- April 15, 2013
(This blog post was written by Marilyn Bier, chief executive officer of ARMA International.) Organizations depend on information to manage day-to-day operations, comply with regulations, gauge ...
- March 08, 2013
In this Product Spotlight, learn about new compliance monitoring tools to help financial institutions meet regulatory and data reporting requirements.
- January 18, 2013
So you want to pursue a career in compliance? I can't really blame you. With a median salary of more than $60,000, it can certainly pay off -- and the sky's the limit moving forward. Of course, ...
- July 13, 2012
Our latest product spotlight examines the Unified Compliance Framework, an online tool designed to identify and reduce redundant GRC processes.
- May 14, 2012
The GRC technology market has become increasingly targeted but companies' buying decisions have not followed suit. How can you make sure you're getting the most bang for your buck?
Sponsored by Forcepoint - Organizations of all sizes have been called upon to swiftly support remote work in order to safeguard the health of their workforce and local communities. As businesses are called upon to scale up remote work procedures for the physical safety of employees, IT teams must accelerate the adoption of technology that ensures their people and data are secure—without hurting productivity or morale. See More
Sponsored by DellEMC - We are at the beginning of a new decade, but some things never change. When it comes to cloud computing, security remains the number one priority for decision-makers across business, IT and cybersecurity functions. See More
Sponsored by Forcepoint - As security teams are tasked with the duty of rapidly scaling up protections for remote workers, one of the key considerations they must keep in mind is how to safeguard data no matter where it resides or travels. This is hardly a new problem. However, the vastly broadened scope of remote work today requires security teams to revisit policies and technologies. Some solutions that may have been sufficient for isolated use cases don't adequately protect a completely distributed workforce. See More
Sponsored by DellEMC - In migrating applications to the public cloud, IT teams are confronting two separate but related issues that add costs and complexity: refactoring and repatriation. See More
- May 08, 2012
If you look at news headlines, you’d think the sky were falling with all of the hack attacks and subsequent data breaches taking place. Just glancing at the Chronology of Data Breaches says it all. ...
- April 23, 2012
ISACA’s update to its popular COBIT 5 framework incorporates a business-wide approach the organization says helps enterprises maximize their information and technology assets.
- February 09, 2012
With the number and severity of breaches increasing, data protection strategies are vital. To help, the Online Trust Alliance has released a guide to online data protection.
- December 15, 2011
Although many companies see the benefits of a solid cloud computing strategy, our survey found that security and compliance often fall by the wayside when businesses move to the cloud.
- December 06, 2011
When it comes to IT governance, it's one thing to have staff completing compliance risk management processes; it's quite another to be confident that everything is indeed in line and secure. ...
- October 17, 2011
Compliance means different things to different people. Indeed, regulatory compliance requirements are -- and should be -- handled differently based on the unique needs of the business. The ugly ...
- September 26, 2011
The regulatory landscape's evolution requires close attention to risk management and compliance processes. But GRC also makes good business sense, and can improve your bottom line.
- July 05, 2011
Companies need an effective way to mitigate the risks of increasingly ubiquitous social media. But establishing a solid corporate social media policy is no easy task.
- February 17, 2011
Constant updates to compliance regulations can cause headaches for IT departments. Learn more about the latest compliance products to help you with compliance and GRC management.
- September 17, 2010
The CISO of financial giant Credit Suisse says the key to successful global security and risk management is a uniform governance system supported by a common policy framework.
- July 23, 2010
IT Compliance Advisor welcomes our new blogger, Frank Ohlhorst: Meeting the needs of compliance regulations effectively means that IT staffers must be able to monitor and report on any activity ...
- May 18, 2010
Gartner analyst wonders why no PCI-like standard exists for bank account information, which online criminals are targeting.
- January 26, 2010
Experts share lessons learned by midmarket companies trying to comply with PCI DSS in areas such as self assessment questionnaires, encryption, policy creation and application security
- December 18, 2009
FISMA compliance is on the horizon for cloud computing vendors catering to the federal government. New security metrics from OMB aren't hazy on potential requirements, either.
- December 16, 2009
ISACA has released a risk management framework to help enterprise compliance officers identify, govern and manage IT risk. The Risk IT framework is aligned with COBIT.
- October 21, 2009
As SaaS and cloud vendors promote security standards like ISO 27001 or SAS 70, experts urge users to delve deeper. What matters is that vendors meet your security needs.
- October 06, 2009
Emerging technologies that allow users to broadcast geographic locations raise many issues for companies, CIOs, while legislatures and the FTC consider legal aspects.
- July 28, 2009
Traditionally adversaries, CISOs and auditors can leverage each other's skills to move toward a risk-based approach to compliance.
- June 30, 2009
Using a risk-based approach to address regulatory mandates is all the rage in compliance circles, but it's not for beginners. Here's how it works.
- June 19, 2009
Twitter can be used for social good, business and journalism, but the potential for exploitation by cybercriminals and noncompliance with regulatory requirements is real and growing.
- March 19, 2009
[One of our readers, compliance officer Ramon de Bruijn, wrote to the editors of SearchCompliance.com at firstname.lastname@example.org last month looking for some advice. Specifically, he asked "What ...
- October 09, 2008
As the SEC looks to replace Generally Accepted Accounting Principles with the International Financial Reporting Standards, CIOs should evaluate the effects on financial data and application architecture now.
- January 09, 2008
Shon Harris suggests ways to draft an internal procedure on how to handle confidential data. She discusses data classification polices, steps to develop and roll out a data classification program, and what your guidelines should cover.