Featured Insights & Articles
Detecting and Preventing Human Trafficking in Supply Chain
The call across the food & beverage industry is to get certified to one of the several Global Food Safety Initiative (GFSI) scheme options to ensure safe and high quality food. GFSI-benchmarked schemes require higher safety standards than what the government regulatory bodies enforce and certification to a GFSI approved schemes will help to drive food safety programs and processes toward FSMA compliance. Read this article to learn how adherence to GFSI approved schemes can take you one step closer to meeting FSMA Mandates.
Best Practices In Internal Audit
This article talks about the five key best practices for internal auditors to successfully meet stakeholder expectations, and drive exceptional business performance in their organizations.
Best Practices In Supplier Quality Management
Learn about the top six best practices in supplier quality management. Discover how the use of technology can elevate visibility into supplier quality, and enhance business performance.
Can't Get Budget Approval For Your Quality Management System?
Many quality directors have difficulty in getting capital budget approvals to acquire a badly needed Quality Management System (QMS). The reason in most situations is that their justification approaches the system benefits from a bottom-up operational perspective -the new system will provide a mechanism to achieve key quality objectives such as issue tracking, developing and implementing corrective actions and reporting on the key process improvement metrics.
Complying with HIPAA Omnibus Rule: Key areas of focus for Healthcare Providers
The HIPAA Omnibus Rule marks a significant update to the privacy and security obligations of providers with respect to patients’ protected health information. The MetricStream solution provides ability to effectively manage and automate HIPAA/HITECH compliance and to streamline all other compliance aspects ranging from preparing policies and procedures, to assessing and analyzing risks, managing audits, identifying gaps, and remedying issues.
Detecting and Preventing Human Trafficking in Supply Chain
The call across the food & beverage industry is to get certified to one of the several Global Food Safety Initiative (GFSI) scheme options to ensure safe and high quality food. GFSI-benchmarked schemes require higher safety standards than what the government regulatory bodies enforce and certification to a GFSI approved schemes will help to drive food safety programs and processes toward FSMA compliance.
Frequent Threats to Federal Information Security Necessitate FISMA Compliance
With electronic systems emerging as the primary locus of information storage and communication, the corresponding risks have sky-rocketed. According to FBI reports, financial losses from cybercrime and online scams in the U.S. more than doubled in 2009 as compared to 2008.
Internal Audits - Transparency & Oversight
They say transparency and oversight are in vogue. Why wouldn’t they be? Haven’t you heard everyone talk of transparency and oversight as ‘the remedy’ for survival? Whether it is the unprecedented levels of regulation or market expectation, investors, stakeholders and customers are demanding a clear view into the state of the businesses.
The Role of Operational Risk in an ERM Framework
Today, effective Risk Management is vital for any organization, owing to several factors including, changing regulatory, and legal requirements, ever-evolving technology, globalization, governance, expensive insurance costs, and the attitude of stakeholders.
The Future of Integrated Governance, Risk and Compliance
Organizations across the globe see Governance, Risk and Compliance (GRC) as a critical process which not only redefines their sustainability but also takes care of their ongoing concerns, future growth and opportunities.
How Enterprise GRC Strenghtens Security Intelligence
One of the key GRC challenges that Risk and InfoSec professionals face today is gaining a consolidated view of risk, compliance and internal controls across the enterprise. To achieve this, organizations are moving away from a siloed approach, towards an integrated enterprise GRC program with well-structured and visible risk reporting frameworks, unambiguous control systems, streamlined infose risk management processes, all of which can improve accountability and communication.
Enterprise-wide risk management in energy and utilities sector
Due to the inherent and volatile nature of the business in Energy & Utility sector, organizations have to tackle the complexities of performing real-time risk measurement and mitigation. They also require risk-intelligent approach to survive the challenges posed by the economic and geo-political fluctuations. In order to execute and control their risk strategy, energy and utilities organizations must adopt a sound risk methodology, with the necessary flexibility to enable them to generate more profits.
