-
FAQ: What is the Federal Information Security Management Act?
The Federal Information Security Management Act aims to improve information security by requiring federal agencies to comply with standards. Learn more with this FISMA FAQ. FAQ
-
Enterprise document management FAQ: IT operations and compliance
Find answers and resources to frequently asked questions about the relationship of enterprise document management to IT operations and compliance. FAQ
-
FAQ: What is the impact of a compliance audit on IT operations?
Find answers and resources to frequently asked questions regarding the impact of compliance audits on IT operations. FAQ
-
Chapter excerpt: The Three Core Disciplines of IT Risk Management
IT risk management is built on a well-structured foundation of IT assets, a well-designed and executed risk governance process and a risk-aware culture. Chapter Excerpt
-
Follow the money in GRC management platforms
Governance, risk and compliance (GRC) technology is evolving as ERP vendors up their stakes in GRC. Who's going to make money, and can you get into the game? News | 16 Apr 2010
-
FISMA compliance reform act looks to monitor cybersecurity threats
A new act introduced in the U.S. House of Representatives proposes reforming FISMA compliance to better address risks posed by cybersecurity threats and cloud computing. Article | 29 Mar 2010
-
OIX trust framework to secure citizen-to-government authentication
The Open Identity Exchange trust framework will enable the secure authentication and exchange of online identity credentials across public and private sectors. Article | 05 Mar 2010
-
XBRL financial reporting a hard sell; new GRC XBRL taxonomy on the way
Early adopters of XBRL say the benefits for electronic financial reporting are many, but companies remain leery of investing resources until they see practical benefits. Article | 29 Jan 2010
-
Important regulatory compliance trends that will affect IT in 2010
The top regulatory compliance trends that will affect IT in 2010 include automation, risk management, increased regulation, stepped-up enforcement and more. Article | 11 Jan 2010
-
XBRL reporting not just for SEC anymore, but business is slow to adopt
In 2010, many SEC filers must report in XBRL, an XML language that will revolutionize business reporting. But will companies embrace it as a standard for internal use? Article | 18 Dec 2009
-
Poor application security creates supply chain risk, security threat
The Department of Homeland Security wants to see better application security throughout the development lifecycle to avoid software supply chain risk. Article | 16 Nov 2009
-
NERC CSO warns of cybersecurity threats, vulnerable electric grid
Growing cybersecurity threats to critical infrastructure and the electric grid have put a new focus on NERC regulations, as well as FISMA, warns NERC's chief security officer. Article | 03 Nov 2009
-
SAP sees green in sustainability software for carbon compliance
As regulation of greenhouse emissions grows near, SAP moves to roll out sustainability software that will help enterprises meet carbon footprint compliance. Article | 22 Oct 2009
-
Electronic privacy integral to identity management standards, says DHS
At the OASIS conference, government officials confront the intersection of electronic privacy and identity management standards, but IT pros have concerns. Article | 08 Oct 2009
- See More: News on Automating compliance processes
-
Looking to better manage insider security risks? Try compliance
Compliance officers have tried a variety of approaches to minimize insider security risks. Our expert suggests that maybe it's time for a compliance-driven solution. Tip
-
How good is your mainframe at data security? Not as good as you think.
Despite mainframes' reputation for data security, their increasing interaction with Web-based environments makes them vulnerable. Take these steps to seal the cracks. Tip
-
An ERM strategy that leverages compliance for IT/business alignment
Compliance can be achieved through enterprise risk management, but your ERM strategy may not mean compliance. Here's how to leverage ERM for compliance. Tip
-
Business Model for Information Security: Security right the first time
The Business Model for Information Security, a new framework introduced by ISACA, employs 'systems thinking' models that promise to get security right the first time. Tip
-
Be ready for electronic discovery with a records retention policy
Email does not drive records retention policy -- it's about what's in the email. With a few simple steps you can help prevent electronic discovery surprises and costly fines. Tip
-
Pietrylo case a cautionary Web 2.0 communications compliance failure
Enterprises must balance mitigation and respect for employee creativity and expression in Web 2.0 communications, while allowing for marketing and public relations. Tip
-
Social media platforms demand a clear employee Internet use policy
Social media platforms make it easier than ever for employees to post information that could be harmful to your business. Here are some steps to take. Tip
-
Avoid enterprise risk with compliance system controls
A lack of internal controls over activities and systems can lead to failed compliance initiatives and increased risk to the enterprise. Tip
-
PCI compliance (payment card industry compliance)
Payment card industry (PCI) compliance is adherence to a set of security standardsthat were developed to protect card information during and after a financial transaction. Word
-
FAQ: What is the Federal Information Security Management Act?
The Federal Information Security Management Act aims to improve information security by requiring federal agencies to comply with standards. Learn more with this FISMA FAQ. FAQ
-
Looking to better manage insider security risks? Try compliance
Compliance officers have tried a variety of approaches to minimize insider security risks. Our expert suggests that maybe it's time for a compliance-driven solution. Tip
-
How good is your mainframe at data security? Not as good as you think.
Despite mainframes' reputation for data security, their increasing interaction with Web-based environments makes them vulnerable. Take these steps to seal the cracks. Tip
-
An ERM strategy that leverages compliance for IT/business alignment
Compliance can be achieved through enterprise risk management, but your ERM strategy may not mean compliance. Here's how to leverage ERM for compliance. Tip
-
Follow the money in GRC management platforms
Governance, risk and compliance (GRC) technology is evolving as ERP vendors up their stakes in GRC. Who's going to make money, and can you get into the game? News
-
FISMA compliance reform act looks to monitor cybersecurity threats
A new act introduced in the U.S. House of Representatives proposes reforming FISMA compliance to better address risks posed by cybersecurity threats and cloud computing. Article
-
OIX trust framework to secure citizen-to-government authentication
The Open Identity Exchange trust framework will enable the secure authentication and exchange of online identity credentials across public and private sectors. Article
-
XBRL financial reporting a hard sell; new GRC XBRL taxonomy on the way
Early adopters of XBRL say the benefits for electronic financial reporting are many, but companies remain leery of investing resources until they see practical benefits. Article
-
Important regulatory compliance trends that will affect IT in 2010
The top regulatory compliance trends that will affect IT in 2010 include automation, risk management, increased regulation, stepped-up enforcement and more. Article
-
XBRL reporting not just for SEC anymore, but business is slow to adopt
In 2010, many SEC filers must report in XBRL, an XML language that will revolutionize business reporting. But will companies embrace it as a standard for internal use? Article
- See More: All on Automating compliance processes
About Automating compliance processes
Companies can save time and money by automating compliance processes. Learn more with the latest news, advice, commentary and best practices from regulatory compliance experts.