Make sustainability vital to your compliance operation

With the increased interest in going green, sustainability and compliance are now directly related. But making sustainability integral to your compliance operation is not easy.
Best practices for analyzing risk management indicators

To alleviate risk, it’s necessary to validate risk management indicators specific to your organization. Here’s how, and why avoiding it could negatively affect your GRC program.
Governance, risk and compliance ties to biz performance

Governance, risk and compliance are vital to every successful business, but our expert says companies often don’t take advantage of GRC’s critical influence on performance.
Survey finds GRC lacking in cloud computing strategy

Although many companies see the benefits of a solid cloud computing strategy, our survey found that security and compliance often fall by the wayside when businesses move to the cloud.

Managing governance and compliance

Essential Knowledge
News
Tips
Expert Advice
Definitions
Multimedia
All

Test your social media risk management IQ: A SearchCompliance.com quiz

Proliferating social networks have cast a spotlight on social media risk management. Take our quiz to find out if you are up to speed on social media. Quiz
Compliance Briefing: A guide to social media risk management strategy

Social media is valuable, but it’s also risky. Here are strategies for corporate social media policy, social network monitoring and risk management to protect sensitive information. Tutorial
FAQ: What is the Sony PlayStation Network security breach's impact?

The Sony PlayStation Network security breach affected millions of users. In this FAQ, learn how it was done, and its costs and likely ramifications. FAQ
GRC conferences to help you remain on top of your compliance game

In the need for some IT training? Check out our list of GRC conferences designed to help your enterprise stay current with the latest compliance regulations and GRC strategy trends. IT Conferences
GRC management strategies: Test your IQ

Are you up to speed on the latest governance, risk and compliance management strategies? Take our GRC quiz and find out. Quiz
Compliance Product Spotlight: File share, GRC, Solvency II offerings

Here are some of the latest compliance products and risk management solutions that can help your company stay in step with the governance, risk and compliance regulations. Product Spotlight
FAQ: GARP and how it helps you achieve better information governance

Many organizations do not have an information governance structure that works with defined record-keeping principles that ensures accountability. GARP may be your answer. FAQ
FAQ: An introduction to the ISO 31000 risk management standard

Learn more about ISO 31000:2009, a new risk management standard: It's plainly written, short, process-oriented and relevant reading for anyone dealing with risk. FAQ
FAQ: What impact do mobile computing devices have on IT compliance?

More mobile computing devices means more security threats. Here are things to consider in adjusting your IT compliance strategy to meet challenges brought by iPhones and the like. FAQ
Governance, risk and compliance FAQ: What does GRC mean to IT strategy

Learn how GRC coordinates governance, risk and compliance with IT strategy to create a more responsive and transparent organization. FAQ
See More: Essential Knowledge on Managing governance and compliance

Protests put antipiracy legislation under a microscope

After high-profile Internet protests of antipiracy legislation, lawmakers backtracked on pushing them through. But reaching a compromise won't be easy. News | 20 Jan 2012
EPIC letter questions Google’s online consumer privacy

The Electronic Privacy Information Center is pushing the FTC to investigate changes to Google Search that EPIC says violates online consumer privacy. News | 13 Jan 2012
OPEN gets support as Stop Online Piracy Act alternative

Big names in online business support the OPEN Act, an alternative to the Stop Online Piracy Act that they say better targets copyright infringement. News | 06 Jan 2012
Survey: Security, compliance often lacking in cloud computing strategy

Although many companies see the benefits of a solid cloud computing strategy, our survey found that security and compliance often fall by the wayside when businesses move to the cloud. News | 15 Dec 2011
Q&A: How the SEC's XBRL tagging mandates can help your bottom line

As mandatory eXtensible Business Reporting Language use becomes the norm in business communications, one expert says XBRL tagging can assist risk management and analysis. News | 12 Dec 2011
Mobile malware, targeted attacks top online security threats in 2012

In 2011, mobile malware and targeted attacks against big-name companies were among the top online security threats. Here’s why you need to prepare for more of the same in 2012. News | 23 Nov 2011
MMA releases mobile application privacy policy for public comment

The Mobile Marketing Association is taking a proactive approach to protecting consumers, releasing its own mobile application privacy policy that is open for public comment. News | 24 Oct 2011
How risk management and compliance policies affect your bottom line

The regulatory landscape's evolution requires close attention to risk management and compliance processes. But GRC also makes good business sense, and can improve your bottom line. News | 26 Sep 2011
Barriers remain as compliance goals move to promoting ethical behavior

The focus for compliance officers has shifted to fostering the development of an ethical corporate culture. But there are obstacles to promoting ethical behavior in a business setting. News | 11 Jul 2011
Ways to mitigate risk with a corporate social media policy

