The Complete Compliance Handbook

Thomas Fox, the Compliance Evangelist, is one of the leading writers, thinkers and commentators on the nuts and bolts of compliance. His always practical advice is now available in one volume, The Complete Compliance Handbook. This book incorporates the most recent pronouncements and guidance from the Department of Justice, including 2017's Evaluation of Corporate Compliance Programs and FCPA Corporate Enforcement Policy, to provide the most up-to-date advice on what constitutes a best practices compliance program. In this single volume compendium, Fox brings together the tops ideas, topics and techniques you can incorporate your compliance program, literally in 31-days to more fully operationalize your compliance regime. If you want one volume to guide you in operationalizing compliance, this is it. The book is designed to provide you with a step-by-step guide to the design, creation, implementation of or enhancement to a compliance program. It begins with 31-days to a more effective compliance program. Each entry presents one thing you can accomplish, at little to no cost, to improve any level of compliance program. There are three key-takeaways for each entry. The final chapter goes through the same process for you to operationalize your compliance program. In between these bookends, The Complete Compliance Handbook features chapters on: -Operationalizing Compliance Through Human Resources -The Role of the Board of Directors and Compliance -360-Degrees of Communication in Compliance -Better Third-Party Risk Management -Reporting and Investigations -Internal Controls -Innovation in Compliance -Written Standards -More Effective Compliance for Business Ventures -Continuous Improvement The author, Thomas Fox, has written 15 books on compliance, leadership and business ethics. He founded the Compliance Podcast Network and has one of the largest social media presences in compliance. He has worked in the compliance arena for over 10 years and draws upon his many years of experience in the profession to create this single volume which will become the standard 'nuts and bolts' text on compliance. Fox's writing style is suited for any skill level of compliance practitioner or maturity of corporate compliance program.

Providing a comprehensive framework for a sustainable governance model, and how to leverage it in competing global markets, Governance, Risk, and Compliance Handbook presents a readable overview to the political, regulatory, technical, process, and people considerations in complying with an ever more demanding regulatory environment and achievement of good corporate governance. Offering an international overview, this book features contributions from sixty-four industry experts from fifteen countries.

Corporate Legal Compliance Handbook, Third Edition, provides the knowledge necessary to implement or enhance a compliance program in a specific company, or in a client's company. The book focuses not only on doing what is legal or what is right--the two are both important but not always the same--but also on how to make a compliance program actually work. The book is organized in a sequence that follows how to approach a compliance program. It gives the compliance officer, consultant, or attorney a good grounding in the basics of compliance law. This includes such things as the rules about corporate and individual liability, an understanding of the basics of the key laws that impact companies, and the workings of the U.S. Sentencing Guidelines. Successful programs also require an understanding of educational techniques, good communication skills, and the use of computer tools. The effective compliance program also takes into account how to deliver messages using a variety of media to reach employees in different locations, of different ages or education, who speak different languages. Note: Online subscriptions are for three-month periods.

Written by a long-standing practitioner in the field, this timely and critical work is your best source for understanding all the complex issues and requirements associated with corporate compliance. It provides clear guidance for those charged with protecting their companies from financial and reputational risk, litigation, and government intervention, who want a robust guide to establish an effective compliance program.

The book is not organized by product, rather by the governance and risk assurance processes. A given product may be represented in multiple places within the book and a given process may contain multiple product references. To ensure that we keep ourselves grounded in real problems, the book is written as a journal of a fictional company establishing its governance processes. It will introduce managers and directors responsible for various aspects of the governance, risk and compliance problem and where that problem is exposed and how it is addressed in the technology and business applications. The audience for this book is the people that advise the board, the internal audit department and CIO office on controls, security and risk assurance. Consultants that are implementing Financials or GRC Applications who wish to gain an understanding of the Governance Risk and Compliance processes, and how they are represented in Oracle, should find it a useful primer. Risk Assurance professionals will find it a reliable companion.

The IT Regulatory and Standards Compliance Handbook provides comprehensive methodology, enabling the staff charged with an IT security audit to create a sound framework, allowing them to meet the challenges of compliance in a way that aligns with both business and technical needs. This "roadmap" provides a way of interpreting complex, often confusing, compliance requirements within the larger scope of an organization's overall needs. The ulitmate guide to making an effective security policy and controls that enable monitoring and testing against them The most comprehensive IT compliance template available, giving detailed information on testing all your IT security, policy and governance requirements A guide to meeting the minimum standard, whether you are planning to meet ISO 27001, PCI-DSS, HIPPA, FISCAM, COBIT or any other IT compliance requirement Both technical staff responsible for securing and auditing information systems and auditors who desire to demonstrate their technical expertise will gain the knowledge, skills and abilities to apply basic risk analysis techniques and to conduct a technical audit of essential information systems from this book This technically based, practical guide to information systems audit and assessment will show how the process can be used to meet myriad compliance issues

This comprehensive book instructs IT managers to adhere to federally mandated compliance requirements. FISMA Compliance Handbook Second Edition explains what the requirements are for FISMA compliance and why FISMA compliance is mandated by federal law. The evolution of Certification and Accreditation is discussed. This book walks the reader through the entire FISMA compliance process and includes guidance on how to manage a FISMA compliance project from start to finish. The book has chapters for all FISMA compliance deliverables and includes information on how to conduct a FISMA compliant security assessment. Various topics discussed in this book include the NIST Risk Management Framework, how to characterize the sensitivity level of your system, contingency plan, system security plan development, security awareness training, privacy impact assessments, security assessments and more. Readers will learn how to obtain an Authority to Operate for an information system and what actions to take in regards to vulnerabilities and audit findings. FISMA Compliance Handbook Second Edition, also includes all-new coverage of federal cloud computing compliance from author Laura Taylor, the federal government’s technical lead for FedRAMP, the government program used to assess and authorize cloud products and services. Includes new information on cloud computing compliance from Laura Taylor, the federal government’s technical lead for FedRAMP Includes coverage for both corporate and government IT managers Learn how to prepare for, perform, and document FISMA compliance projects This book is used by various colleges and universities in information security and MBA curriculums