Email Alerts
-
Log management tightens data security and IT performance
Log management is a compliance cornerstone in today's enterprise IT environment. The chief benefit of log management is the way in which it offers IT compliance officers the ability to ferret out malicious behaviors and data security threats posed bo... E-Book
-
Data protection plans for complying with privacy laws
This e-book, brought to you by SearchCompliance.com and SearchSecurity.com, discusses how to build a successful data protection plan, as well as how to use database security auditing tools, how to secure your mainframe, laptop encryption and more! E-Book
-
EU compliance: What U.S. companies need to know -- and vice versa
Read this e-book to learn about compliance differences in the U.S. and the EU and you'll be more savvy when it comes to global business standards. Find out the most important considerations for EU compliance and U.S. compliance and the differences be... E-Book
-
Governance, risk, compliance: Policy management methods and tools
IT managers are looking to governance structures and the discipline of risk management to help them make decisions and create sustainable processes around regulatory compliance. Read this e-book to learn more about risk management and evaluating GRC... E-Book
-
Regulatory compliance for the midmarket: Governance, risk and technology
Read this e-book to learn about how you can take a proactive approach to regulatory compliance. Because of cost concerns, many midsized companies are tackling one regulation at a time, which ultimately leads to a waste of resources and an increase in... E-Book
-
FAQ: What is the current status of U.S. cybersecurity legislation?
After several failed cybersecurity legislation efforts, are U.S. lawmakers finally ready to create rules protecting the nation from cybercrime? FAQ
-
What is the status of U.S. cybersecurity legislation?
After several failed cybersecurity legislation efforts, are U.S. lawmakers finally ready to create rules protecting the nation from cybercrime? FAQ
-
FAQ: What is the COBIT framework's approach to IT management?
The COBIT framework has evolved into an organization-wide information management and GRC strategy tool. But can it also help boost the bottom line? guide
-
How does the COBIT framework approach IT management?
The COBIT framework has evolved into an organization-wide information management and GRC strategy tool. But can it also help boost the bottom line? FAQ
-
Have Knight Capital's trading errors swayed regulation?
After Knight Capital Group's faulty software severely disrupted the stock market, regulators are considering new requirements for similar IT systems. FAQ
-
FAQ: How has Knight Capital Group's software errors swayed regulation?
After Knight Capital Group's faulty software severely disrupted the stock market, regulators are considering new requirements for similar IT systems. guide
-
Quiz: PCI DSS compliance strategies and best practices
Is your organization on the right track concerning Payment Card Industry Data Security Standard, or PCI DSS, compliance? Take our quiz to find out. Quiz
-
Briefing: Governing risk management and compliance
Organizations can waste resources by not syncing risk management and compliance efforts. Here’s how to adapt risk management and stay compliant. AIOG
-
Briefing: Governing risk management and compliance
Compliance Briefing
-
FAQ: How do corporate social media policies hold up against labor law?
Corporate social media policies are designed to protect against employees posting job complaints online, but cases show labor laws’ interpretation of these rules is fuzzy at best. FAQ
- See more Essential Knowledge on Managing governance and compliance
-
#Compliance: Proposal to update wiretapping laws draws controversy
Twitter was abuzz after a report of possible updates to wiretapping laws. Opponents argue it would dramatically alter civil rights and online privacy. News | 14 May 2013
-
#Compliance: Twitter buzzing about CISPA cybersecurity bill
Social media has been buzzing of late about the House passage of CISPA, as opponents argue the cybersecurity bill is a huge hit to consumer privacy. News | 22 Apr 2013
-
Global economy forces companies to re-examine regulatory compliance
The global economy creates unique risks and regulatory compliance rules for multinational corporations, forcing them to re-examine GRC processes. News | 04 Apr 2013
-
Q&A: Communication, monitoring keys to corporate risk management
Ace Hardware Director of Risk Management William J. Montanez discusses the key aspects of, and obstacles to, a strategy for managing corporate risk. News | 01 Apr 2013
-
Obama, business leaders meet to discuss U.S. cybersecurity strategy
President Obama met with high-profile business leaders this week to discuss how the private sector can work together on U.S. cybersecurity strategy. News | 14 Mar 2013
-
Sobering stats push online data security and privacy into spotlight
One analysis found an uptick in breaches in 2012, but simple, organization-wide controls could be the key to maintaining data security and privacy. News | 31 Jan 2013
-
ERM conference to offer latest in enterprise risk management strategy
Business risk remains a top concern, so organizers of an upcoming conference promise real-world examples and expert tips on cutting-edge ERM strategy. News | 24 Jan 2013
