- Compliance teams
- Reporting
- Automating compliance
- Governance and compliance
- Training
- Audits
- Risk management
- BC
Email Alerts
-
Five tips to help guide green compliance at your organization
As more industries push for environmentally friendly processes, green compliance is a major concern. Here are tips to help incorporate the right green IT practices at your organization.Top Five
-
John Weathington
SearchCompliance.com contributor John Weathington is president and CEO of Excellent Management Systems Inc.Contributor
-
Start at the end: Keys to an audit-driven corporate compliance program
Creating an audit kit is usually the last part of corporate compliance program development. Our expert says your organization may be better served by flipping the process.Tip
-
Staying vigilant key to meeting regulatory compliance standards
Regulatory compliance standards, users and threats are becoming increasingly sophisticated as technology evolves. To stay compliant in 2012, you need a proactive approach.News | 09 Jan 2012
-
10 compliance risk management questions you need to ask
To gauge your organization's compliance risk management efforts, you need to ask network administrators the right questions. Here are 10 to get you started.Blog
-
Top-down approach needed to maintain successful compliance function
Compliance sometimes is overlooked, but organizational development can go a long way in helping IT leaders -- and the company -- maintain the necessary compliance function.Tip
-
Creating smarter GRC patterns
Our guest blogger wants your help in developing a GRC pattern guidebook, which he says will enable faster and more reliable enterprise system development.Blog
-
Five tips to balance risk management and compliance
Being protected from risk does not automatically mean you are compliant. Learn how you can properly balance risk management and compliance with tips from some of our top articles.Tip
-
Managing information risk inherent to an effective compliance strategy
An effective compliance strategy requires more than simply adhering to laws and regulations. Staying compliant also requires attention to managing information risk.Tip
-
Avoid complacency in enterprise risk management
Many companies wait until violations occur before taking their enterprise risk management policy seriously, but experts say preparation is vital.IT Compliance Advisor
- VIEW MORE ON : Compliance teams
-
Volcker rule
The Volcker rule is a section of the Dodd–Frank Act that restricts U.S. banks from making speculative, high-risk investments that do not benefit customers.Definition
-
Summit organizers promise real-world examples of leading GRC strategy
Presenters at the upcoming GRC Summit Boston preview what attendees can expect to learn about optimizing their GRC strategy in today's regulatory landscape.News | 27 Apr 2012
-
FAQ: The economic crisis and SEC compliance rules
Penalties levied through SEC enforcement actions have increased during the economic crisis. Is your corporate compliance program ready for SEC scrutiny?FAQ
-
FAQ: The economic crisis and SEC compliance rules
FAQ
-
FTC pushes online privacy rules, and JOBS lessens regs
The FTC’s online privacy rules would exclude smaller businesses, and the JOBS Act loosens regulatory compliance for them. But should SMBs be exempt?News | 29 Mar 2012
-
JOBS Act moves forward; would cut back Sarbanes-Oxley requirements
The Senate has passed the Jumpstart Our Business Startups Act, legislation that would scale back Sarbanes-Oxley requirements and other compliance mandates for small business.News | 21 Mar 2012
-
Excellence.gov proves innovation and compliance not mutually exclusive
The annual Excellence.gov Awards recognize the best service-enhancing government IT programs -- and the winners prove that innovation does not have to come at the expense of compliance.News | 16 Mar 2012
-
Start at the end: Keys to an audit-driven corporate compliance program
Creating an audit kit is usually the last part of corporate compliance program development. Our expert says your organization may be better served by flipping the process.Tip
-
Buy-in needed for Consumer Privacy Bill of Rights
President Obama has proposed a Consumer Privacy Bill of Rights, but will big online business comply with online consumer privacy rules without a fight?News | 28 Feb 2012
-
Our dangerous overdependence on information technology audits
Although information technology audits can uncover GRC gaps, lower-level issues are often overlooked when relying on them for security assurance, says contributor Kevin Beaver.Tip
- VIEW MORE ON : Reporting
-
Aruvio unveils new cloud GRC tool
GRC platform vendor Aruvio has rolled out AruvioGRC, describing the cloud-based tool as faster, cheaper and easier to use than conventional GRC software.Product Spotlight | 04 May 2012
-
SOX compliance possible for smaller companies with proper preparation
Meeting Sarbanes-Oxley requirements can be difficult for smaller companies. Proper preparation, however, can make SOX compliance less daunting.IT Compliance Advisor
-
Will regulatory compliance, controlling user access bring Novell back?
