-
Test your social media risk management IQ: A SearchCompliance.com quiz
Proliferating social networks have cast a spotlight on social media risk management. Take our quiz to find out if you are up to speed on social media. Quiz
-
Compliance Briefing: A guide to social media risk management strategy
Social media is valuable, but it’s also risky. Here are strategies for corporate social media policy, social network monitoring and risk management to protect sensitive information. Tutorial
-
FAQ: What is the Sony PlayStation Network security breach's impact?
The Sony PlayStation Network security breach affected millions of users. In this FAQ, learn how it was done, and its costs and likely ramifications. FAQ
-
FAQ: How will the Epsilon security breach influence email regulations?
The Epsilon security breach put a spotlight on email regulations, or the lack thereof. In this FAQ, learn what caused the breach, its cost to customers and the potential impact. F.A.Q.
-
GRC management strategies: Test your IQ
Are you up to speed on the latest governance, risk and compliance management strategies? Take our GRC quiz and find out. Quiz
-
FAQ: What is the Federal Information Security Management Act?
The Federal Information Security Management Act aims to improve information security by requiring federal agencies to comply with standards. Learn more with this FISMA FAQ. FAQ
-
Compliance Product Spotlight: File share, GRC, Solvency II offerings
Here are some of the latest compliance products and risk management solutions that can help your company stay in step with the governance, risk and compliance regulations. Product Spotlight
-
FAQ: An introduction to the ISO 31000 risk management standard
Learn more about ISO 31000:2009, a new risk management standard: It's plainly written, short, process-oriented and relevant reading for anyone dealing with risk. FAQ
-
Optimizing ERP investments through manufacturing ERP management best practices
Managing manufacturing ERP systems is more complicated than ever, but these five best practices can help drive better value from your ERP software investments. Tutorial
-
Expert tips for auditing manufacturing ERP systems
ERP solutions hold the core data and processes that manufacturers need to run their businesses. Internal audits help ensure that ERP systems for manufacturers are running as smoothly as their lines. Tutorial
- See More: Essential Knowledge on Risk management and compliance
-
Compliance Q&A: EPIC rep discusses objections to Google privacy policy
In this Q&A, EPIC Consumer Protection Fellow David Jacobs discusses the organization’s objections to Google’s privacy policy and how to improve online consumer privacy. News | 20 Feb 2012
-
New Cybersecurity Act faces same old criticism
The Cybersecurity Act of 2012 promises a new approach to online data protection, but it faces the same criticisms that plagued previous legislation. News | 15 Feb 2012
-
Online Trust Alliance guide offers tips for data protection strategies
With the number and severity of breaches increasing, data protection strategies are vital. To help, the Online Trust Alliance has released a guide to online data protection. News | 09 Feb 2012
-
Google, EU put online privacy policies in spotlight
Online privacy policies are making news again, after the EU made sweeping changes to its data protection rules and Google released a new policy. News | 30 Jan 2012
-
Protests put antipiracy legislation under a microscope
After high-profile Internet protests of antipiracy legislation, lawmakers backtracked on pushing them through. But reaching a compromise won't be easy. News | 20 Jan 2012
-
EPIC letter questions Google’s online consumer privacy
The Electronic Privacy Information Center is pushing the FTC to investigate changes to Google Search that EPIC says violates online consumer privacy. News | 13 Jan 2012
-
OPEN gets support as Stop Online Piracy Act alternative
Big names in online business support the OPEN Act, an alternative to the Stop Online Piracy Act that they say better targets copyright infringement. News | 06 Jan 2012
-
With influx of gifted gadgets, mobile device security top of mind for IT
After the holidays, many companies are facing an influx of mobile devices that could affect compliance with various regulations. Is your mobile device security strategy ready? News | 03 Jan 2012
-
Carrier IQ software creates compliance concerns, regardless of intent
As Carrier IQ defends its data collection processes, some experts say the fact that the information being collected exists at all is a potential privacy and compliance violation. News | 14 Dec 2011
-
Mobile malware, targeted attacks top online security threats in 2012
In 2011, mobile malware and targeted attacks against big-name companies were among the top online security threats. Here’s why you need to prepare for more of the same in 2012. News | 23 Nov 2011
- See More: News on Risk management and compliance
-
Our dangerous overdependence on information technology audits
Although information technology audits can uncover GRC gaps, lower-level issues are often overlooked when relying on them for security assurance, says contributor Kevin Beaver. Tip
-
Vulnerabilities exposed during disposal of used computers
Upgrading equipment? Proper disposal of used computers is necessary to reduce risk, because sensitive data is vulnerable when old electronics go out the door. Tip
-
Avoid the 'oops' moment: Tips for encryption management best practices
Effective encryption management can help your business stay compliant, protect its reputation and avoid embarrassment. But encryption should supplement security, not replace it. Tip
-
False alarms: Analyzing your leading risk management indicators
To alleviate risk, it’s necessary to validate risk management indicators specific to your organization. Here’s how, and why avoiding it could negatively affect your GRC program. Tip
