Recently, I was chatting with longtime colleague and friend, Keith Essency. I first met Keith when I worked in the Motorola Semiconductor business in marketing and he was on the engineering side. We ...

One new and different item laid out in the Evaluation of Corporate Compliance Program (Evaluation), supplementing the Ten Hallmarks of an Effective Compliance Program from the 2012 FCPA Guidance, was ...

The interrelated final standards on quality management issued in June 2022 by the AICPA’s Auditing Standards Board and Accounting and Review Services Committee are intended to clarify and improve ...

This week’s column is my third column of five on root cause analysis tools for managers. In the first column I explained root cause analysis as the process of trying to discover the source (or sources ...

Editor’s note: This article is the second in a series to help practitioners learn about the AICPA’s new quality management standards and prepare to implement them. The interrelated final standards on ...

In “Managing risky business,” I mentioned that when advice on secure development turns out to be flawed or incomplete, smart organizations learn from their mistakes and update the guidance they issue.

As semiconductor devices become smaller and more complex, the product development lifecycle grows increasingly intricate. So, from early builds to pre-qualification testing, firmware development and ...

A few decades ago, simply knowing how your business was performing was a competitive advantage. Before computers, tracking and analyzing, even a handful of business metrics required dozens of people.

Every organization should have a computer incident response plan. A solid plan should serve two major functions. The first is to recover business functions as quickly as possible. The second is to ...