC 38500:2008 Order Page (2008)
ISO/IEC 27006:2007 Order Page: Information technology -- Security techniques -- Requirements for bodies providing audit and certification of information security management systems (2007)
AS8015-2005 - Australian Standard for Corporate Governance of Information and Communication Technology (ICT)
SEC, Enforcement Manual (2008)
Sustaining Operational Resiliency: A Process Improvement Approach to Security Management (2006)
Win As You Go: A Phased Approach to Implementing Enterprise GRC (Axentis, 2007)
How to Survive (and Win) with Sarbanes-Oxley (2008)
Treasury Board of Canada Secretariat Internal Audit Web Site
Future of Finance: Driving Business Value Through Performance of the Finance Function (Ernst & Young, 2010)
The Maturity of GRC in the Public Sector: Where Are We Today? Where Are We Going? (2010)
NASDAQ OMX Group, Inc. Corporate Governance Guidelines (April 2010)
The Business Case for Corporate Social Responsibility (June 2011)
ISO 26000 – Social responsibility

Member Contributed

Audit Your Ethics
SEC, Code of Ethics
FAQs for COSO's Enterprise Risk Management — Integrated Framework
COSO, Enterprise Risk Management — Integrated Framework: Executive Summary
DHS, Risk Management Approaches to Protection (October 2005)
COSO, Order page for the full text of the Enterprise Risk Management Integrated Framework (2004)
Enterprise Governance: Getting the Balance Right (2003)
Sarbanes-Oxley Sections 302 & 404: A White Paper Proposing Practical, Cost Effective Compliance Strategies (April 2003)
Corporate Ethics and Sarbanes-Oxley (2003)
Federal Sentencing Guideline Manual, 2006 (Complete Text with Links to Appendices)
DOJ, Thompson Memo Federal Prosecution of Business Organizations
International Organization for Standardization (ISO)
International Organization for Standardization (ISO) – Understand the basics
ISO, 14000 Family of International Standards
ISO 14001:2004 - Environmental management systems -- Requirements with guidance for use (Purchase Site)
ISO 9000 essentials (9001:2008)
ISO Management Standards - Specific applications
ISO, Quality management principles
ISO 9001 Auditing Practices Group
ISO 9001 Accreditation Auditing Practices Group
ISO Strategic Plan 2005 – 2010
Nasdaq Code of Conduct for the Board of Directors
Nasdaq, Summary of Corporate Governance Proposals
Nasdaq, Corporate Governance (2004)
NASDAQ Stock Market, Inc. Corporate Governance Guidelines for the Board of Directors
NASDAQ Legal and Compliance Page
NASDAQ, Corporate Governance Resources
New York Stock Exchange (NYSE) Listed Company Manual
New York Stock Exchange (NYSE), Corporate Governance
SEC, Final Rule on Investment Corporate Governance, Commission response to remand by Court of Appeals (2005)
Fraud Prevention: An Investment No One Can Afford to Forego (2006)
Corporate Codes of Ethics - BellSouth Office of Ethics and Compliance
Corporate Codes of Ethics - Boeing Ethics Site
Corporate Codes of Ethics - Raytheon Business Ethics and Compliance Home Page
Corporate Codes of Ethics – PG&E Ethics Compliance
Basic Concept of Corporate Governance – Panasonic (Matsushita)
Center for the Study of Ethics in the Professions (IIT) - Resources for Writing a Code of Ethics
Ethics Newsline, published weekly by the Institute for Global Ethics
Legal Compliance and Ethics Center, LRN
Leadership Through Progressive Enterprise Risk Assessment (2004)
Managing Risk: An Assessment of CEO Preparedness - Executive Summary (PriceWaterhouseCoopers, 2004)
Case for Compliance, The: An article from the American Bar Association (ABA, 2003)
Corporate Compliance Programs in the Aftermath of Sarbanes-Oxley (ABA)
Business Ethics and Compliance in the Sarbanes-Oxley Era (2003)
FRB, To the Officer in Charge of Supervision and Appropriate Supervisory and Examination Staff at each Federal Reserve Bank and to each Domestic and Foreign Banking Organization Supervised by the Federal Reserve (2002)
SEC, Public Company Accounting Oversight Board: Releases Issued by the SEC on PCAOB Rule Proposals
Business Ethics: A Manual for Managing a Responsible Business Enterprise in Emerging Market Economies (ITA)
GAO Forum on Governance and Accountability: Challenges to Restore Public Confidence in U.S. Corporate Governance and Accountability Systems (2003)
Sarbanes-Oxley and ISO 9000 (2005)
Advisories: ANSI-ASQ National Accreditation Board (ANAB)
Compliance Programs, Codes of Conduct, Whistleblowers and Hotlines (2004)
General Rules and Regulations Promulgated under the Securities Exchange Act of 1934
Risk Intelligent Enterprise: ERM Done Right (2006)
Swiss Code of Best Practice for Corporate Governance (2002)
Putting COSO's Theory into Practice (2005)
Articles Page, The Committee of Sponsoring Organizations (COSO)
FDIC, Strategies for Enhancing Corporate Governance, Audit Report No. 04-032 (2004)
International Trade Administration (ITA), Good Governance Site
Enterprise risk management: Aligning design principles to corporate goals (An IBM Executive Brief)
DHS, Risk Management Approaches to Protection: Final Report and Recommendations by The National Infrastructure Advisory Council (NIAC) October 11, 2005
Compliance Journey: Balancing Risk and Controls with Performance Improvement (KPMG)
Federal Sentencing Guidelines Manual §8B2.1. Effective Compliance and Ethics Program (2010)
USSC, Organizational Guidelines Page
New Federal Sentencing Guidelines for Organizations: Great for Prosecutors, Tough on Organizations, Deadly for the Privilege; The (March 2005)
Seven Elements of an Effective Compliance and Ethics Program, The (2006)
2004 U.S. Sentencing Guidelines – Compliance Programs (Memorandum, 2005)
Codes of Ethics – Current Issues (Memorandum)
Compliance Assessments: A First Step Toward Ensuring an Effective Compliance Program (2005)
SEC, Field Offices Integrity Program (2005)
Defense Ethics Program: Opportunities Exist to Strengthen Safeguards for Procurement Integrity (GAO Report, April 2005)
Seven Habits Of Highly Effective Compliance Programs, Executive Summary (July 12, 2005)
International Institute for Public Ethics (IIPE): The Open Corporation: Evaluation of Corporate Self-Regulation of Responsibility
Top Ten Compliance Challenges for the Health Care Industry (2005)
Struggling to incorporate the COSO recommendations into your audit process? Here's one audit shop's winning strategy.
Building a Partnership for Effective Compliance: The Third Government-Industry Roundtable
Sprint Nextel Corporation: Audit Committee Charter (2005)
OCEG Corporate Governance Maturity Model™
OCEG Corporate Compliance and Ethics Maturity Model™
Metropolitan Corporate Counsel - Compliance Readiness - Part I (March 2007)
Measurement Program Strategy Template
Title 18 U.S. Code § 1514A - Civil action to protect against retaliation in fraud cases
SEC, Final Rule - Disclosure Required by Sections 406 and 407 of the Sarbanes-Oxley Act of 2002
Related terms
C3. Culture
C1. External Context
C2. Internal Context
C4. Objectives