-
IT Priorities Survey: Compliance among top-ranked 2013 initiatives
Compliance strategy will continue to be hugely important to businesses in 2013, according to respondents to the TechTarget IT Priorities Survey. News | 21 Dec 2012
-
Top 12 2012: Readers' favorite GRC management articles of the year
In our 'top 12 of 2012,' read SearchCompliance.com's most-viewed articles from the past year, and discover GRC management advice and best practices. News | 21 Dec 2012
-
IT Salary Survey 2012: GRC professionals looking for a challenge
As compliance rules and IT risk expand, GRC professionals are looking forward to new challenges, according to the TechTarget IT Salary Survey 2012. News | 07 Dec 2012
- See more News on Managing governance and compliance
-
BYOD and cloud use complicate information risk in the big data age
Learn how BYOD and cloud use are influencing many companies' information risk processes and how to overcome these security concerns. Tip
-
Mobile device management best practices for the connected organization
Mobile devices force reexamination of many data processes. In this tip, learn mobile device management best practices for the consumerized workplace. Tip
-
Experts: Base GRC strategy, technology on corporate framework
Every business has its own unique risks, environment and compliance rules, and all these aspects must be considered when developing GRC strategy. Tip
-
Overcoming the data governance and security implications of BYOD
In this tip, learn the data governance and security obstacles businesses must consider when implementing a BYOD policy, and how to overcome them. Tip
-
Compliance rules complicate nonprofits' move to cloud-based computing
As nonprofits turn to cloud-based computing, these organizations must be aware of how moving to the cloud influences regulatory compliance processes. Tip
-
Incorporate ERM frameworks for cloud computing information security
Cloud computing information security is a big concern for many companies. Here are several readily available risk management frameworks that can help. Tip
-
Information security and compliance in harmony with cloud deployment
The relationship between information security and compliance can be tenuous, but the cloud is forcing changes in how the two disciplines interact. Tip
-
The ABCs of meeting quarterly PCI scanning requirements
For some organizations, quarterly PCI DSS scanning requirements create confusion. Here are tips on the PCI scanning process to help stay compliant. Tip
-
Best practices to navigate the Dodd-Frank/SEC whistleblower program
The SEC whistleblower program provides monetary rewards for reporting Dodd-Frank violations. Here's how strong reporting processes can protect you. Tip
-
Audits, maintenance crucial to business continuity policy success
IT-related disasters happen to even the best-prepared companies. Here's how to build a business continuity policy to keep processes running smoothly. Tip
- See more Tips on Managing governance and compliance
-
A written information security policy (WISP) example for compliance
Looking for a Written Information Security Policy (WISP) example for compliance with the Massachusetts data protection law? In this expert response, Ernie Hayden gives readers just that. Ask the Expert
-
Is a PCI DSS report on compliance confidential?
Learn about the confidentiality of a PCI report on compliance, and a compliance audit report in general in this expert response from Ernie Hayden. Ask the Expert
-
Who is in charge of the Massachusetts data protection law audit?
Learn more about the process of data protection audits for the Massachusetts data protection law. Ask the Expert
-
Personally identifiable information guidelines for U.S. passport numbers
Do U.S. passport numbers count as personally identifiable information? Learn more about guidelines for PII in this security management expert response from David Mortman. Ask the Expert
-
Encryption of mobile devices under Massachusetts data protection law
BlackBerrys and iPhones are everywhere, but under the new Massachusetts data protection law, is it necessary to encrypt their contents? Learn more in this response from security management expert David Mortman. Ask the Expert
-
FERPA regulation guidelines to email student personal data unencrypted
In order to protect student personal data, FERPA was enacted in 1974. But does protecting that data allow for FERPA educational records to be sent unencrypted via email? Find out in this expert response. Ask the Expert
-
PCI DSS questions: Should full credit card numbers be on a receipt?
Are merchants that fall under PCI DSS allowed to print full credit card numbers on a receipt? Learn more in this response from security management expert David Mortman. Ask the Expert
-
How to protect employee information in email paystubs
Many companies are moving to a system of paperless paystubs. Learn how to protect the information contained in these email paystubs with the use of secure email in this expert response. Ask the Expert
-
Is credit card tokenization a better option than encryption?
Platform security expert Michael Cobb reviews alternatives to encryption that will help protect sensitive data. Ask the Expert
-
Is Word document-comparison software SOX compliant?
