Print This Story  Email This Story  Save this Link View PR Newswire's RSS Feed  Blogs Discussing this News Release  Search Blogs that Mention this News Release  Click this link to view linked Bookmarking Services Click this link to view linked Blogging Services

Compliance Consortium Defines Operational Framework for Managing Enterprise-Wide Compliance
 
        Document Serves as Foundation for Managing Sarbanes-Oxley and
                          Other Regulatory Mandates

    SAN FRANCISCO, May 16 /PRNewswire/ -- Gartner Symposium ITxpo -- The
Compliance Consortium, an international membership organization formed in June
2004 to promote effective governance, risk and compliance management (GRC),
has published its operational approach for managing GRC requirements within
the enterprise.  Applicable to both public and private companies, the
framework is designed to assist senior management and boards of directors in
setting objectives for managing a wide range of compliance-related activities
and instituting the programs needed to attain those objectives. This initial
version is a "public draft" and is intended to invite constructive criticism
and ultimately to build a broad consensus within the hundreds of companies
that have registered as part of The Compliance Consortium Community over the
past year.
    "Unquestionably, the passage of the Sarbanes-Oxley Act has increased the
focus for public companies on the areas of corporate governance, risk
management and compliance," said Ted Frank, chairman of the Compliance
Consortium advisory committee and president of Axentis.  "It's important to
remember that, for many companies, Sarbanes-Oxley is just one of hundreds of
mandates from the SEC, FDA and other regulatory bodies that they must manage.
Our goal with the creation of this framework is to help all organizations
define, execute and ultimately profit from low risk and efficient governance,
risk and compliance management, regardless of the specific regulation or
statute."
    "A well-defined set of organizing principles for good governance, risk and
compliance is an essential ingredient to a successful recipe for actualizing
specific principles into the practices of everyday business," said Scott
Mitchell, president and CEO of Open Compliance and Ethics Group (OCEG). "The
Compliance Consortium has made a useful contribution in support of OCEG's
mission -- to help organizations align their GRC activities to drive business
performance and promote integrity."
    "The Compliance Consortium is focused on bringing clarity to one of the
most important business and technology issues of the day," said Frank Gilbane,
editor and founder of The Gilbane Report. "We are pleased to have had the
opportunity to contribute to the definition of this framework."
    "In creating this operational framework, the members of the Compliance
Consortium have drawn upon the knowledge gained through working with hundreds
of organizations of all shapes and sizes," said Prashanth V. Boccasam, CEO of
Approva.  "The Consortium encourages feedback from both the vendor and end-
user communities as we work to finalize the parameters of this document."

    Key findings in the document include:
     * For organizations to be successful, GRC must be viewed as a distinct
       area of focus, standing apart from other important concerns such as
       market expansion, investment in information technology, and the ability
       of the management team.
     * Leveraging the guidelines set forth by the U.S. Sentencing Commission,
       the Consortium has defined seven operational concerns to serve as a
       framework for organizing and managing GRC operations.  These range from
       clearly assigning responsibilities at all levels of the organization to
       establishing incentives and discipline to promote compliance.
     * The Consortium has developed a list of 12 questions that board members
       and senior management should ask to help ensure organizations are on
       track with their GRC objectives.

    Interested parties may access "Governance, Risk Management, and
Compliance: An Operational Approach" on the Consortium web site,
at http://www.thecomplianceconsortium.org .

    About the Compliance Consortium
    The Compliance Consortium ( http://www.thecomplianceconsortium.org ) is an
international membership organization designed to promote effective and
efficient enterprise governance, risk and compliance management (GRC). Areas
of interest include GRC best practices and reference architectures,
influencing and contributing to GRC-related industry and computing standards
and establishing conferences and other professional events focused on GRC-
centric topics. Founding Consortium Members include Axentis, Approva,
Corpedia, Hyland Software, Inc., Hyperion, Intuition, Jefferson Wells,
Navigant Consulting and The Network.

    About Open Compliance and Ethics Group (OCEG)
    OCEG is a not-for-profit organization that provides a framework (the OCEG
Framework) for integrating governance, compliance, risk management, and
integrity into the tangible practice of everyday business, drives adoption of
the Framework through a multi-industry, multidisciplinary coalition and
provides a community of practice for the exchange of information, tools,
benchmarking and feedback for continual improvement of the Framework. For more
information on OCEG and the OCEG Framework, visit http://www.oceg.org .
SOURCE The Compliance Consortium



Back to Topback to top

Related links:
  • http://www.thecomplianceconsortium.org
  • http://www.oceg.org
    CONTACT:
    Gil Chorbajian of Ogilvy Public Relations
    Worldwide, +1-518-355-0966, or gil.chorbajian@ogilvypr.com
    www.technorati.com Blogs Linking to this News Release at Technorati
    Issuers of news releases and not PR Newswire are solely responsible for the accuracy of the content.
    Terms and conditions, including restrictions on redistribution, apply.
    Copyright © 1996- PR Newswire Association LLC. All Rights Reserved.
    A United Business Media company.