- Compliance teams
- Reporting
- Automating compliance
- Governance and compliance
- Training
- Audits
- Risk management
- BC
- Information technology governance
- Enterprise cloud compliance
- Business records management
Email Alerts
-
Experts: Base GRC strategy, technology on corporate framework
Every business has its own unique risks, environment and compliance rules, and all these aspects must be considered when developing GRC strategy.Tip
-
Q&A: Communication, monitoring keys to corporate risk management
Ace Hardware Director of Risk Management William J. Montanez discusses the key aspects of, and obstacles to, a strategy for managing corporate risk.News | 01 Apr 2013
-
Considering a career in compliance? Heed these warnings
In this IT Compliance Advisor blog post, Kevin Beaver discusses the benefits – and pitfalls – common to those who seek a career in compliance management.Misc
-
IT Priorities Survey: Compliance among top-ranked 2013 initiatives
Compliance strategy will continue to be hugely important to businesses in 2013, according to respondents to the TechTarget IT Priorities Survey.News | 21 Dec 2012
-
Information security and compliance in harmony with cloud deployment
The relationship between information security and compliance can be tenuous, but the cloud is forcing changes in how the two disciplines interact.Tip
-
IT Salary Survey 2012: GRC professionals looking for a challenge
As compliance rules and IT risk expand, GRC professionals are looking forward to new challenges, according to the TechTarget IT Salary Survey 2012.News | 07 Dec 2012
-
compliance burden
Compliance burden, also called regulatory burden, is the administrative cost of a regulation in terms of dollars, time and complexity.Definition
-
Panel: Self-police corporate risk to avoid SEC enforcement actions
A self-policing 'culture of compliance' helps avoid corporate risk and SEC enforcement actions, GRC experts said at a recent roundtable discussion.News | 26 Oct 2012
-
Beware the perils of organization-wide compliance policy involvement
Kevin Beaver explains how input from myriad departments and staff -- all with selfish interests -- can negatively influence compliance policy.Tip
-
Top information security strategy tips for GRC professionals
Information security strategy is vital to the modern company. Read these top tips from SearchCIO.com to ensure your business is not left vulnerable.Tip
- VIEW MORE ON : Compliance teams
-
AICPA (American Institute of Certified Public Accountants)
The AICPA (American Institute of Certified Public Accountants) is a member association for the accounting profession that sets ethical standards for accountants, as well as U.S. auditor standards for private companies, nonprofit organizations and the government.Definition
-
Compliance rules complicate nonprofits' move to cloud-based computing
As nonprofits turn to cloud-based computing, these organizations must be aware of how moving to the cloud influences regulatory compliance processes.Tip
-
compliance framework
A compliance framework is a structured set of guidelines that details an organization's processes for maintaining accordance with established regulations, specifications or legislation.Definition
-
internal audit (IA)
An internal audit is an organizational initiative to monitor and analyze its own business operations in order to determine how well it conforms to a set of specific criteria. Definition
-
ERM conference to offer latest in enterprise risk management strategy
Business risk remains a top concern, so organizers of an upcoming conference promise real-world examples and expert tips on cutting-edge ERM strategy.News | 24 Jan 2013
-
Whistleblower Protection Act
The Whistleblower Protection Act of 1989 (WPA) is a law that protects federal government employees in the United States from retaliatory action for voluntarily disclosing information about dishonest or illegal activities occurring at a government organization.Definition
-
Best practices to navigate the Dodd-Frank/SEC whistleblower program
The SEC whistleblower program provides monetary rewards for reporting Dodd-Frank violations. Here's how strong reporting processes can protect you.Tip
-
compliance burden
Compliance burden, also called regulatory burden, is the administrative cost of a regulation in terms of dollars, time and complexity.Definition
-
NERC CIP (critical infrastructure protection)
The NERC CIP (critical infrastructure protection) plan is a set of requirements designed to secure assets vital to reliably operating North America's bulk electric system.Definition
-
FAQ: How did Wal-Mart trigger FCPA violations?
