View in browser | Unsubscribe

In today's business climate, compliance with a huge assortment of regulations takes up a lot of an organization's resources. According to Gartner, spending on international regulatory compliance is growing at a rate twice that of IT spending. Failure to comply, however, can be disastrous to your business or nonprofit. The articles below may help you with some of your compliance issues.

Good corporate governance consists mainly of ensuring that the company fulfills its responsibilities. (Item #1) Regulatory compliance is not all black and white. (Item #2) Under a new rule, fines against employers who violate immigration laws will increase by as much as $5,000 per alien. (Item #3)

Starting in June 2008, section 6.6 of the rules for PCI compliance will go from a 'best practice' to a mandatory requirement; what does this mean for your business? (Item #4) There are dozens of issues surrounding the security of email in business today - many of which are often overlooked. (Item #5) A simple 5-step guide to email compliance, specifically geared to the non-technical amongst us, is provided here. (Item #6)

As always, we look forward to hearing about your concerns with regards to business continuity. If you have a topic you'd like to see covered, please email me at bmellinger@attainium.net

Best Regards,

Bob Mellinger
President
Attainium Corp

Quote of the Week

"This isn't just a legal compliance issue for us.
We consider the privacy issue to be an opportunity to reinforce our brand image."
- Tom Warga -

Articles

1. Corporate Governance Is All About Responsibility
Top management must map out the company's future and see to it that daily decisions and actions steer it in the right direction. For that to happen, corporate governance must be conceived in terms of responsibility.
http://www.bettermanagement.com/library/library.aspx?l=14212

2. The Tao of Compliance
A successful outcome in the imprecise field of compliance requires more than quoting verse and line from a government rule book. A good compliance person must have a healthy respect, not just for the laws of the land, but also for the more subtle laws which govern human interactions.
http://www.csa-compliance.com/html/Articles/TaoCompliance.html

3. Employers Beware: Violation Fines To Increase Exponentially
Now that the civil fines will be increased dramatically, it is more crucial than ever for employers to protect themselves from Immigration Audits. The following article lists seven secrets to surviving an Immigration Audit.
http://www.articlesbase.com/regulatory-compliance-articles/employers-beware-violation-fines-to-increase-exponentially-354199.html

4. PCI compliance and web application security: what you need to know for the upcoming policy changes
In a perfect world you already have in place what is necessary to be compliant with not only section 6.6, but PCI rules as a whole. Ideally, you would have handled your web application security practices from the start, as the applications are built, so that you are not scrambling to add security to existing applications. Unfortunately, this is often not the case - which makes now a great time for businesses to reevaluate their web application security processes overall.
http://www.continuitycentral.com/feature0569.htm

5. E-mail Compliance: Security Solutions for Regulatory Requirements
As if the business needs surrounding email aren't enough for organizations to manage, there has been a recent surge of government regulations that affect this form of communication. These laws, which affect large and small companies alike in practically every industry, include protecting confidential customer information, corporate governance, law enforcement investigations, and the overall need to ensure that email is being used and managed properly from an employee perspective.
http://www.windowsecurity.com/uplarticle/anti-spam/Singlefin%20Email%20Compliance%20WhitePaper.pdf

6. Email Compliance - A Simple 5 Step Guide
The consequences of putting email compliance on the back burner can include litigation, financial penalties, HR problems as well as damage to company reputation. Corporate governance requires organizations retain their records for a specific period of time, which by default includes e-mails. Although much legislation pre-dates the Internet the regulations relating to email are subject to the same ones as paper documents.
http://www.itsecurity.com/features/feature-email-security-non-technical-101606/