Novell's future could revolve around new products that simplify the governance of user access and manage regulatory compliance.IT Compliance Advisor
-
FAQ: What is the Federal Information Security Management Act?
The Federal Information Security Management Act aims to improve information security by requiring federal agencies to comply with standards. Learn more with this FISMA FAQ.FAQ
-
Looking to better manage insider security risks? Try compliance
Compliance officers have tried a variety of approaches to minimize insider security risks. Our expert suggests that maybe it's time for a compliance-driven solution.Tip
-
How good is your mainframe at data security? Not as good as you think.
Despite mainframes' reputation for data security, their increasing interaction with Web-based environments makes them vulnerable. Take these steps to seal the cracks.Tip
-
An ERM strategy that leverages compliance for IT/business alignment
Compliance can be achieved through enterprise risk management, but your ERM strategy may not mean compliance. Here's how to leverage ERM for compliance.Tip
-
Follow the money in GRC management platforms
Governance, risk and compliance (GRC) technology is evolving as ERP vendors up their stakes in GRC. Who's going to make money, and can you get into the game?News | 16 Apr 2010
-
FISMA compliance reform act looks to monitor cybersecurity threats
A new act introduced in the U.S. House of Representatives proposes reforming FISMA compliance to better address risks posed by cybersecurity threats and cloud computing.Article | 29 Mar 2010
-
OIX trust framework to secure citizen-to-government authentication
The Open Identity Exchange trust framework will enable the secure authentication and exchange of online identity credentials across public and private sectors.Article | 05 Mar 2010
- VIEW MORE ON : Automating compliance
-
Emerging technology both a boon and bane to GRC strategy
Advanced technologies create more data than ever for companies to protect, but it's not all bad news. Here's why using the latest cutting-edge tools can help your GRC strategy.News | 14 May 2012
-
As GRC technology becomes more complex, so do buying decisions
The GRC technology market has become increasingly targeted but companies' buying decisions have not followed suit. How can you make sure you're getting the most bang for your buck?News | 14 May 2012
-
Governing the complications of social media security and compliance
Technology law expert Jeffrey Ritter discusses the obstacles to governing social media security in 21st century business and what companies can do to protect their information.News | 07 May 2012
-
Aruvio unveils new cloud GRC tool
GRC platform vendor Aruvio has rolled out AruvioGRC, describing the cloud-based tool as faster, cheaper and easier to use than conventional GRC software.Product Spotlight | 04 May 2012
-
How regulation should -- and shouldn't -- influence cybersecurity policy
Recent breaches display the importance of cybersecurity policy, and regulations provide a decent data protection roadmap. But compliance does not automatically equal security.Tip
-
Summit organizers promise real-world examples of leading GRC strategy
Presenters at the upcoming GRC Summit Boston preview what attendees can expect to learn about optimizing their GRC strategy in today's regulatory landscape.News | 27 Apr 2012
-
A bit late: Wal-Mart to name global compliance officer
Already neck deep in a Mexican bribery scandal, retail giant Wal-Mart now says it will name a global compliance officer to police the company.News | 24 Apr 2012
-
ISACA: Update to COBIT 5 governance framework maximizes IT assets
ISACA’s update to its popular COBIT 5 framework incorporates a business-wide approach the organization says helps enterprises maximize their information and technology assets.News | 23 Apr 2012
-
Pilot program best practices to help determine your GRC requirements
It’s important to be familiar with your organization's exact GRC requirements when choosing which tools to buy, build or outsource. Here’s how a pilot program can help guide you.Tip
-
EU, US promise continued online data privacy dialogue
The E.U. and U.S. have announced a joint commitment to an online data privacy framework. How will it impact Internet-based international trade compliance?News | 20 Mar 2012
- VIEW MORE ON : Governance and compliance
-
Governing the complications of social media security and compliance
Technology law expert Jeffrey Ritter discusses the obstacles to governing social media security in 21st century business and what companies can do to protect their information.News | 07 May 2012
-
Will EU data protection reforms help or hurt business?
