One new and different item laid out in the Evaluation of Corporate Compliance Program (Evaluation), supplementing the Ten Hallmarks of an Effective Compliance Program from the 2012 FCPA Guidance, was ...

In “Managing risky business,” I mentioned that when advice on secure development turns out to be flawed or incomplete, smart organizations learn from their mistakes and update the guidance they issue.

Editor’s note: This article is the second in a series to help practitioners learn about the AICPA’s new quality management standards and prepare to implement them. The interrelated final standards on ...

The interrelated final standards on quality management issued in June 2022 by the AICPA’s Auditing Standards Board and Accounting and Review Services Committee are intended to clarify and improve ...

Recently, I was chatting with longtime colleague and friend, Keith Essency. I first met Keith when I worked in the Motorola Semiconductor business in marketing and he was on the engineering side. We ...

Just as risk assessment is the bedrock for an effective compliance program, root cause analysis (“RCA”) similarly underpins successful remediation of compliance violations. The DOJ’s March 2023 ...

A few decades ago, simply knowing how your business was performing was a competitive advantage. Before computers, tracking and analyzing, even a handful of business metrics required dozens of people.

As semiconductor devices become smaller and more complex, the product development lifecycle grows increasingly intricate. So, from early builds to pre-qualification testing, firmware development and ...

Every organization should have a computer incident response plan. A solid plan should serve two major functions. The first is to recover business functions as quickly as possible. The second is to ...