Posts by Matt Kelly
OIG’s Big Boost for CCO Independence
Here’s news sure to leave healthcare compliance officers feeling good: the guidance released last week on healthcare compliance programs expressly says that compliance officers should not be the general counsel or the CFO, and should directly report to the CEO or the board. An eagle-eyed compliance officer noticed that directive on Page 39 of the…
Read MoreCompliance Jobs Report: Nov. 10
This week the Compliance Jobs Report has compliance officers on the move at Balfour Beatty, Dollar Tree, Panasonic, Abbott, and plenty more! We also have a few career milestones to celebrate; job leads in fintech, pharmaceuticals, and real estate; and our Meme of the Week goes out to veterans. Always remember that we need your…
Read MoreSolarWinds, Part III: ‘Following’ the NIST Framework
Today we return to the lawsuit the Securities and Exchange Commission has filed against SolarWinds, the IT services firm that suffered a disastrous cyber attack in 2020. How much does SolarWinds’ compliance with the NIST framework for cybersecurity — or its lack thereof — figure into this risk management morass? Quite a lot, at least…
Read MoreNew Healthcare Compliance Guidance
The Department of Health and Human Services has released long-awaited guidance on compliance programs in the healthcare world, a 91-page booklet that’s meant to be a single source of compliance wisdom for the wide range of individual sectors in the U.S. healthcare industry. The booklet, blandly titled “General Compliance Program Guidance,” was published on Monday…
Read MoreAnother Lesson on Accounting Controls
Royal Bank of Canada has settled charges with the Securities and Exchange Commission over poor accounting controls for software development, which might sound super nerdy — because it is, really — but the case also lets us ponder yet again the importance of a strong control environment. The SEC announced the case late last week.…
Read MoreCompliance Jobs Report: Nov. 3
The Compliance Jobs Report this week has a big departure at HP, several compliance chiefs getting promoted to general counsel, new hires in artificial intelligence and pharma, and lots more. We also have job leads in higher ed, healthcare, and financial services, and Meme of the Week goes out to promotions! Always remember that we…
Read MoreSolarWinds, Part II: This Is Not New
Today we continue our look at that lawsuit filed by the Securities and Exchange Commission against SolarWinds and its CISO for poor disclosure of the company’s cybersecurity issues. As unsettling as this case might be for compliance and audit professionals, is it really a ground-breaking moment in securities enforcement? Perhaps not. Let’s first appreciate what…
Read MoreA Deep Dive Into SEC’s SolarWinds Lawsuit
Heads up, compliance and internal audit professionals! The Securities and Exchange Commission just filed a potentially profound lawsuit against the tech company SolarWinds and its CISO for misleading investors about the state of that company’s cybersecurity defenses — defenses that were proven toothless during a cybersecurity breach in 2020. The lawsuit, filed Monday against SolarWinds…
Read MoreRemediation Efforts That Work
Before our fond memories of the Society of Corporate Compliance & Ethics 2023 conference sail into the sunset, I want to recap one more session I attended at the conference since it’s a subject well worth a compliance officer’s attention: the delicate art of remediating a compliance failure while you’re still investigating it. This has…
Read MoreCompliance Jobs Report: Oct. 27
Another brisk Compliance Jobs Report this week! We have two notable hires in higher education, and other personnel news at Convatec, Medtronic, Ericsson and elsewhere. Party pics from the Middle East, and all our job leads this week are in Southern California. Plus our Meme of the Week! Always remember that we need your help…
Read More