Leadership Solutions

glasses2_copy.jpg

Knowledge Corner - Regulations & Compliance

The Knowledge Corner offers many resources to help you manage risk. Explore the topics offered in the navigation bar or if you can't find what you're looking for, use Find it For Me!™

The icons shown adjacent to the titles of these resources provide information about sources.
  • blue icon = Tools, solutions, research and publications created by Security Executive Council
  • cyan icon = Materials created by Security Executive Council strategic alliance partners
  • green icon = Other material reviewed and deemed relevant to security and risk management executives by the Security Executive Council




Tools

   

Cost of Compliance Model This is Security Executive Council material  

Created By: Security Executive Council
A model to help estimate the likely cost impact resulting from proposed or new government (or trade group) security regulations and guidelines.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only
   

Cost of Compliance Model: Executive Summary This is Security Executive Council material  

Created By: Security Executive Council
This is an overview of a tool developed to calculate the cost for a site to become compliant with different security regulations. The model helps estimate the likely cost impact resulting from proposed or new government (or trade group) security regulations and guidelines. Tier 1 Leaders have access to the full document.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only
   

Regulation and Compliance Management Tool This is Security Executive Council material  

Created By: Security Executive Council
The Regulation and Compliance Management Tool (RoCM) provides members a method of measuring and recording compliance to various security related standards, guidance and regulations over time. The tool also allows comparisons between multiple regulations.
     Click here to view a short video describing this resource in more detail.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only
   Security Executive Council Collective Knowledge: Business Continuity Program V.3 This is Security Executive Council material  
Created By: Security Executive Council
This document is based on a presentation in response to new regulations and corporate scrutiny on business crisis management planning, as a result of national incidence, business reporting requirements and corporate and board level risk.
A Tier 1 Leader item available for purchase. Visit our store.
     Click here to view a short video describing this resource in more detail.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only

Research & Benchmarks

   Legislation, Regulations, Voluntary Compliance & Standards Library (LRVCS) This is Security Executive Council material  
The Council is collecting the ever growing LRVCS related to security. Contribute a missing item and receive a free metrics presentation PowerPoint. Send suggestions to contact@secleader.com
     Click here to view a short video describing this resource in more detail.
   Security Barometer Results: Mexico Drug Decriminalization  This is Security Executive Council material  
Will the recent changes in drug laws affect you? A common theme from respondents was their concern regarding transportation and cargo. Even if your organization does not have facilities in countries with lax drug laws you may want to give thought to the risks in your supply chain.
 
   

Trend Research Report: Foreign Corrupt Practices Act (FCPA) Due Diligence This is Security Executive Council material  

Created By: Security Executive Council
A report on third party due diligence related to FCPA activities according to current research. Findings are from sources such as audit and law firms and other associations that represent many multi-national/global companies. Report developed to educate senior management and other internal stakeholders (e.g., peers) on what a third party due diligence program as it relates to FCPA may encompass.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only