Companies need an effective way to mitigate the risks of increasingly ubiquitous social media. But establishing a solid corporate social media policy is no easy task. News | 05 Jul 2011
See More: News on Managing governance and compliance

Sustainability: From strategic objective to compliance operation

With the increased interest in going green, sustainability and compliance are now directly related. But making sustainability integral to your compliance operation is not easy. Tip
False alarms: Analyzing your leading risk management indicators

To alleviate risk, it’s necessary to validate risk management indicators specific to your organization. Here’s how, and why avoiding it could negatively affect your GRC program. Tip
Using governance, risk and compliance to improve business performance

Governance, risk and compliance are vital to every successful business, but our expert says companies often don’t take advantage of GRC’s critical influence on performance. Tip
Best practices to help meet your organizational compliance objectives

Meeting compliance objectives is not just up to IT anymore -- a collaborative approach is necessary. Here’s advice to achieve top-down organizational compliance at your company. Tip
Q&A: Fit sustainability into an enterprise risk management strategy

IT strategy expert Adrian Bowles discusses risk management and sustainability trends, and why joining the two is vital to a solid and comprehensive enterprise risk management strategy. Tip
Best practices for risk management and sustainability convergence

As the term ”sustainability" has become popular in business, some have questioned its relationship with GRC. But risk management and sustainability are not mutually exclusive. Tip
Five tips to balance risk management and compliance

Being protected from risk does not automatically mean you are compliant. Learn how you can properly balance risk management and compliance with tips from some of our top articles. Tip
Managing information risk inherent to an effective compliance strategy

An effective compliance strategy requires more than simply adhering to laws and regulations. Staying compliant also requires attention to managing information risk. Tip
Act now to prevent smartphone security risks at your organization

Smartphone security risks have become a huge compliance challenge for many enterprises, but being proactive and implementing security policies can help prevent smartphone hacking. Tip
Global IT outsourcing raises compliance, risk management concerns

Outsourcing can add to compliance risk management problems for federally regulated groups whose work involves sensitive areas like national security. Tip
See More: Tips on Managing governance and compliance

A written information security policy (WISP) example for compliance

Looking for a Written Information Security Policy (WISP) example for compliance with the Massachusetts data protection law? In this expert response, Ernie Hayden gives readers just that. Ask the Expert
Is a PCI DSS report on compliance confidential?

Learn about the confidentiality of a PCI report on compliance, and a compliance audit report in general in this expert response from Ernie Hayden. Ask the Expert
Who is in charge of the Massachusetts data protection law audit?

Learn more about the process of data protection audits for the Massachusetts data protection law. Ask the Expert
Personally identifiable information guidelines for U.S. passport numbers

Do U.S. passport numbers count as personally identifiable information? Learn more about guidelines for PII in this security management expert response from David Mortman. Ask the Expert
Encryption of mobile devices under Massachusetts data protection law

BlackBerrys and iPhones are everywhere, but under the new Massachusetts data protection law, is it necessary to encrypt their contents? Learn more in this response from security management expert David Mortman. Ask the Expert
FERPA regulation guidelines to email student personal data unencrypted

In order to protect student personal data, FERPA was enacted in 1974. But does protecting that data allow for FERPA educational records to be sent unencrypted via email? Find out in this expert response. Ask the Expert
PCI DSS questions: Should full credit card numbers be on a receipt?

Are merchants that fall under PCI DSS allowed to print full credit card numbers on a receipt? Learn more in this response from security management expert David Mortman. Ask the Expert
How to protect employee information in email paystubs

Many companies are moving to a system of paperless paystubs. Learn how to protect the information contained in these email paystubs with the use of secure email in this expert response. Ask the Expert
Is credit card tokenization a better option than encryption?

Platform security expert Michael Cobb reviews alternatives to encryption that will help protect sensitive data. Ask the Expert
Is Word document-comparison software SOX compliant?

The SOX audit process can be daunting, especially when it comes to finding SOX-compliant software. In this expert response, learn whether Word document-comparison software is SOX compliant. Ask the Expert
See More: Expert Advice on Managing governance and compliance

social media policy

A social media policy (also called a social networking policy) is a corporate code of conduct that provides guidelines for employees who post content on the Internet either as part of their job or as a private person. Definition
control framework

A control framework is a data structure that organizes and categorizes an organization’s internal controls, which are practices and procedures established to create business value and minimize risk. Definition
corporate social responsibility (CSR)

Corporate social responsibility is an umbrella term used to describe voluntary corporate initiatives concerned with community development, the environment and human rights. Definition
Generally Accepted Recordkeeping Principles (GARP)

Generally Accepted Recordkeeping Principles (GARP) is a framework for managing records in a way that supports an organization's immediate and future regulatory, legal, risk mitigation, environmental and operational requirements. Definition
information governance