The SOX audit process can be daunting, especially when it comes to finding SOX-compliant software. In this expert response, learn whether Word document-comparison software is SOX compliant. Ask the Expert
- See more Expert Advice on Managing governance and compliance
-
Federal Information Security Management Act (FISMA)
The Federal Information Security Management Act (FISMA) is United States legislation that defines a comprehensive framework to protect government information, operations and assets against natural or man-made threats. Definition
-
compliance framework
A compliance framework is a structured set of guidelines that details an organization's processes for maintaining accordance with established regulations, specifications or legislation. Definition
-
Video Privacy Protection Act of 1988
The Video Privacy Protection Act of 1988 is United States legislation that prevents wrongful disclosure of an individual's personally identifiable information stemming from their rental or purchase of audiovisual material, including videotapes, DVDs ... Definition
-
Whistleblower Protection Act
The Whistleblower Protection Act of 1989 (WPA) is a law that protects federal government employees in the United States from retaliatory action for voluntarily disclosing information about dishonest or illegal activities occurring at a government org... Definition
-
compliance burden
Compliance burden, also called regulatory burden, is the administrative cost of a regulation in terms of dollars, time and complexity. Definition
-
regulatory compliance
Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business. Definition
-
data governance policy
A data governance policy is an organization’s set of information management processes that are designed to assist business administration and protect company assets. Definition
-
social media policy
A social media policy (also called a social networking policy) is a corporate code of conduct that provides guidelines for employees who post content on the Internet either as part of their job or as a private person. Definition
-
corporate social responsibility (CSR)
Corporate social responsibility is an umbrella term used to describe voluntary corporate initiatives concerned with community development, the environment and human rights. Definition
-
information governance
Information governance is a holistic approach to managing corporate information by implementing processes, roles, standards and metrics that treat information as a valuable business asset and mitigate risk. Definition
- See more Definitions on Managing governance and compliance
-
Video: BYOD legal issues arise under data protection, privacy laws
In this video, learn how organizations should protect themselves from BYOD legal issues in the face of evolving data security and privacy laws. Video
-
Video: Constructing a 'normalized' corporate compliance program
In this video, learn how to build -- and maintain -- a sustainable corporate compliance program that keeps your business on the right side of the law. Video
-
Data security compliance a top-of-mind concern for pharmaceutical firm
Data security compliance is a primary consideration in the pharmaceutical world given the bevy of compliance regulations. Learn more in this video. Video
-
Video: The vital role of transparency in records management strategy
New York Life Insurance Co. Records Manager Jason C. Stearns discusses the benefits of a detailed, transparent corporate records management strategy. Video
-
Solutions to help meet mobile device security, compliance objectives
In SearchCompliance.com’s latest Compliance Product Spotlight, find information on mobile device security tools and other solutions to help your organization meet compliance objectives. Product Spotlight
-
Wal-Mart 'rightsizes' Sarbanes-Oxley plan for corporate governance
Corporations are still tuning Sarbanes-Oxley. In this podcast, Lyle Smith, director of SOX compliance at Wal-Mart, discusses how to "rightsize" the compliance bellwether. Podcast
-
Jim Reavis on cloud computing security and regulatory compliance
Jim Reavis of the Cloud Security Alliance talks about how to secure the cloud, including some advice for compliance officers. Video
-
Anti-money laundering compliance trends
In this 11-minute podcast, Neil Katkov, senior vice president at Celent, talks about anti-money laundering compliance trends, including how much companies are spending on their AML programs and what they should look for when evaluating AML software. Podcasts
-
Compliance and security: Schneier-Ranum face-off
In this third part of Schneier and Ranum's Face-off at ISD 2009, the two security pros address questions surrounding how security and compliance interact, and how to get executives to care about security beyond simple compliance. Video
-
The future of information security: Schneier-Ranum face-off
At Information Security Decisions 2009, Bruce Schneier and Marcus Ranum took to the stage to discuss some of the most contested issues in information security. This first part covers questions on the future of the industry. Video
- See more Multimedia on Managing governance and compliance
-
#Compliance: Proposal to update wiretapping laws draws controversy
Twitter was abuzz after a report of possible updates to wiretapping laws. Opponents argue it would dramatically alter civil rights and online privacy. News
-
BYOD and cloud use complicate information risk in the big data age
Learn how BYOD and cloud use are influencing many companies' information risk processes and how to overcome these security concerns. Tip
-
Mobile device management best practices for the connected organization
Mobile devices force reexamination of many data processes. In this tip, learn mobile device management best practices for the consumerized workplace. Tip
-
Federal Information Security Management Act (FISMA)
The Federal Information Security Management Act (FISMA) is United States legislation that defines a comprehensive framework to protect government information, operations and assets against natural or man-made threats. Definition
-
Experts: Base GRC strategy, technology on corporate framework
Every business has its own unique risks, environment and compliance rules, and all these aspects must be considered when developing GRC strategy. Tip
-
Log management tightens data security and IT performance
Log management is a compliance cornerstone in today's enterprise IT environment. The chief benefit of log management is the way in which it offers IT compliance officers the ability to ferret out malicious behaviors and data security threats posed bo... E-Book
-
#Compliance: Twitter buzzing about CISPA cybersecurity bill
Social media has been buzzing of late about the House passage of CISPA, as opponents argue the cybersecurity bill is a huge hit to consumer privacy. News
-
Overcoming the data governance and security implications of BYOD
In this tip, learn the data governance and security obstacles businesses must consider when implementing a BYOD policy, and how to overcome them. Tip
-
Global economy forces companies to re-examine regulatory compliance
The global economy creates unique risks and regulatory compliance rules for multinational corporations, forcing them to re-examine GRC processes. News
-
Q&A: Communication, monitoring keys to corporate risk management
Ace Hardware Director of Risk Management William J. Montanez discusses the key aspects of, and obstacles to, a strategy for managing corporate risk. News
- See more All on Managing governance and compliance
About Managing governance and compliance
Governance and compliance go hand in hand. Get the latest news, advice and commentary on effectively managing the compliance and governance initiatives within your organization.