Nonprofit Quick Tips: State Filings in Alabama and Arkansas
Avoiding a Bored Board
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Daily Compliance News: July 21, 2025, The More Reasons Not to Go to China Edition
10 For 10: Top Compliance Stories For the Week Ending July 19, 2025
Compliance Tip of the Day: COSO Governance Framework - Part 5, People
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Daily Compliance News: July 17, 2025, The COSO Yanked Edition
Compliance Tip of the Day: COSO Governance Framework: Part 2, Oversight
Compliance Tip of the Day: COSO Governance Framework: Part 1, Introduction
Daily Compliance News: July 14, 2025, The Secret Business Sauce-Reading Edition
Episode 377 -- Refocusing Due Diligence on Cartels and TCOs
10 For 10: Top Compliance Stories For the Week Ending, July 12, 2025
Daily Compliance News: July 11, 2025, The What is a COI Edition
Treating Compliance Like an Asset
Five Tips for a New Public Company Director
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Everything Compliance: Episode 156, To Document or Not Edition
A recent breach involving Indian fintech company Kirana Pro serves as a reminder to organizations worldwide: even the most sophisticated cybersecurity technology cannot make up for poor administrative data security hygiene....more
If you hang out with CISOs like I do, shadow IT has always been a difficult problem. Shadow IT refers to refers to “information technology (IT) systems deployed by departments other than the central IT department, to bypass...more
Let’s role-play the title “Chief Information Security Officer” (CISO) as various chess pieces, each representing different aspects of the challenges and responsibilities faced in this critical position. Examining these...more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding disclosures of material cybersecurity incidents via Form 8-K under...more
Last week, Paul Hastings attended the Securities and Exchange Commission (SEC) Speaks 2024 event presented by the Practising Law Institute (PLI) in cooperation with the SEC on April 1 and 2. The SEC Speaks program provides...more
Amidst the relentless waves of pandemic-induced uncertainty, organizations found themselves at a crossroads, compelled to reimagine how their businesses operated. For example, when stay at home orders continued to be extended...more
In 2023, the U.S. Securities and Exchange Commission (“SEC”) issued its now-fully implemented Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule. The Rule reflects the reality that cybersecurity...more
I always enjoy retrospective “year in review” postings to start off the new year. For years, I have sought to identify and capture important compliance trends, typically focused on specific professionals in the compliance...more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
It’s safe to say that there could be a whole series dedicated to Artificial Intelligence (AI) and the various use cases and ramifications of such groundbreaking technology. While there are ethical considerations, security...more
The International Association of Privacy Professionals held its annual Global Privacy Summit on April 4-5 in Washington, D.C. Here are some things we learned. 1. Generative Artificial Intelligence (“AI”) is Ubiquitous in the...more
In January, we presented our annual top risk and compliance predictions that will impact organizations most in 2022. However, things move quickly in today’s risk world, and a mid-year check-in with Kristy Grant-Hart and...more
Integrated Risk Management (IRM) and Governance, Risk Management and Compliance (GRC) are critical areas for business security and success. But all too often these programs aren’t thoroughly tested – or worse, aren’t...more
Where We Stand - This year kicks off against the backdrop of the security flaw found in Log4j, a system-logging code library widely used in applications and services across the Internet. In the aftermath of this crisis, a...more
At the recent Mitratech Interact US 2020 online event, Tony Bethell, VP Alliances at Mitratech, and Jay Chakraborty, a Partner at PWC, explored the practical steps businesses are taking to manage better the challenges of...more
Businesses that decide to invest in an ERM-GRC risk management solution often fail at implementation. Why? There are many reasons, including: - Setup of the software goes over budget...more
It’s a business maxim: Where business goes, risks follow. And in recent years, business has found itself in places that might not have been part of the original plan: Digital processes, global business, outsourcing to third...more
Companies today need to take a holistic view of risk and compliance; it is no longer sufficient to let individual departments or teams be responsible for managing risk and compliance alone. ...more
The Department Of Justice (DOJ) and Securities and Exchange Commission (SEC) have both made it clear that they expect companies to be more robust in their use of data analytics in compliance programs....more
Today, I want to focus on what the compliance practitioner should do to move themselves forward professionally in 2020 and beyond. I drew inspiration from the Financial Times (FT) piece, entitled “Work in the 2020s: 5...more
This week, I am writing a blog post series based upon the MIT Sloan Management Review Special Report: Making Good on the Promise of AI. Today, I want to consider the article People and Machines: Partners in Innovation by...more
In this multi-part blog post series, I am exploring the increased use of technology to continue to drive the performance of corporate compliance programs. I am considering the use of Artificial Intelligence (AI) in a best...more
Over the past few blog posts, I have been considering the use of artificial intelligence (AI) to make compliance more robust in the three prongs of prevent, detect and remediate. ...more
I am exploring the use of artificial intelligence (AI) to make compliance more robust in the three prongs of prevent, detect and remediate. This series is based upon an article in the Harvard Business Review (HBR), entitled...more