Reforms to the EU's data protection framework are designed to enhance privacy and create uniform regulations. But what will be the cost to businesses?AIOG
-
How would the Volcker Rule affect compliance programs?
The Volcker Rule portion of the Dodd-Frank Act is designed to rein in high-risk, speculative trading. Here's why it could influence your compliance program.AIOG
-
Staying vigilant key to meeting regulatory compliance standards
Regulatory compliance standards, users and threats are becoming increasingly sophisticated as technology evolves. To stay compliant in 2012, you need a proactive approach.News | 09 Jan 2012
-
Quiz: How are online security threats influencing business processes?
Businesses and their employees have proven vulnerable to the latest online security threats. Take our quiz to see if you’re ready to protect your business, and its bottom line.Quiz
-
Best practices to help meet your organizational compliance objectives
Meeting compliance objectives is not just up to IT anymore -- a collaborative approach is necessary. Here’s advice to achieve top-down organizational compliance at your company.Tip
-
Regulators focus on Facebook, consumer data protection
Facebook's privacy practices have been the target of several consumer data protection inquiries of late, but is it just being used as a high-profile example?IT Compliance Advisor
-
Guide to balancing risk management and compliance
Protection from risk does not equal compliance, and vice versa. Here are strategies for balancing the two to protect your company from all angles.AIOG
-
Guide to balancing risk management and compliance
Protection from risk does not equal compliance, and vice versa. Here are strategies for balancing the two to protect your company from all angles.Compliance Briefing
-
Regulatory compliance requirement assumptions to avoid
Everyone knows the saying about what happens when you “assume.” Here’s why that also applies to meeting regulatory compliance requirements.IT Compliance Advisor
- VIEW MORE ON : Training
-
Start at the end: Keys to an audit-driven corporate compliance program
Creating an audit kit is usually the last part of corporate compliance program development. Our expert says your organization may be better served by flipping the process.Tip
-
Stage set for EPIC fight against Google privacy policy
The Electronic Privacy Information Center has resorted to legal tactics as it continues efforts to block implementation of a new Google privacy policy.News | 13 Feb 2012
-
Staying vigilant key to meeting regulatory compliance standards
Regulatory compliance standards, users and threats are becoming increasingly sophisticated as technology evolves. To stay compliant in 2012, you need a proactive approach.News | 09 Jan 2012
-
Avoid duplicated efforts to cut the cost of regulatory compliance
The cost of regulatory compliance does not have to break the bank -- getting rid of duplicated efforts in compliance strategy is a good place to start.Tip
-
Cloud computing services turn compliance pain to gain
Avoiding cloud computing services because of tough regulations may be a mistake.Blog
-
Compliance Q&A: Chief audit executives seek credibility with C-suite
With corporate scandals elevating the importance of chief audit executives, now is the time for CAEs to strategically partner with the C-suite, says Deloitte veteran Shayne Gregg.News | 25 Oct 2010
-
Learning to manage risk-based internal controls must be a priority
With internal controls based on some level of risk, organizations should make management of internal risk-based controls a critical business activity.Tip
-
When compliance-related best efforts for data archiving aren't enough
Compliance regulations often dictate that organizations demonstrate "best efforts" for archiving data. But managers need to plan for the retrieval of data as well.News | 30 Jul 2010
-
How to meet compliance regulations with Windows Active Directory
Some say mixing Microsoft Active Directory (AD) and compliance kills innovation. But with some outside-the-box thinking, AD can help meet compliance regulations.News | 23 Jul 2010
-
Log management and compliance: What's the real story?