“Playing the Internal Audit Card in Changing Business Environment using 5 Critical Technological Capabilities”
This article highlights the 5 core technology capabilities that help deliver value from Internal Audit in terms of reduced operational cost; improved visibility, and consistent and timely decision making process.
FDA Inspections: Face the Challenge Through Proactive Preparation
This article provides insight on FDA's inspection from Entry to Exit and how Life Sciences companies can adopt the 3I approach of "Implement-Inspect-Incorporate" instead of Retrospect. The article also discusses the Quality System Inspection Technique (QSIT) used by FDA for inspections and how technology can be leveraged to be better prepared.
Laying the Groundwork for Your GRC Journey
A leading healthcare products manufacturer successfully embarks on the path towards building a robust, collaborative, and harmonized approach to GRC, supported by an integrated technology infrastructure
The Impact of COBIT on the CIO
In one of the most controversial cybercrime cases in recent years, Gary McKinnon, a UK based systems administrator, was accused by the US government of hacking into dozens of US military and NASA computers between February 2001 and March 2002.
Regulatory Compliance - Creating an Enterprise Roadmap for the Power Industry
Let's face it; the fear of non-compliance is daunting, even more when federal regulators are penalizing energy market participants with fines ranging from $300 thousand to $300 million over the past two years. Whether it's Sarbanes Oxley Act (SOx), FERC and NERC regulations (Federal Energy Regulation Commission and North American Electric Reliability Commission) and requirements from state and regional bodies, complying with them is challenging.
ROI Analysis for an electronic Document Management Solution
Documents are ubiquitous across organizations. Most of the enterprises expend considerable resources and valuable employee hours on creating, managing, changing and delivering documents essential to their business.
Operational Benefits Of Sarbanes-oxley Compliance
While many management teams, board of directors, audit committees see Sarbanes-Oxley Act of 2002 as an administrative and compliance exercise, we encourage companies to think outside-the-box and use the regulation as an excuse to improve business processes.
Role of a Quality Management System in Six Sigma Deployments
Six Sigma is a disciplined, data-driven approach to improving product and process quality. Ever since Jack Welch labeled Six Sigma as one of the most strategic initiatives undertaken by GE, it has seen its adoption increase dramatically across the world. Enterprise quality management systems play a key role in the Six Sigma deployments. This paper explains the role of such a system in the implementation of Six Sigma to improve the order-to-delivery process at a manufacturing site.
Corrective Action (CAPA) Systems At Innovative Companies
In a manufacturing organization, when Deviations, Nonconformance, Out of Specifications, Incidents or Complaints occur, Corrective and Preventive Actions need to be initiated to remedy the problem. Once a CAPA has been initiated, it follows its assigned workflow process.
Erm Analysis For Credit Ratings Of Nonfinancial Companies: Stepping Up To New Criteria
Patterned on the approach already used for sectors like finance, insurance and energy since 2004, SnP's announcement proposes to employ 100 or so different factors to evaluate the quality of ERM operations in nonfinancial institutions and then include that assessment in their final score.
Here Comes TS 16949
A supplier's certification to ISO/TS 16949:2002 will satisfy vehicle manufacturers' current quality system requirements for compliance or certification.
How To Build A Business Case For A Quality Management System
The goal of the business case is to ensure that the project delivers value greater than the corporate hurdle rate for capital investments. This paper provides a proven step-by-step process to developing a business case for a Quality Management System (QMS) within an enterprise.
How To Give A Quality Score To Your Supplier
A supplier scorecard contains categories or main groupings of metrics by which suppliers are measured. These categories include quality, delivery, cost, and responsiveness. Aggregated score for each category is calculated first, providing a company visibility into quality score, delivery score, etc.
Impact Of Regulatory Compliance On Quality And Profits - Gunjan Sinha, Chairman, Metricstream Inc.
While the issue of cost of compliance to consumers and tax paying citizens is a well-researched fact, the cost of non-compliance is still an uncharted area measured mostly by fines and penalties paid by corporations. Those opposing the pressure of compliance, often argue that regulations only expand the bureaucracy, adding burden to its subjects or on the industries it regulates.