Allegations that Wal-Mart bribed Mexican officials to advance business not only gave the retail giant a black eye, but also brought FCPA violation charges.FAQ
- VIEW MORE ON : Reporting
-
Predictive coding assists in e-discovery, doesn't replace human review
Predictive coding has become a valuable legal tool, but experts caution its benefits are only as good as the human programmers running the system.Tip
-
Product Spotlight: IT GRC, security tools for the business
Our latest roundup of IT compliance products features two IT GRC management tools that help businesses evaluate their assets' and programs' security.Product Spotlight | 25 Oct 2012
-
How leveraging technology can help regulatory compliance management
In the corporate world, keeping track of compliance mandates can be a challenge. Here's how technology can help with regulatory compliance management.News | 12 Jun 2012
-
New MetricStream, RSA tools target regulatory compliance management
Our latest compliance product roundup spotlights regulatory compliance management solutions recently released by MetricStream and RSA Security Management.Product Spotlight | 08 Jun 2012
-
Aruvio unveils new cloud GRC tool
GRC platform vendor Aruvio has rolled out AruvioGRC, describing the cloud-based tool as faster, cheaper and easier to use than conventional GRC software.Product Spotlight | 04 May 2012
-
SOX compliance possible for smaller companies with proper preparation
Meeting Sarbanes-Oxley requirements can be difficult for smaller companies. Proper preparation, however, can make SOX compliance less daunting.IT Compliance Advisor
-
Will regulatory compliance, controlling user access bring Novell back?
Novell's future could revolve around new products that simplify the governance of user access and manage regulatory compliance.IT Compliance Advisor
-
FAQ: What is the Federal Information Security Management Act?
The Federal Information Security Management Act aims to improve information security by requiring federal agencies to comply with standards. Learn more with this FISMA FAQ.FAQ
-
Looking to better manage insider security risks? Try compliance
Compliance officers have tried a variety of approaches to minimize insider security risks. Our expert suggests that maybe it's time for a compliance-driven solution.Tip
-
How good is your mainframe at data security? Not as good as you think.
Despite mainframes' reputation for data security, their increasing interaction with Web-based environments makes them vulnerable. Take these steps to seal the cracks.Tip
- VIEW MORE ON : Automating compliance
-
Mobile device management best practices for the connected organization
Mobile devices force reexamination of many data processes. In this tip, learn mobile device management best practices for the consumerized workplace.Tip
-
Federal Information Security Management Act (FISMA)
The Federal Information Security Management Act (FISMA) is United States legislation that defines a comprehensive framework to protect government information, operations and assets against natural or man-made threats.Definition
-
Experts: Base GRC strategy, technology on corporate framework
Every business has its own unique risks, environment and compliance rules, and all these aspects must be considered when developing GRC strategy.Tip
-
Log management tightens data security and IT performance
Log management is a compliance cornerstone in today's enterprise IT environment. The chief benefit of log management is the way in which it offers IT compliance officers the ability to ferret out malicious behaviors and data security threats posed both by internal users and external threats. Given the proliferation of data in modern organizations and corresponding concerns about unauthorized access, this is not a minor consideration. A committed log management strategy can also help IT executives sort through operational bottlenecks at all levels of the enterprise by cataloging incidents and allowing for a simpler review of this information. In this log management buyer's guide, find out how a log management program can guide you in managing your organization's security and operational concerns. This guide also contains a list of vendors offering their services in the log management arena.E-Book
-
#Compliance: Twitter buzzing about CISPA cybersecurity bill
Social media has been buzzing of late about the House passage of CISPA, as opponents argue the cybersecurity bill is a huge hit to consumer privacy.News | 22 Apr 2013
-
Overcoming the data governance and security implications of BYOD
In this tip, learn the data governance and security obstacles businesses must consider when implementing a BYOD policy, and how to overcome them.Tip
-
Global economy forces companies to re-examine regulatory compliance
The global economy creates unique risks and regulatory compliance rules for multinational corporations, forcing them to re-examine GRC processes.News | 04 Apr 2013
-
Q&A: Communication, monitoring keys to corporate risk management
Ace Hardware Director of Risk Management William J. Montanez discusses the key aspects of, and obstacles to, a strategy for managing corporate risk.News | 01 Apr 2013
-
Obama, business leaders meet to discuss U.S. cybersecurity strategy
President Obama met with high-profile business leaders this week to discuss how the private sector can work together on U.S. cybersecurity strategy.News | 14 Mar 2013
-
FAQ: What is the current status of U.S. cybersecurity legislation?
