-
Five tips to help guide your green compliance strategy
As more industries push for environmentally friendly processes, green compliance is a major concern. Here are tips to help incorporate the right green IT practices at your organization.
-
Keys to an audit-driven corporate compliance program
Creating an audit kit is usually the last part of corporate compliance program development. Our expert says your organization may be better served by flipping the process.
-
Does your SaaS system meet SOX compliance requirements?
A SaaS vendor can provide many benefits, but adhering to SOX compliance requirements remains a concern. Here’s help to stay compliant when using Software as a Service.
-
New security twists in the Cybersecurity Act of 2012
The Cybersecurity Act of 2012 gives the government more control over the private sector’s information security. But are the new rules really needed? Our expert says no.
-
Beware overdependence on information technology audits
Although information technology audits can uncover GRC gaps, lower-level issues are often overlooked when relying on them for security assurance, says contributor Kevin Beaver.
-
Disposal of used computers exposes vulnerabilities
Upgrading equipment? Proper disposal of used computers is necessary to reduce risk, because sensitive data is vulnerable when old electronics go out the door.
-
Make sustainability vital to your compliance operation
With the increased interest in going green, sustainability and compliance are now directly related. But making sustainability integral to your compliance operation is not easy.
-
Avoid the 'oops' moment: Keys to encryption management
Effective encryption management can help your business stay compliant, protect its reputation and avoid embarrassment. But encryption should supplement security, not replace it.
-
Best practices for analyzing risk management indicators
To alleviate risk, it’s necessary to validate risk management indicators specific to your organization. Here’s how, and why avoiding it could negatively affect your GRC program.
-
Governance, risk and compliance ties to biz performance
Governance, risk and compliance are vital to every successful business, but our expert says companies often don’t take advantage of GRC’s critical influence on performance.
-
Five tips to help achieve organizational compliance
Meeting compliance objectives is not just up to IT anymore -- a collaborative approach is necessary. Here’s advice to achieve top-down organizational compliance at your company.
-
How organizational buy-in helps the compliance function
Compliance sometimes is overlooked, but organizational development can go a long way in helping IT leaders -- and the company -- maintain the necessary compliance function.
-
Make risk management and sustainability work together
IT strategy expert Adrian Bowles discusses risk management and sustainability trends, and why joining the two is vital to a solid and comprehensive enterprise risk management strategy.
-
Don’t let your ECM solution compromise compliance
Compliance can get overlooked in an enterprise content management strategy. Our expert shares the hidden pitfalls of ECM solutions, and how to avoid hampering compliance functions.
-
Managing risk management and sustainability
As the term ”sustainability" has become popular in business, some have questioned its relationship with GRC. But risk management and sustainability are not mutually exclusive.
-
Five tips to balance risk management and compliance
Being protected from risk does not automatically mean you are compliant. Learn how you can properly balance risk management and compliance with tips from some of our top articles.
-
Managing information risk inherent to staying compliant
An effective compliance strategy requires more than simply adhering to laws and regulations. Staying compliant also requires attention to managing information risk.
-
What are you doing about smartphone security risks?
Smartphone security risks have become a huge compliance challenge for many enterprises, but being proactive and implementing security policies can help prevent smartphone hacking.
-
Use the OWASP Top 10 to meet compliance standards
Mapping security processes to protect against the OWASP Top 10 could ease Web application vulnerabilities and help some companies stay compliant.
-
Outsourcing fuels compliance risk management woes
Outsourcing can add to compliance risk management problems for federally regulated groups whose work involves sensitive areas like national security.
-
Should compliance dictate cybersecurity policy?
Recent breaches display the importance of cybersecurity policy, and regulations provide a decent data protection roadmap. But compliance does not automatically equal security.
-
Seven lessons learned from a credit card data breach
A credit card data breach can create turmoil throughout your organization. Here are seven information security and compliance lessons to help your business.
-
Using a pilot program to outline your GRC requirements
It’s important to be familiar with your organization's exact GRC requirements when choosing which tools to buy, build or outsource. Here’s how a pilot program can help guide you.
-
Disk encryption and data protection for HIPAA, HITECH
Staying vigilant about encryption and data protection not only keeps you compliant with HIPAA and HITECH, but also helps reduce overall business risk.