Articles

    2011 Annual Report for the Security Executive Council  This is Security Executive Council material  
Created By: Security Executive Council
This year's report covers activities, initiatives and resources in a three page condensed document. The information may be used to learn the kinds of support the SEC can offer you as well as a glimpse into what its members are tackling.
Click to download PDF file
745KB
    Compliance Scorecard - Event venues best practices and guidelines This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
Compliance Scorecard - Event venues best practices and guidelines
Click to download PDF file
291KB
    Compliance Scorecard - Importer security filing sees 80 percent compliance This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
In mid-October, the Government Accountability Office reported that importers have achieved an 80-percent rate of compliance with Customs & Border Patrol's Importer Security Filing, otherwise known as the 10+2 rule. The rule went into effect in January 2009, and CBP began full enforcement in January 2010.
Click to download PDF file
133KB
    Compliance Scorecard: Is Your Security Awareness Program All It Can Be? This is Security Executive Council material  
Created By: Kathleen Kotwica, Security Executive Council Staff
Some questions to ask yourself about the basic robustness of your security awareness and training program.
Click to download PDF file
335KB
    Compliance Scorecard: Airports Encouraged to Use E-Verify This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
The TSA has asked all airport employers to electronically check the employment eligibility of newly hired employees. This is currently voluntary, but it might become mandatory for all U.S. employers. From the February 2008 issue of ST&D magazine.
Click to download PDF file
208KB
    Compliance Scorecard: Banking & Financial Regulations This is Security Executive Council material  
Created By: Security Executive Council Staff
The financial industry is one of the United States' most regulated sectors. Risk issues in this industry can easily impact the livelihoods of thousands if not millions of people, as corporate ethics scandals and our current economic recession have clearly shown. The federal government has set forth number of well-recognized rules intending to better secure this high-profile sector.
Click to download PDF file
341KB
    Compliance Scorecard: Better Safe than Sorry This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
The new edition of NFPA 1600 could impact your emergency management or business continuity program. From the January 2008 issue of ST&D magazine.
Click to download PDF file
107KB
    Compliance Scorecard: CFATS Continued  This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
In November, the U.S. House of Representatives passed H.R.2868, the Chemical and Water Security Act of 2009. As of this writing, the Act is in committee in the Senate and may or may not come out. A bipartisan group of senators has already announced separate legislation, which has been referred to as the "Continuing Chemical Facilities Antiterrorism Security (CFATS) Act" (S.2996), that it says addresses some of the "problems" inherent in the House version. It is currently unclear how or whether the two bills will be reconciled, but chemical, water and wastewater facilities, as well as other facilities subject to CFATS, should pay attention.
Click to download PDF file
216KB
    Compliance Scorecard: Concealed Carry on Campus  This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
With the recent hype surrounding so-called "open carry" laws, it is easy to overlook some states' proposed changes to laws regarding the concealed carrying of firearms. As of this writing, the Kansas State Senate is considering a bill to allow anyone over 21 years old with a concealed gun license to bring a weapon to any of the state's public higher education institutions. If the bill passes, Kansas will become the second state in the nation to legally require public colleges and universities to accept concealed weapons on campus. Utah is the first.
Click to download PDF file
259KB
    Compliance Scorecard: Environmental Compliance This is Security Executive Council material  
Created By: Liz Lancaster Carver, Security Executive Council Staff
Industrial security, environmental, health and safety professionals must be aware of the range of environmental regulations impacting security. From the July 2008 issue of Security Technology & Design magazine.
Click to download PDF file
139KB
    Compliance Scorecard: FERPA Compliance This is Security Executive Council material  
Created By: Materials created by Security Executive Council strategic alliance partners
Jon Oliver, assistant dean and director of IT for the School of Communication, Information and Library Studies at Rutgers University, writes about the security fundamentals of complying with the Family Educational Rights and Privacy Act (FERPA). From the August 2008 issue of ST&D magazine.
Click to download PDF file
233KB
    Compliance Scorecard: Facility Security This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
Last fall’s attacks on hotels in Islamabad, Pakistan, and Mumbai, India, drew a unanimous response from hotel owners and management across the globe: “The safety and security of our guests is our highest priority. We are examining our existing security and crisis preparedness measures to ensure we provide the best possible protection for our customers.”
Click to download PDF file
314KB
    Compliance Scorecard: Financial Sector Security Faces a Tough Road Ahead This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
What financial sector security professionals can do to weather the recession storm. From the December 2008 issue of Security Technology Executive magazine.
Click to download PDF file
115KB
    Compliance Scorecard: Gaming and Casinos 
Created By: Security Executive Council Staff
Seven key regulations that security executives in this sector need to know.
Click to download PDF file
311KB
    Compliance Scorecard: In a Varied Regulatory Environment, Understanding Is Crucial This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
Regulation and standards-making for the gaming industry is a mixed bag across the country. With each state maintaining its own set of requirements for surveillance, background checking, access control, accounting management and more, you could say the luck is in the draw — your location determines your fate.
Click to download PDF file
81KB
    Compliance Scorecard: Is Your Data Leaking This is Security Executive Council material  
Created By: Bob Pappagionopoulos, Security Executive Council Member
In today's regulatory environment, the compromise of confidential data costs more than consumer confidence and the price of resolution--it costs hard cash in the form of heavy fines. From the November 2007 issue of ST&D magazine.
Click to download PDF file
319KB
    Compliance Scorecard: Knowledge of CPTED Useful in Meeting Public and Private Security Standards This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
The principles of Crime Prevention through Environmental Design (CPTED) can help ensure that property design will include appropriate levels of built-in security, and they play a role in a number of voluntary guidelines and standards in the public and private sectors. From the April 2008 issue of ST&D magazine.
Click to download PDF file
201KB
    Compliance Scorecard: More on Organized Retail Crime Legislation  This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
Normally we use this column to focus on standards, guidelines, laws and regulations with which security programs must or should comply. This month, however, we wanted to highlight some proposed legislation that, instead of setting down performance guidelines, could tamp down a problem that has hampered retail security and loss prevention operations nationwide.
Click to download PDF file
462KB
    Compliance Scorecard: The False Claims Act  This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
Could your company be held liable for defrauding the government? Don’t be so sure. The purpose of the False Claims Act, which was enacted during the Civil War, has always been to protect the government from losing money to fraud. Its primary targets were federal contractors who deceived the government for gain. The legislation was significantly strengthened in 1986, when Congress amended the FCA to provide protections for whistleblowers and increased the related penalties — allowing the government to collect damages and civil penalties of up to $11,000 per claim. Any whistleblower whose suit is successful receives a share of the money recovered. Since these amendments, the government has recovered more than $21 billion under the FCA, with more than half coming through private whistleblower suits.
Click to download PDF file
262KB
    Compliance Scorecard: Time to Assess Clery Act Compliance  This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
On August 14, 2008, then-President George W. Bush signed the Higher Education Opportunity Act (HEOA), which includes among its wide-ranging mandates several items that directly impact security at U.S. colleges and universities. The HEOA makes six amendments to the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act. Under the Clery Act, colleges and universities that participate in federal student aid programs must a) publish annual reports that contain three years of campus crime statistics; b) disclose crimes reported on the campus and nearby areas; and c) keep a log of all crimes reported on campus.
