In “Managing risky business,” I mentioned that when advice on secure development turns out to be flawed or incomplete, smart organizations learn from their mistakes and update the guidance they issue.

Every organization should have a computer incident response plan. A solid plan should serve two major functions. The first is to recover business functions as quickly as possible. The second is to ...

One new and different item laid out in the Evaluation of Corporate Compliance Program (Evaluation), supplementing the Ten Hallmarks of an Effective Compliance Program from the 2012 FCPA Guidance, was ...

One of the biggest changes in the 2020 FCPA Resource Guide, 2nd edition, is the addition of a new Hallmark, entitled, Investigation, Analysis, and Remediation of Misconduct, which reads in full: The ...