Human Rights, Ethical Risks, and Due Diligence 11:12, April 20, 2017

Our Resources

Author: Karen Peterson

The legal and ethical risks are growing for organizations to investigate and address the human rights impacts of their activities and relationships, which have far-reaching implications for companies operating in the global economy. This post explores why identifying human rights impacts that occur in a global business operations chain is not just the right thing […]

read more

Having an ethics and compliance program with no implementation plan is akin to implementing the program without measuring its effectiveness. There are plenty of resources expended but no one is sure what, if anything, is gained. This post continues our discussion of ethics and compliance programs, which has covered the hallmarks of a compliant program, […]

read more

Failure to devise and enforce sufficient internal accounting controls to require compliance with a company’s business code of conduct violates the Securities Exchange Act (Act), according to a recent order issued by the  Securities and Exchange Commission (SEC). The SEC imposed a $2.4 million fine against United Airlines’ parent company (United) for violating the Act’s […]

read more

Simply having a company code of conduct is not enough. Research has found that the process an organization follows to develop a code of conduct can impact its effectiveness (Schwartz, 2008). Researchers have also suggested that the implementation process is an important factor in creating an ethical culture. “Code of conduct” and “code of ethics” […]

read more

The enactment of the Foreign Corrupt Practices Act (FCPA) in 1977, the Federal Sentencing Guidelines for Organizations (FSGO) in 1991, the Sarbanes–Oxley Act of 2002, and the 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act all contributed to the perception that a code of ethics is solely a legal compliance and risk management tool. However, […]

read more

We have previously written about ransomware, password reuse, and the DNC security hacks, but this post is about a common risk that lurks in the shadows, aptly called “Shadow IT.” Contrary to what its name implies, Shadow IT is not the malicious creation of hackers. Instead, it is personal communication and content sharing software that employees […]

read more

Over half of the data breaches in 2015 were carried out using legitimate credentials. According to the 2016 Verizon Data Breach Investigations Report, there were 1,429 incidents of credential theft last year, and 63% of confirmed data breaches exploited stolen, weak, or default passwords. Data security experts call this a “password reuse crisis” and “low-hanging […]

read more

White Paper
Data Security training
for employees

  |   Download White Paper

 

Compliance Course Catalog
  |   Download Catalog