Click to download PDF file
127KB
    Compliance Scorecard: Voluntary Private Sector Preparedness  This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
Business continuity planning can be a particular challenge for a corporate campus. Whereas any other individual site may have a single predominant function, such as manufacturing, distribution, or customer care, the executive headquarters generally houses multiple functions with disparate needs, and perhaps thousands of executives and personnel to perform those functions. Developing a plan for relocation on such a grand and varied scale can be a true challenge.
Click to download PDF file
160KB
    Compliance scorecard - Meaningful use brings more attention to health info security  This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
In July, the U.S. Department of Health and Human Services, along with the Centers for Medicare and Medicaid Services (CMS), issued a final regulation setting forth the criteria that hospitals and individual healthcare practices must meet in order to qualify for certain Medicare and Medicaid incentives under the HITECH Act of 2009.
Click to download PDF file
118KB
    Compliance scorecard: FFIEC authentication guidance  This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
“Authentication in an Electronic Banking Environment” is a document released by the United States Federal Financial Institution Examination Council (FFIEC) in 2001 to provide guidance to U.S. financial institutions on authenticating customers in electronic or online transactions. Its goals in doing so are to safeguard customer information; to prevent money laundering and terrorist financing; to reduce fraud and the theft of sensitive customer information; and to promote legal enforceability of financial institutions’ electronic agreements and transactions. The guidance was revised in 2005.
Click to download PDF file
433KB
    Compliance scorecard: Foiling organized retail theft  This is Security Executive Council material  
Created By: Security Executive Council Staff
Law enforcement in central Florida recently shut down an elaborate retail theft ring responsible for shoplifting thousands of cans of powdered baby formula. Twenty-one suspects were arrested for stealing from six different counties and transporting the loot out of state.
Click to download PDF file
159KB
    Compliance scorecard: Security risk assessments - Integrating the concept  This is Security Executive Council material  
Created By: William J. Malampy and John W. Piper, Security Executive Council Content Experts
During 2006, the authors of this column were requested to execute a security risk assessment at a major liquefied natural gas facility in the Asia-Pacific region. The provincial government had ordered that significant capital projects required a security risk assessment be conducted as part of their Environmental Impact Statement (EIS) requirements - otherwise, no permits for construction would be issued.
Click to download PDF file
153KB
    Comply Through Teamwork This is Security Executive Council material  
Created By: Kathleen Kotwica, Security Executive Council Staff
By coming together to resolve redundancies, you can show management that the company is as protected against regulatory risk as it can be. From the August 2007 issue of AC&SS magazine.
Click to download PDF file
321KB
    Education Compliance - Six regulations that security executives need to know This is Security Executive Council material  
Created By: Security Executive Council Staff
The Clery Act addresses public notification of crimes committed at colleges and universities that participate in federal student aid programs. The Act was amended in 2008 by provisions of the Higher Education Opportunity Act.
Click to download PDF file
315KB
    Emergency preparedness: Compliance, care and the long view This is Security Executive Council material  
Created By: Francis D’Addario, Security Executive Council CSO Emeritus
Our current fluid global risk cannot be read in the carefree faces of children at play. They are blissfully unaware of foreboding hazards that endanger them and their protectors. In fact, the multi-trillion-dollar all-hazard landscape - most vividly rendered by the World Economic Forum's 2010 Global Risk Report - remains unknown to many. Those with insight into these risks have a duty to help increase others' awareness of them and to measure mitigation progress. If we hope to lead our organizations through this complex global risk landscape, we must learn what we can from man-made and natural risk events to improve preparedness and resiliency.
Click to download PDF file
910KB
    Is It Time for a Fresh Look at the Bank Protection Act?  This is Security Executive Council material  
Created By: Security Executive Council Staff
When banks are suffering their biggest losses from fraud-related and cyber crimes, it is easy to overlook the importance of such mundane things as physical security standards. But even if their loss figures are lower, bank robbery and bank burglary are still significant threats, says Doug Johnson, vice president of risk management for the American Bankers Association. “Physical crime can have a potentially significant impact on the customers and the employees,” he says. “A bank robbery is something you remember. So regardless of what the loss might be, it is safe to say it’s a significant event, and that’s why we take it so seriously.”
Click to download PDF file
366KB
    Overcoming Challenges, Finding Unexpected Benefits In CFATS  This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
The Chemical Facility Anti-Terrorism Standards are complex and fairly disruptive. Few would argue that. The risk-based performance standards guidance alone is nearly 200 pages long, and many companies have had to re-allocate or hire staff, facilitate training and certification, and contemplate ways to re-imagine corporate processes in order to control access to chemicals of interest. However, when all is said and done, regulators and most of the regulated seem to agree that the standards should lead to the shoring up of potential vulnerabilities that, before CFATS, often went unaddressed.
Click to download PDF file
340KB
    Security Contract Compliance Auditing This is Security Executive Council material  
Created By: George Campbell, Security Executive Council Emeritus Faculty
Contracts with product and service suppliers are an integral part of many corporate security service delivery programs; in fact, many companies spend millions of dollars annually for thousands of hours of service from contract guard vendors. Ensuring the effectiveness of performance terms and related compliance monitoring is a critical management objective that requires knowledgeable and engaged resources, along with the right data for performance measurement.
Click to download PDF file
340KB
    Seven Steps to Information Security Compliance This is Security Executive Council material  
Created By: Lou Magnotti, Security Executive Council Staff
To achieve compliance, any organization must master the “Big Four”—perimeter defenses, system certifications, auditing, and user involvement. From the July 2007 issue of ST&D magazine.
Click to download PDF file
328KB
    Shortening the Long Road to Compliance  This is Security Executive Council material  
Created By: Marleah Blades, Security Executive Council Staff
Security Executive Council stakeholders Bill Ramsey, director of security for McCormick & Company Inc., Karl Perman, manager of corporate security programs for Exelon Corp., and Stanley Jarocki, vice president of Wells Fargo, share the lessons they have learned from years of successful security compliance. From the September 2008 issue of ST&D magazine.
Click to download PDF file
651KB
    Supreme Court Expands Employee Protection This is Security Executive Council material  
Created By: John Thompson, SEC content expert faculty
Employees have broad protection against retaliation after they have made complaints of discrimination — broader protection than previously understood. From the August 2007 issue of ST&D magazine.
Click to download PDF file
315KB
    Surprise! We're Regulated! This is Security Executive Council material  
Created By: Bob Hayes, Marleah Blades, Security Executive Council Staff
A sequel to "The Business of Security: The New Rules of Security," this article discusses how CSOs can keep up with the flood of security-related laws, regulations, voluntary compliance guidelines and standards.
Click to download PDF file
387KB
    The Business of Security: The New Rules of Security This is Security Executive Council material  
Created By: Bob Hayes, Marleah Blades, Security Executive Council Staff
How many security regulations apply to your company? Odds are, there are more than you think.
Click to download PDF file
722KB
    The Case of the Reluctant Complainant  This is Security Executive Council material  
Created By: John Thompson, Security Executive Council Content Expert Faculty
Key tips for human resources professionals who are approached with misconduct concerns.
Click to download PDF file
335KB

