Resources for Gramm Leach Bliley Act (GLBA)

How to Conduct Risk-Based IT Compliance Self-Assessments

www.eweek.com

These days, every company should take a second look at its own IT compliance self-assessment process to ensure that it's using a risk-based approach and focusing its tests on key control areas. Knowledge Center contributor Craig Linnell explains how your company can better assess whether or not its Internal Controls over Financial Reporting are truly risk-based, particularly in the IT area.The U.S. Securities and Exchange Commission (SEC) provided interpretive guidance on the implementation of a risk-based approach for management’s self-assessment of ICFR (Internal Controls over Financial Reporting). It did this in its publication, “Commission Guidance Regarding Management’s Report on Internal Control over Financial Reporting under Section 13(a) or 15(d) of the Securities Exchange Act of 1934.” This guidance often results in a significant reduction of hours for an organization to complete its tests of ICFR.

View the Resource

Share or bookmarklet this web page at: