News

News

• June 25, 2014 25 Jun'14

  The FCC net neutrality proposal: What it may mean for companies, ISPs

  #GRCchat participants discussed the FCC net neutrality proposal and what it might mean for companies, ISPs and consumers in this recap of SearchCompliance's monthly Twitter chat.

• June 06, 2014 06 Jun'14

  Twitter chat: Top information security threats revealed

  May #GRCchat participants share top information security threats and how to prevent data breaches caused by the biggest culprits: employees.

• May 30, 2014 30 May'14

  CSO: System logging a vital computer security tool

  Tenable Network Security CSO Marcus Ranum reveals that data-driven intelligence is not as critical as system logging to security strategy.

• May 20, 2014 20 May'14

  Twitter chat: Develop a risk profile for better breach prevention

  In this #GRCchat recap, a former Federal Communications Commission CIO discusses how a quantitative risk profile can mitigate financial risk.

• December 20, 2013 20 Dec'13

  GRC professionals' salaries increase as demand for their skills rises

  As businesses expand their IT security and compliance focus, GRC professionals are seeing salary increases with their broadened responsibilities.

• Sponsored News

  • 3 Key Benefits of Hybrid Cloud as a Service

    Sponsored by HPE - Organizations are increasingly turning to hybrid cloud as the platform of choice as they continue to respond to changing business conditions caused by the global COVID-19 pandemic. In addition to research by Hewlett Packard Enterprise (HPE) on cloud acceleration and remote work, a recent survey by KPMG sheds light specifically on the value of hybrid cloud. See More

  • The Business Case for a Consistent Hybrid Cloud Experience

    Sponsored by Dell Technologies - Increased complexity is one of the biggest challenges facing IT teams in building and managing multicloud environments. Using different management tools for different platforms, whether private or public clouds, makes it harder—if not impossible—to effectively manage costs, security, governance, performance, compliance and availability. See More

  • Leveraging IT Modernization to Drive Business Transformation

    Sponsored by HPE - COVID-19 has forced many organizations to embrace digital transformation to accommodate dramatic and sudden changes in their business models. Almost every industry has been affected: Healthcare had to expand telehealth services, retail had to move to online, and education had to shift to remote teaching and learning—all at a rapidly accelerated pace. See More

  • Reduce Risk in Moving Workloads to the Cloud

    Sponsored by Dell Technologies - IT teams can significantly mitigate risk in moving workloads to the cloud by using familiar technologies, processes and skill sets across all environments, from the data center to the edge to multicloud environments. See More

  View All Sponsored News
• November 18, 2013 18 Nov'13

  Preparation underway for Dodd-Frank conflict mineral disclosures

  Dodd-Frank conflict mineral provisions create new disclosure rules for public companies. In this tip, learn how to prepare for the regulations.

• April 15, 2013 15 Apr'13

  Eight principles of information governance and risk management

  (This blog post was written by Marilyn Bier, chief executive officer of ARMA International.) Organizations depend on information to manage day-to-day operations, comply with regulations, gauge ...

• March 08, 2013 08 Mar'13

  Product Spotlight: Compliance monitoring tools for finance firms

  In this Product Spotlight, learn about new compliance monitoring tools to help financial institutions meet regulatory and data reporting requirements.

• January 18, 2013 18 Jan'13

  Considering a career in compliance? Heed these warnings first

  So you want to pursue a career in compliance? I can't really blame you. With a median salary of more than $60,000, it can certainly pay off -- and the sky's the limit moving forward. Of course, ...

• July 13, 2012 13 Jul'12

  Developers: Unified Compliance Framework helps organize GRC processes

  Our latest product spotlight examines the Unified Compliance Framework, an online tool designed to identify and reduce redundant GRC processes.

• May 14, 2012 14 May'12

  As GRC technology becomes more complex, so do buying decisions

  The GRC technology market has become increasingly targeted but companies' buying decisions have not followed suit. How can you make sure you're getting the most bang for your buck?

• May 08, 2012 08 May'12

  Five corporate compliance program traits you need to prevent breaches

  If you look at news headlines, you’d think the sky were falling with all of the hack attacks and subsequent data breaches taking place. Just glancing at the Chronology of Data Breaches says it all. ...

• April 23, 2012 23 Apr'12

  ISACA: Update to COBIT 5 governance framework maximizes IT assets

  ISACA’s update to its popular COBIT 5 framework incorporates a business-wide approach the organization says helps enterprises maximize their information and technology assets.

• February 09, 2012 09 Feb'12

  Online Trust Alliance guide offers tips for data protection strategies

  With the number and severity of breaches increasing, data protection strategies are vital. To help, the Online Trust Alliance has released a guide to online data protection.

• December 15, 2011 15 Dec'11

  Survey: Security, compliance often lacking in cloud computing strategy

  Although many companies see the benefits of a solid cloud computing strategy, our survey found that security and compliance often fall by the wayside when businesses move to the cloud.