Forums

   Faculty Advisor: Tis the Season - Compliant Gifting This is Security Executive Council material  
Created By: Ken Kasten, Security Executive Council Emeritus Faculty
The holiday season always brings with it the well-intended holiday gifts to our employees and, in some cases, to our clients, vendors and suppliers. How do I address the appropriateness and potential abuse of these gifts without being viewed as Scrooge? Read Security Executive Council Emeritus Faculty member, Ken Kasten's, answer to this question.
 
   

Knowledge Exchange: Private Sector Crisis Certification Law This is Security Executive Council material  

Created By: Bruce Blythe
Hear from industry expert, Bruce Blythe from CMI on a new corporate "crisis" certification law titled "Implementing Recommendations of the 9/11 Commission Act of 2007" and is also referred to as Public Law 110-53. Title IX of the Act addresses required private sector preparedness plans and the certification program.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only

Multimedia

   C-TPAT Supply Chain Security This is Security Executive Council strategic alliance partner material  
Created By: Security Executive Council
A video for companies that have joined the Customs-Trade Partnership Against Terrorism; this program educates employees about key principles of supply chain security. C-TPAT provides discernible business value to companies but only if employees are aware of the proper procedures. Viewers go inside the mind of a criminal who shows how supply chain security can often be easily subverted. TIER 1 LEADERS, send an e-mail to contact@secleader.com for discount information.
A Tier 1 Leader item available for purchase by others. Visit our store to view the video in its entirety and to purchase.