Information governance is a holistic approach to managing corporate information by implementing processes, roles, standards and metrics that treat information as a valuable business asset and mitigate risk. Definition
IT controls

An IT control is a procedure or policy that provides a reasonable assurance that the information technology (IT) used by an organization operates as intended, that data is reliable and that the organization is in compliance with applicable laws and r... Word
Federal Information Security Management Act (FISMA)

The Federal Information Security Management Act (FISMA) defines a comprehensive framework to protect government information, operations, and assets against natural or human-made threats... (Continued) Word

Wal-Mart 'rightsizes' Sarbanes-Oxley plan for corporate governance

Corporations are still tuning Sarbanes-Oxley. In this podcast, Lyle Smith, director of SOX compliance at Wal-Mart, discusses how to "rightsize" the compliance bellwether. Podcast
Jim Reavis on cloud computing security and regulatory compliance

Jim Reavis of the Cloud Security Alliance talks about how to secure the cloud, including some advice for compliance officers. Video
Anti-money laundering compliance trends

In this 11-minute podcast, Neil Katkov, senior vice president at Celent, talks about anti-money laundering compliance trends, including how much companies are spending on their AML programs and what they should look for when evaluating AML software. Podcasts
Schneier-Ranum face-off, part 3: Compliance and security

In this third part of Schneier and Ranum's Face-off at ISD 2009, the two security pros address questions surrounding how security and compliance interact, and how to get executives to care about security beyond simple compliance. Video
Schneier-Ranum face-off, part1: The future of information security

At Information Security Decisions 2009, Bruce Schneier and Marcus Ranum took to the stage to discuss some of the most contested issues in information security. This first part covers questions on the future of the industry. Video
Part 3: Marcus Ranum on the state of information security

At Information Security Decisions 2009, Marcus Ranum discusses the realities of compliance and standards and why security has caught lawmakers' attention. Video
Business model risk is a key part of your risk management strategy

Management consultants Amit Sen and John Vaughan discuss business model risk, a way to apply risk management policies to new or changed business processes. Podcast transcript
Screencast: Leveraging IT infrastructure for compliance with Brian Babineau

Learn how to harness existing IT infrastructure for creating a sustainable long-term compliance operation in this screencast featuring Brian Babineau, senior analyst at Enterprise Strategy Group. Video
Podcast: New Massachusetts data protection law mandates IT compliance

In this podcast from SearchCompliance.com, a state CIO and general counsel explain how a strict new Massachusetts data protection law will affect IT compliance and businesses. Podcast
Compliance and offshoring best practices: Expert podcast

Outsourcing to an offshore company doesn't mean you can forget about compliance regulations. Forrester's Khalid Kark offers tips on how to offshore and still be in compliance. Podcast
See More: Multimedia on Managing governance and compliance

Sustainability: From strategic objective to compliance operation

With the increased interest in going green, sustainability and compliance are now directly related. But making sustainability integral to your compliance operation is not easy. Tip
Briefing: Governing risk management and compliance

Organizations can waste resources by not syncing risk management and compliance efforts. Here’s how to adapt risk management and stay compliant. AIOG
Briefing: Governing risk management and compliance

Compliance Briefing
Protests put antipiracy legislation under a microscope

After high-profile Internet protests of antipiracy legislation, lawmakers backtracked on pushing them through. But reaching a compromise won't be easy. News
EPIC letter questions Google’s online consumer privacy

The Electronic Privacy Information Center is pushing the FTC to investigate changes to Google Search that EPIC says violates online consumer privacy. News
OPEN gets support as Stop Online Piracy Act alternative

Big names in online business support the OPEN Act, an alternative to the Stop Online Piracy Act that they say better targets copyright infringement. News
False alarms: Analyzing your leading risk management indicators

To alleviate risk, it’s necessary to validate risk management indicators specific to your organization. Here’s how, and why avoiding it could negatively affect your GRC program. Tip
Using governance, risk and compliance to improve business performance

Governance, risk and compliance are vital to every successful business, but our expert says companies often don’t take advantage of GRC’s critical influence on performance. Tip
FAQ: How do corporate social media policies hold up against labor law?

Corporate social media policies are designed to protect against employees posting job complaints online, but cases show labor laws’ interpretation of these rules is fuzzy at best. FAQ
Do corporate social media policies hold up in court?

Corporate social media policies are designed to protect against employees posting job complaints online, but cases show labor laws’ interpretation of these rules is fuzzy at best. AIOG
See More: All on Managing governance and compliance

About Managing governance and compliance

Governance and compliance go hand in hand. Get the latest news, advice and commentary on effectively managing the compliance and governance initiatives within your organization.

Latest Headlines

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

Managing governance and compliance

About Managing governance and compliance

More from Related TechTarget Sites