• December 06, 2011 06 Dec'11

  The top 10 compliance risk management questions you should be asking

  When it comes to IT governance, it's one thing to have staff completing compliance risk management processes; it's quite another to be confident that everything is indeed in line and secure. ...

• October 17, 2011 17 Oct'11

  Seven common regulatory compliance requirement assumptions to avoid

  Compliance means different things to different people. Indeed, regulatory compliance requirements are -- and should be -- handled differently based on the unique needs of the business. The ugly ...

• September 26, 2011 26 Sep'11

  How risk management and compliance policies affect your bottom line

  The regulatory landscape's evolution requires close attention to risk management and compliance processes. But GRC also makes good business sense, and can improve your bottom line.

• July 05, 2011 05 Jul'11

  Ways to mitigate risk with a corporate social media policy

  Companies need an effective way to mitigate the risks of increasingly ubiquitous social media. But establishing a solid corporate social media policy is no easy task.

• May 19, 2011 19 May'11

  GRC conferences to help you remain on top of your compliance game

  In the need for some IT training? Check out our list of GRC conferences designed to help your enterprise stay current with the latest compliance regulations and GRC strategy trends.

• March 17, 2011 17 Mar'11

  New regulations, e-discovery software demand driving market behavior

  The e-discovery software market is growing due to more stringent governance, risk management and compliance regulations -- a trend that’s driving the creation of smarter solutions.

• February 17, 2011 17 Feb'11

  Compliance and GRC management tools

  Constant updates to compliance regulations can cause headaches for IT departments. Learn more about the latest compliance products to help you with compliance and GRC management.

• October 11, 2010 11 Oct'10

  Expert: Failed risk management practices key to financial crisis

  The financial crisis is an example of what can happen when those responsible for establishing and maintaining risk management practices are asleep at the switch, an expert says.

• September 17, 2010 17 Sep'10

  Standardization key to Credit Suisse information security governance framework

  The CISO of financial giant Credit Suisse says the key to successful global security and risk management is a uniform governance system supported by a common policy framework.

• July 23, 2010 23 Jul'10

  How to meet compliance regulations with Windows Active Directory

  IT Compliance Advisor welcomes our new blogger, Frank Ohlhorst: Meeting the needs of compliance regulations effectively means that IT staffers must be able to monitor and report on any activity ...

• May 18, 2010 18 May'10

  Should there be PCI security requirements for bank account data?

  Gartner analyst wonders why no PCI-like standard exists for bank account information, which online criminals are targeting.

• January 26, 2010 26 Jan'10

  PCI DSS checklist: Mistakes and problem areas to avoid

  Experts share lessons learned by midmarket companies trying to comply with PCI DSS in areas such as self assessment questionnaires, encryption, policy creation and application security

• December 18, 2009 18 Dec'09

  FISMA compliance for federal cloud computing on the horizon in 2010

  FISMA compliance is on the horizon for cloud computing vendors catering to the federal government. New security metrics from OMB aren't hazy on potential requirements, either.

• December 16, 2009 16 Dec'09

  ISACA publishes new IT risk management framework based on COBIT

  ISACA has released a risk management framework to help enterprise compliance officers identify, govern and manage IT risk. The Risk IT framework is aligned with COBIT.

• October 21, 2009 21 Oct'09

  ISO 27001 certification not enough for verifying SaaS, cloud security

  As SaaS and cloud vendors promote security standards like ISO 27001 or SAS 70, experts urge users to delve deeper. What matters is that vendors meet your security needs.

• October 06, 2009 06 Oct'09

  GPS devices, geolocation data create privacy, security risks

  Emerging technologies that allow users to broadcast geographic locations raise many issues for companies, CIOs, while legislatures and the FTC consider legal aspects.

• July 28, 2009 28 Jul'09

  How CISOs can leverage the internal audit process

  Traditionally adversaries, CISOs and auditors can leverage each other's skills to move toward a risk-based approach to compliance.

• June 30, 2009 30 Jun'09

  Strategic risk management includes risk-based approach to compliance

  Using a risk-based approach to address regulatory mandates is all the rage in compliance circles, but it's not for beginners. Here's how it works.

• June 19, 2009 19 Jun'09

  Twitter security risks, popularity spark regulatory concerns

  Twitter can be used for social good, business and journalism, but the potential for exploitation by cybercriminals and noncompliance with regulatory requirements is real and growing.

• March 19, 2009 19 Mar'09

  How do you align an IT risk assessment with COBIT controls?

  [One of our readers, compliance officer Ramon de Bruijn, wrote to the editors of SearchCompliance.com at [email protected] last month looking for some advice. Specifically, he asked "What ...

• October 09, 2008 09 Oct'08

  What you need to know about the IFRS accounting standards

  As the SEC looks to replace Generally Accepted Accounting Principles with the International Financial Reporting Standards, CIOs should evaluate the effects on financial data and application architecture now.

• January 09, 2008 09 Jan'08

  Drafting data classification policies and guidelines

  Shon Harris suggests ways to draft an internal procedure on how to handle confidential data. She discusses data classification polices, steps to develop and roll out a data classification program, and what your guidelines should cover.