As more companies deploy security information and event management tools, as well as log management solutions, it's time to take a look at the regulations that apply to logging.Tip
- VIEW MORE ON : Audits
-
Emerging technology both a boon and bane to GRC strategy
Advanced technologies create more data than ever for companies to protect, but it's not all bad news. Here's why using the latest cutting-edge tools can help your GRC strategy.News | 14 May 2012
-
As GRC technology becomes more complex, so do buying decisions
The GRC technology market has become increasingly targeted but companies' buying decisions have not followed suit. How can you make sure you're getting the most bang for your buck?News | 14 May 2012
-
Corporate compliance program tips to prevent breaches
Every modern business is vulnerable to data breaches, but here’s advice on creating a solid corporate compliance program to protect your vital information.News | 08 May 2012
-
Governing the complications of social media security and compliance
Technology law expert Jeffrey Ritter discusses the obstacles to governing social media security in 21st century business and what companies can do to protect their information.News | 07 May 2012
-
How regulation should -- and shouldn't -- influence cybersecurity policy
Recent breaches display the importance of cybersecurity policy, and regulations provide a decent data protection roadmap. But compliance does not automatically equal security.Tip
-
Occupational Safety and Health Administration (OSHA)
Occupational Safety and Health Administration (OSHA) is a federal organization (part of the Department of Labor) that ensures safe and healthy working conditions for Americans by enforcing standards and providing workplace safety training.Definition
-
Summit organizers promise real-world examples of leading GRC strategy
Presenters at the upcoming GRC Summit Boston preview what attendees can expect to learn about optimizing their GRC strategy in today's regulatory landscape.News | 27 Apr 2012
-
A bit late: Wal-Mart to name global compliance officer
Already neck deep in a Mexican bribery scandal, retail giant Wal-Mart now says it will name a global compliance officer to police the company.News | 24 Apr 2012
-
ISACA: Update to COBIT 5 governance framework maximizes IT assets
ISACA’s update to its popular COBIT 5 framework incorporates a business-wide approach the organization says helps enterprises maximize their information and technology assets.News | 23 Apr 2012
-
Pilot program best practices to help determine your GRC requirements
It’s important to be familiar with your organization's exact GRC requirements when choosing which tools to buy, build or outsource. Here’s how a pilot program can help guide you.Tip
- VIEW MORE ON : Risk management
-
As GRC technology becomes more complex, so do buying decisions
The GRC technology market has become increasingly targeted but companies' buying decisions have not followed suit. How can you make sure you're getting the most bang for your buck?News | 14 May 2012
-
Corporate compliance program tips to prevent breaches
Every modern business is vulnerable to data breaches, but here’s advice on creating a solid corporate compliance program to protect your vital information.News | 08 May 2012
-
ISACA: Update to COBIT 5 governance framework maximizes IT assets
ISACA’s update to its popular COBIT 5 framework incorporates a business-wide approach the organization says helps enterprises maximize their information and technology assets.News | 23 Apr 2012
-
Anti-Counterfeiting Trade Agreement draws ire
Antipiracy legislation protesters have a new target: The Anti-Counterfeiting Trade Agreement that would create global standards for intellectual property.News | 07 Feb 2012
-
Vulnerabilities exposed during disposal of used computers
Upgrading equipment? Proper disposal of used computers is necessary to reduce risk, because sensitive data is vulnerable when old electronics go out the door.Tip
-
Sustainability: From strategic objective to compliance operation
With the increased interest in going green, sustainability and compliance are now directly related. But making sustainability integral to your compliance operation is not easy.Tip
-
Briefing: Governing risk management and compliance
Organizations can waste resources by not syncing risk management and compliance efforts. Here’s how to adapt risk management and stay compliant.AIOG
-
Briefing: Governing risk management and compliance
Compliance Briefing
-
Using governance, risk and compliance to improve business performance
Governance, risk and compliance are vital to every successful business, but our expert says companies often don’t take advantage of GRC’s critical influence on performance.Tip
-
Do corporate social media policies hold up in court?
Corporate social media policies are designed to protect against employees posting job complaints online, but cases show labor laws’ interpretation of these rules is fuzzy at best.AIOG
- VIEW MORE ON : BC