Managing compliance operations
- May 01, 2009
A lunchtime roundtable with the Advisory Board for last week's RSA Conference 2009 offered forward-looking advice on information security trends and cybersecurity threats based on research and ...
- April 27, 2009
In this IT Compliance Advisor podcast from SearchCompliance.com, associate editor Alexander B. Howard interviews Bruce Jones, chief information security officer (CISO) at Eastman Kodak Co. Over the ...
- April 24, 2009
What's been the buzz at the RSA Conference? Constant and loud, to be sure, but perhaps a dull roar compared with past years. Seasoned analysts, vendors and delegates all note that attendance is ...
- April 22, 2009
"It is the fundamental responsibility of our government to secure cyberspace for its citizens and the world." -- Melissa Hathaway Melissa Hathaway's keynote at RSA kicked off with the Mission ...
- April 21, 2009
Ship captains have long started their days by initialing log entries. As a former senior security executive at a financial services firm with $500 billion in assets under management and over 20,000 ...
- April 13, 2009
There is a big difference between being PCI DSS compliant and being "certified" as PCI DSS compliant, says e-commerce expert Evan Schuman of StorefrontBacktalk.com in this edition of the IT ...
- April 09, 2009
This is a guest post by Laurence Anker, engagement manager, technology risk management, at Jefferson Wells International Inc. The only constant in information technology today is change. The ...
- April 01, 2009
Have you been to Ediscovery.gov yet? Before you gasp, remember what day it is. If it's April 1, it must be time for online jokes and hoaxes -- check out TechCrunch's list of April Fools jokes. ...
- March 30, 2009
Leslie Stahl's segment on 60 Minutes on the danger of the Conficker worm releasing a massive DDoS attack or other malicious action on April 1 has received widespread attention in the public eye and ...
- March 26, 2009
Here's some sound advice for merchants or service providers who are wondering if they are in compliance with the PCI DSS requirements. A key question that needs to be addressed before implementing ...
- March 23, 2009
The hype around cloud computing may have subsided, but the issues around adapting and adopting the underlying model are as hot as ever. The enterprise IT headline of the week in The Wall Street ...
- March 19, 2009
[One of our readers, compliance officer Ramon de Bruijn, wrote to the editors of SearchCompliance.com at email@example.com last month looking for some advice. Specifically, he asked "What ...
- March 13, 2009
As business owners are preparing for the new Massachusetts data protection law, also known as 201 CMR 17: Standards for The Protection of Personal Information of Residents of the Commonwealth, due ...
- March 13, 2009
As I wrote yesterday, the Compliance Decisions Summit got off to a great start when Eric Holmquist and Richard Mackey considered the future of compliance in their talks before a crowded hall of ...
- March 12, 2009
"Compliance management is one aspect of risk management. It's about risk alignment. It's never about checklists." -Eric Holmquist
- March 05, 2009
As those of you who have followed the launch of SearchCompliance.com know, we've been using our @ITCompliance account on Twitter to share news, find our audience, get the freshest compliance news ...
- February 27, 2009
"A day at the beach can turn into a hurricane fast." That's the tagline Sarah Cortes chose for Inman TechnologyIT, her Cambridge, Massachusetts-based consultancy. What's the context? Disaster ...
- February 18, 2009
Are there unique issues that arise out of Windows compliance?
- February 16, 2009
This is a guest post by John Rostern, Jefferson Wells’ Eastern Region Practice Leader for Technology Risk Management. His last post explained why regulatory compliance doesn’t always bring ...
- February 12, 2009
This is a guest post from Barclay T. Blair, author of Information Nation and head of the information governance practice at Forensics Consulting Solutions LLC. “The fact of the matter is that this ...
- February 05, 2009
Lip service or room service? Is IT going to get a real budget to put in and operate the systems needed for compliance with the Sarbanes-Oxley Act (SOX), HIPAA or whatever else is needed? Or will ...
- February 03, 2009
This is a guest post from Barclay T. Blair, author of Information Nation and head of the information governance practice at Forensics Consulting Solutions LLC. “[S]unlight remains the best ...
- January 28, 2009
This is a guest post by Cass Brewer, the founder of Truth to Power Association. John Rostern recently blogged here about the dangers of checkbox compliance, noting that regulatory compliance ...
- January 19, 2009
What is the state of IT healthcare compliance in 2009? Dr. William Yasnoff has some thoughts. [display_podcast] His reply to " Healthcare compliance gets boost from national HHS privacy framework," ...
- January 15, 2009
This is a guest post by John Rostern, Jefferson Wells’ Eastern Region Practice Leader for Technology Risk Management. IT organizations spend billions annually on compliance-related projects. That ...