After several failed cybersecurity legislation efforts, are U.S. lawmakers finally ready to create rules protecting the nation from cybercrime?FAQ
- VIEW MORE ON : Governance and compliance
-
Mobile device management best practices for the connected organization
Mobile devices force reexamination of many data processes. In this tip, learn mobile device management best practices for the consumerized workplace.Tip
-
Considering a career in compliance? Heed these warnings
In this IT Compliance Advisor blog post, Kevin Beaver discusses the benefits – and pitfalls – common to those who seek a career in compliance management.Misc
-
Top 12 2012: Readers' favorite GRC management articles of the year
In our 'top 12 of 2012,' read SearchCompliance.com's most-viewed articles from the past year, and discover GRC management advice and best practices.News | 21 Dec 2012
-
CISSP Practice Test
CISSP Practice TestSurvey
-
IT Salary Survey 2012: GRC professionals looking for a challenge
As compliance rules and IT risk expand, GRC professionals are looking forward to new challenges, according to the TechTarget IT Salary Survey 2012.News | 07 Dec 2012
-
Summit to examine the business benefits of a comprehensive GRC program
A comprehensive GRC program that influences company-wide strategy provides big business benefits, say organizers of the upcoming Chicago GRC Summit.News | 18 Oct 2012
-
regulatory compliance
Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business.Definition
-
Video: Cybersecurity strategy onus on users in dangerous online world
In this video, IT security expert Hord Tipton discusses how cybercriminals' new, sophisticated tactics should influence your cybersecurity strategy.Video
-
Governing the complications of social media security and compliance
Technology law expert Jeffrey Ritter discusses the obstacles to governing social media security in 21st century business and what companies can do to protect their information.News | 07 May 2012
-
Will EU data protection reforms help or hurt business?
Reforms to the EU's data protection framework are designed to enhance privacy and create uniform regulations. But what will be the cost to businesses?AIOG
- VIEW MORE ON : Training
-
AICPA (American Institute of Certified Public Accountants)
The AICPA (American Institute of Certified Public Accountants) is a member association for the accounting profession that sets ethical standards for accountants, as well as U.S. auditor standards for private companies, nonprofit organizations and the government.Definition
-
compliance framework
A compliance framework is a structured set of guidelines that details an organization's processes for maintaining accordance with established regulations, specifications or legislation.Definition
-
internal audit (IA)
An internal audit is an organizational initiative to monitor and analyze its own business operations in order to determine how well it conforms to a set of specific criteria. Definition
-
Video: Constructing a 'normalized' corporate compliance program
In this video, learn how to build -- and maintain -- a sustainable corporate compliance program that keeps your business on the right side of the law.Video
-
Will 2012 election push Dodd-Frank regulations forward?
The 2012 election results have put Dodd-Frank regulations and finance reform in the spotlight. But will it have any real influence on financial regulation?Blog
-
regulatory compliance
Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business.Definition
-
Computer Fraud and Abuse Act (CFAA)
The Computer Fraud and Abuse Act (CFAA) of 1986 is United States legislation that made it a federal crime to access a protected computer without proper authorization.Definition
-
Start at the end: Keys to an audit-driven corporate compliance program
Creating an audit kit is usually the last part of corporate compliance program development. Our expert says your organization may be better served by flipping the process.Tip
-
Stage set for EPIC fight against Google privacy policy
The Electronic Privacy Information Center has resorted to legal tactics as it continues efforts to block implementation of a new Google privacy policy.News | 13 Feb 2012
-
Staying vigilant key to meeting regulatory compliance standards
Regulatory compliance standards, users and threats are becoming increasingly sophisticated as technology evolves. To stay compliant in 2012, you need a proactive approach.News | 09 Jan 2012
- VIEW MORE ON : Audits
-
Mobile device management best practices for the connected organization
Mobile devices force reexamination of many data processes. In this tip, learn mobile device management best practices for the consumerized workplace.Tip
-
How does shadow IT complicate regulatory compliance?
As shadow IT spreads, so, too, do the associated data privacy and security risks. In this FAQ, learn more about shadow IT and its compliance pitfalls.FAQ
-
FAQ: How does shadow IT complicate enterprise regulatory compliance?