Implementing A Well Designed Audit Program
Best practices for incorporating audits into your operational framework and how to most effectively implement audits in a global organization.
Incorporating Audits In Your Operational Framework - Gunjan Sinha, Chairman, Metricstream Inc.
Audit is not a responsibility of the internal or external auditors. It is the responsibility of business heads and managers who are running the operations of the company, on a day-to-day basis.
Incorporating Quality Into Management Style - Gunjan Sinha, Chairman, Metricstream Inc.
In progressive companies, managers are not merely focused on enhancing organizational output and productivity, but are also aware of achieving greater degree of compliance and quality to the regulatory frameworks of their industries, economies and communities.
Leveraging Auditing Standard No.5 To Streamline Sox Compliance
The soaring SOX costs have not gone unnoticed by the Public Company Accounting Oversight Board (PCAOB). The PCAOB has seen how the accounting firms have run up huge fees, and forced clients to spend millions of dollars on redundant IT systems and unnecessary controls
Risk, Compliance and Audit Management Solution for Mid-Tier Banks
Mid-sized companies face a challenging, competitive business environment today. As they grapple with the resource-rich giants and fragmentary startups of the industry, they need to be agile, deliver value to their customers, and maximize ROI at every step.
Measuring Supplier Performance
Supplier performance measurement is critical for businesses dealing with multiple suppliers. It can help them to gain better visibility of their supplier performance and reduce risks in supply chain. Organizations can use supplier scorecards as tool to measure, analyze, share, and improve supplier performance.
How to Secure IT Assets with a Business Continuity Management (BCM) Plan
In 2005, an American broadband and telecommunications company faced a major service outage in Los Angeles, California. A computer system’s problem led to the corruption of the company’s main software services environment. Over 150,000 customers lost land-line, Internet and some mobile phone and 911 services.
5 Critical Success Factors for IT GRC Succes
To manage risk and compliance in today's complex and dynamic business and IT environments requires a responsive, efficient, and effective IT GRC strategy. IT organizations should implement processes and corresponding technologies that bring economies and efficiency to IT GRC, while achieving greater security and control over IT infrastructure, business operations, and extended business relationships.
Ensuring Data Integrity through SOX Compliance
In 2004, Jeffrey Heer at UC Berkeley demonstrated a project that he had undertaken to analyze Enron's corporate email database. Using various visualization techniques and algorithms, Heer dug deep into Enron's communication network and constructed a tremendously intricate map profiling the communication between respondents. It was a fascinating piece of work, both vast and deeply complex.
IT Risk Is Not About IT - It's About the Business
Information technology risk teams know well that the scope of IT risks can be very broad - ranging from technical security risk, to IT operations risk, through to operational risk and enterprise risk. IT risk teams typically have deep skills in risk identification and analysis of information technology components, and many are also quite skilled in making recommendations on risk treatment options.
Expanding Regulatory Norms Present New Compliance Challenges for the Healthcare Industry
The US healthcare industry is rigorously monitored against stringent regulatory norms. The industry needs to comply with a variety of standards including the Health Insurance Portability and Accountability Act (HIPAA), Centers for Medicare and Medicaid Services (CMS), American Society for Testing and Materials (ASTM), International Conference on Harmonization (ICH), International Electrotechnical Commission (ISO/IEC), and Joint Commission on Accreditation of Healthcare Organizations (JCAHO).
Manage Risks to Comply with Food Safety Audits
Despite stringent standards and extensive audits on food safety, food poisoning sickens around 76 million Americans and kills over 5000 each year. Most of the fatalities arise from botulism, salmonellosis, and staphylococcal food poisoning. The emergence of a class of new drug resistant pathogens such as campylobacter jenjuni, shiga toxin-producing E. coli, Listeria monocytogenes and cyclospora cayetanensis have complicated matters further.
How to Implement a Robust Audit Framework
Almost every organization, regardless of industry, faces business challenges as a result of economic fluctuations, the pace and volume of regulatory change, and the accelerated growth of risks. An effective audit program helps to ensure that business operations are conducted within the boundaries of both the organization and the regulatory bodies that govern it.