-
Using governance, risk and compliance to improve business performance
Governance, risk and compliance are vital to every successful business, but our expert says companies often don’t take advantage of GRC’s critical influence on performance. Tip
-
Best practices to help meet your organizational compliance objectives
Meeting compliance objectives is not just up to IT anymore -- a collaborative approach is necessary. Here’s advice to achieve top-down organizational compliance at your company. Tip
-
Q&A: Fit sustainability into an enterprise risk management strategy
IT strategy expert Adrian Bowles discusses risk management and sustainability trends, and why joining the two is vital to a solid and comprehensive enterprise risk management strategy. Tip
-
Best practices for risk management and sustainability convergence
As the term ”sustainability" has become popular in business, some have questioned its relationship with GRC. But risk management and sustainability are not mutually exclusive. Tip
-
Five tips to balance risk management and compliance
Being protected from risk does not automatically mean you are compliant. Learn how you can properly balance risk management and compliance with tips from some of our top articles. Tip
-
Managing information risk inherent to an effective compliance strategy
An effective compliance strategy requires more than simply adhering to laws and regulations. Staying compliant also requires attention to managing information risk. Tip
- See More: Tips on Risk management and compliance
-
enterprise security governance
Enterprise security governance is a company's strategy to reduce risk by protecting systems and information, as well as its execution of that strategy. Definition
-
social media policy
A social media policy (also called a social networking policy) is a corporate code of conduct that provides guidelines for employees who post content on the Internet either as part of their job or as a private person. Definition
-
Chief Risk Officer (CRO)
The chief risk officer (CRO) is the corporate executive tasked with assessing and mitigating significant competitive, regulatory and technological risks across the enterprise. Definition
-
Occupational Safety and Health Administration (OSHA)
Occupational Safety and Health Administration (OSHA) is a federal organization (part of the Department of Labor) that ensures safe and healthy working conditions for Americans by enforcing standards and providing workplace safety training. Definition
-
compliance audit
A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines. Independent accounting, security or IT consultants evaluate the strength and thoroughness of compliance preparations. Auditors review security polic... Word
-
IT investments for manufacturers managing global supply chains
In this podcast, Jane Barrett of AMR Research Inc. discusses the best places for manufacturers to invest in IT to overcome challenges and maximize opportunities that globalization creates for supply chains. Podcast
-
Business model risk is a key part of your risk management strategy
Management consultants Amit Sen and John Vaughan discuss business model risk, a way to apply risk management policies to new or changed business processes. Podcast transcript
-
A closer look at computer forensics and e-discovery processes
This podcast defines both computer forensics and e-discovery processes and provides examples of how some CIOs are increasing awareness of these disciplines in the enterprise. Podcast
-
Compliance Q&A: EPIC rep discusses objections to Google privacy policy
In this Q&A, EPIC Consumer Protection Fellow David Jacobs discusses the organization’s objections to Google’s privacy policy and how to improve online consumer privacy. News
-
Our dangerous overdependence on information technology audits
Although information technology audits can uncover GRC gaps, lower-level issues are often overlooked when relying on them for security assurance, says contributor Kevin Beaver. Tip
-
New Cybersecurity Act faces same old criticism
The Cybersecurity Act of 2012 promises a new approach to online data protection, but it faces the same criticisms that plagued previous legislation. News
-
Online Trust Alliance guide offers tips for data protection strategies
With the number and severity of breaches increasing, data protection strategies are vital. To help, the Online Trust Alliance has released a guide to online data protection. News
-
Vulnerabilities exposed during disposal of used computers
Upgrading equipment? Proper disposal of used computers is necessary to reduce risk, because sensitive data is vulnerable when old electronics go out the door. Tip
-
Google, EU put online privacy policies in spotlight
Online privacy policies are making news again, after the EU made sweeping changes to its data protection rules and Google released a new policy. News
-
Briefing: Governing risk management and compliance
Organizations can waste resources by not syncing risk management and compliance efforts. Here’s how to adapt risk management and stay compliant. AIOG
-
Briefing: Governing risk management and compliance
Compliance Briefing
-
Protests put antipiracy legislation under a microscope
After high-profile Internet protests of antipiracy legislation, lawmakers backtracked on pushing them through. But reaching a compromise won't be easy. News
-
EPIC letter questions Google’s online consumer privacy
The Electronic Privacy Information Center is pushing the FTC to investigate changes to Google Search that EPIC says violates online consumer privacy. News
- See More: All on Risk management and compliance
About Risk management and compliance
Risk management is an essential part of compliance planning. Find news, advice, commentary and best practices on coordinating your risk management initiatives with your compliance goals.