As shadow IT spreads, so, too, do the associated data privacy and security risks. In this FAQ, learn more about shadow IT and its compliance pitfalls.FAQ
-
Experts: Base GRC strategy, technology on corporate framework
Every business has its own unique risks, environment and compliance rules, and all these aspects must be considered when developing GRC strategy.Tip
-
#Compliance: Twitter buzzing about CISPA cybersecurity bill
Social media has been buzzing of late about the House passage of CISPA, as opponents argue the cybersecurity bill is a huge hit to consumer privacy.News | 22 Apr 2013
-
Product Spotlight: Global compliance services for mobile productivity
In this Product Spotlight, learn about two global compliance services created to boost mobile productivity and enforce compliance for on-the-go employees.Product Spotlight | 22 Apr 2013
-
Video: Information sharing vital to cybersecurity legislation
Former White House CIO Theresa Payton discusses how including information sharing incentives will be very important to U.S. cybersecurity legislation.Video
-
Global economy forces companies to re-examine regulatory compliance
The global economy creates unique risks and regulatory compliance rules for multinational corporations, forcing them to re-examine GRC processes.News | 04 Apr 2013
-
Video: Former White House CIO on the state of U.S. cybersecurity
In this video, former White House CIO Theresa Payton discusses U.S. cybersecurity and how the public sector can protect itself from cybercrime.Video
-
Q&A: Communication, monitoring keys to corporate risk management
Ace Hardware Director of Risk Management William J. Montanez discusses the key aspects of, and obstacles to, a strategy for managing corporate risk.News | 01 Apr 2013
- VIEW MORE ON : Risk management
-
Product Spotlight: DR/BC offerings for the enterprise
In this Product Spotlight, learn how new DR/BC offerings from RSA and Continuum could benefit business priorities and compliance managers' strategies.Product Spotlight | 18 Feb 2013
-
Thorough preparation necessary to offset cloud security risks
Moving at least some data to the cloud provides numerous benefits, but organizations need to do their homework to alleviate any cloud security risks.News | 14 Dec 2012
-
Audits, maintenance crucial to business continuity policy success
IT-related disasters happen to even the best-prepared companies. Here's how to build a business continuity policy to keep processes running smoothly.Tip
-
Q&A: Developing your business continuity and disaster recovery plan
In this Q&A, consultant and auditor Paul Kirvan discusses what you need to consider when developing a business continuity and disaster recovery plan.News | 01 Aug 2012
-
Survey: IT consumerization alive and well, but security lacking
Despite an IT consumerization influx, some organizations leave something to be desired when it comes to mobile device security, our survey found.News | 26 Jul 2012
-
As data proves invaluable, compliance department expands strategy role
As organizational data proves invaluable, protecting it becomes more vital, so compliance departments can expect a bigger voice in business strategy.News | 18 Jun 2012
-
Top 10 compliance and security articles for midmarket CIOs
Read our top compliance and security articles from SearchCIO-Midmarket.com for tips on risk management solutions, identity management in the cloud and more.Tip
-
As GRC technology becomes more complex, so do buying decisions
The GRC technology market has become increasingly targeted but companies' buying decisions have not followed suit. How can you make sure you're getting the most bang for your buck?News | 14 May 2012
-
Corporate compliance program tips to prevent breaches
Every modern business is vulnerable to data breaches, but here’s advice on creating a solid corporate compliance program to protect your vital information.News | 08 May 2012
-
ISACA: Update to COBIT 5 governance framework maximizes IT assets
ISACA’s update to its popular COBIT 5 framework incorporates a business-wide approach the organization says helps enterprises maximize their information and technology assets.News | 23 Apr 2012
- VIEW MORE ON : BC
-
Chinese hacking report keeps cybersecurity in spotlight
A new report alleges China made systematic cyberattacks against American interests, putting the subpar state of U.S. cybersecurity under the microscope.Blog
-
Product Spotlight: IT GRC, security tools for the business
Our latest roundup of IT compliance products features two IT GRC management tools that help businesses evaluate their assets' and programs' security.Product Spotlight | 25 Oct 2012
-
The sometimes-harsh realities of information security and compliance
Following information security and compliance regulations can hinder your everyday business processes. Here's why you need to strike a proper balance.Tip
-
The role of metadata management in information governance strategy
In this video, learn the importance of metadata to your organization's records management plan and how it influences information governance strategy.Video
-
The information management and governance challenge in modern business
In this video, learn about information management and governance trends, including how regulatory and privacy initiatives are influencing processes.Video
-
Q&A: The value of corporate information governance as a business asset
In this Q&A, law and technology expert Jeffrey Ritter discusses the heightened importance of corporate information governance and how companies should adapt to the trend.News | 29 Jun 2012
-
As data proves invaluable, compliance department expands strategy role
As organizational data proves invaluable, protecting it becomes more vital, so compliance departments can expect a bigger voice in business strategy.News | 18 Jun 2012
-
The free GRC tools every compliance professional should know about
