Litigation always, has been, and will continue to be, a reality of doing business. What is changing, however, is discovery and its focus on electronically stored information (often abbreviated ESI).

As email has become more critical in the business world, many companies are weighing the question of how long it should be retained, what should be done with it, and when it should be deleted. The answer depends on many issues, particularly when one considers the varying regulations and business situations that might demand emails to be archived for long periods of time.

The general compliance deadline for 201 CMR 17 was initially set for January 1, 2009, but it has been pushed to January 1, 2010 in response to concerns3 from a variety of businesses large and small, industry organizations and other affected organizations.

The North American Electric Reliability Corporation(NERC) is a non-profit corporation chartered to ensure that the bulk electric system in North America is reliable, adequate and secure.

Taxes are certainly not fun, but there is something worse: an audit. Combine the two in a risk and compliance scenario and you have the onerous "audit tax," a figurative term used to describe the expenses a company incurs when deploying resources and manpower to satisfy the burgeoning set of internal and external compliance and audit mandates.

For all organizations with current or planned initiatives in the area of IT governance, risk management, and compliance (IT GRC), this report describes the policy, planning, process, and organizational elements of successful implementations.

Published: August 2009 - Governance, risk management, and corporate compliance (GRC) is a business journey, not a destination. The business world is dynamic: Organizations are constantly reacting to an evolving risk and compliance landscape of pressure and control. Organizations tackle GRC as an integrated business collaboration and architecture to drive toward: