- July 23, 2010
IT Compliance Advisor welcomes our new blogger, Frank Ohlhorst: Meeting the needs of compliance regulations effectively means that IT staffers must be able to monitor and report on any activity ...
- July 14, 2010
IT Compliance Advisor welcomes our newest blogger, Paul F. Roberts: I recently had the pleasure of speaking to a group of security professionals in New York about Massachusetts’ ...
- June 29, 2010
A broad challenge to the Sarbanes-Oxley Act opened up an avenue to overturning the 2002 antifraud law. But the Supreme Court ruled narrowly, leaving SOX to live another day.
- June 14, 2010
With demand growing for more effective monitoring of security-related information, the federal government is calling for tougher IT security testing.
- June 07, 2010
Iron Mountain CIO William Brown is leaving his CIO job to take on the compliance process. His aim: To make compliance more efficient for the company and its customers.
- May 24, 2010
Final Four bracket pools are not just for basketball fans anymore. In an unusual risk management analysis methodology, payroll and human resource services provider Paychex breaks down its risk ...
- May 17, 2010
The era of businesses playing fast and loose with people’s personally identifiable information (PII) has passed -- and not because of standards like PCI DSS or compliance mandates. The public at ...
- May 17, 2010
The Williams Cos. Inc. had more than 900 IT controls related to SOX compliance, many redundant. With patience and "highly configurable" GRC software, the chaos is under control.
- May 08, 2010
I am not the only one who wondered if the stock market "jitterations" Thursday were caused by an act of computer terrorism. Like a lot of people apparently, I pondered whether the theoretical ...
- May 03, 2010
A survey of Qualified Security Assessors (QSAs) on how businesses are dealing with the 12 mandatory requirements of the Payment Card Industry Security Standard (PCI DSS) contains a number of ...
- April 27, 2010
The courts will eventually determine whether the profiteers at Goldman Sachs who spun toxic securities into gold were extremely skilled players in the legal gambling dens of Wall Street, or whether ...
- April 26, 2010
BWise's latest innovation integrates continuous controls monitoring (CCM) with its GRC management suite. CTO Luc Brandts talks about the relative strengths and weaknesses of each.
- April 21, 2010
The Supreme Court's decision in a "sexting" case involving a police officer and a pager could broadly affect employee privacy rights -- or not. Either way, the message for CIOs is clear.
- April 16, 2010
I’ll start with the possibly infuriating hypothesis: There’s money to be made from governance, risk and compliance (GRC) software by vendors, of course, but also for enterprise IT shops. And it is ...
- April 05, 2010
Interest in cyberinsurance is rising in the wake of data breach notification laws and as more is learned about the potential cost of a data breach. The question is: Do you need it?