Everyone has heard tales of compliance transformation using expensive, specialized GRC tools. But what about organizations on a budget? Can they automate aspects of compliance?Tip
-
ISACA: Update to COBIT 5 governance framework maximizes IT assets
ISACA’s update to its popular COBIT 5 framework incorporates a business-wide approach the organization says helps enterprises maximize their information and technology assets.News | 23 Apr 2012
-
Information governance takes the next step forward
The growing adoption of enterprise content management tools for e-discovery, log management and integrated content archiving is advancing information governance strategies. The growing interest in ECM and accompanying tools have helped advance the information governance initiatives of many compliance shops. But as with most technology initiatives, the benefits created by some of these tools can have drawbacks as well. Read this e-book for tips and tricks for designing an effective information governance strategy today.E-Book
-
Product Spotlight: Global compliance services for mobile productivity
In this Product Spotlight, learn about two global compliance services created to boost mobile productivity and enforce compliance for on-the-go employees.Product Spotlight | 22 Apr 2013
-
data sovereignty
Data sovereignty is the concept that information which has been converted and stored in binary digital form is subject to the laws of the country in which it is located.Definition
-
Risk management for cloud computing
As more enterprises move IT operations to the cloud, risk management remains a top concern. In fact, security still remains a major roadblock for organizations looking to reap the cost and efficiency benefits of the cloud. Still, a recent SearchCompliance.com survey indicated that 40% of respondents have plans to increase cloud security spending in the coming months. This expert handbook provides in-depth insight and risk management advice for IT leaders looking to benefit from the cloud. Read now for 20 questions that should be asked of every cloud provider, as well as well as advice for creating harmony between compliance and information security functions, and much more.E-Handbook
-
Product Spotlight: Cloud computing security solutions for enterprises
Our latest Product Spotlight features two cloud computing security solutions that can assist in the storage, access, management and security of data.Product Spotlight | 17 Dec 2012
-
Product Spotlight: Mobile compliance tools and solutions for security
SearchCompliance.com's latest roundup of IT products features two mobile compliance and security tools to aid organizations in device protection.Product Spotlight | 20 Nov 2012
-
As users increase, cloud security issues in spotlight
Business benefits are leading more companies to move operations to the cloud. But as this trend continues, cloud security issues are becoming a top concern.Blog
-
Glacier (Amazon Glacier)
Amazon Glacier is a low-cost cloud storage service for archiving data that can tolerate a three- to five-hour retrieval time.Definition
-
Asking the right questions can ensure cloud computing data security
When moving data to the cloud, you're still responsible for adhering to regulations. Proper planning can ensure cloud computing data security is not an oxymoron at your company.News | 08 Jun 2012
-
The evolution of data protection strategy in the cloud and BYOD era
Technology law expert Jeffrey Ritter discusses how bring-your-own-device programs, cloud use and vendor relationships should influence your data protection strategy.News | 21 May 2012
-
Survey: Security, compliance often lacking in cloud computing strategy
Although many companies see the benefits of a solid cloud computing strategy, our survey found that security and compliance often fall by the wayside when businesses move to the cloud.News | 15 Dec 2011
- VIEW MORE ON : Enterprise cloud compliance
-
Chinese hacking report keeps cybersecurity in spotlight
A new report alleges China made systematic cyberattacks against American interests, putting the subpar state of U.S. cybersecurity under the microscope.Blog
-
Product Spotlight: DR/BC offerings for the enterprise
In this Product Spotlight, learn how new DR/BC offerings from RSA and Continuum could benefit business priorities and compliance managers' strategies.Product Spotlight | 18 Feb 2013
-
predictive coding
Predictive coding is technology that uses techniques such as keyword searches, filtering and sampling to automate portions of an e-discovery document review.Definition
-
Records management and retention: A compliance strategy quiz
Is your organization practicing effective records management and retention? Take our compliance strategy quiz to find out.Quiz
-
Unlike other compliance areas, e-discovery strategy lacks direction
In this Q&A, technology law expert Jeffrey Ritter discusses how companies can overcome e-discovery strategy's lack of clear regulation and direction.News | 23 Jul 2012
-
Organizational development's influence on the e-discovery process
Contributor John Weathington explains the importance of organizational culture and structure when developing an e-discovery process.Tip
-
A decision maker's guide to organizational records management strategy
Records management strategy is the cornerstone of meeting IT compliance guidelines and regulations. Learn what resources and characteristics you need to stay up to speed.Tip
-
Don’t let your ECM solution compromise compliance functions
Compliance can get overlooked in an enterprise content management strategy. Our expert shares the hidden pitfalls of ECM solutions, and how to avoid hampering compliance functions.Tip
-
DIY records management, with help from a data warehouse architecture
Records management system challenges have led some companies to look internally for solutions. Learn how a data warehouse architecture can help.Tip