The past year was a big one for governance, risk and compliance, as newsmakers such as Edward Snowden and Anonymous continued to put a spotlight on IT security, consumer privacy and government cybersecurity. These new concerns arose as old-standby concerns -- such as bring your own device -- and cloud deployment continued to complicate GRC-related data management at many organizations.
Throughout the year, SearchCompliance provided expert advice to help professionals navigate the complicated governance, risk and compliance (GRC) landscape in the digital age. Here, in our "Top 10 of 2013," we listed the site's most-viewed compliance articles in the past year. The list presents advice on a wide variety of GRC topics, and we hope you find it useful when developing a business strategy in 2014 and beyond.
Transparency, foresight needed to incorporate employee privacy in BYOD
Security is usually the biggest focus in an enterprise bring-your-own-device (BYOD) policy -- oftentimes at the expense of employee privacy. In this tip, contributor Ed Moyle explains why putting privacy on the back burner during BYOD deployment is a mistake, and how to avoid legal and employee satisfaction backlash.
Increased data management focus requires governance strategy revamp
As information increasingly becomes a business commodity, data governance is a vital tool to maintain efficient processes and protect corporate interests. In this Q&A, information governance expert Jeffrey Ritter explains how this new data management focus is forcing companies to adapt organization-wide digital processes.
Salary Survey: GRC pros welcome increased responsibility
Regulatory mandates and IT security threats put an inordinate amount of pressure on governance, risk and compliance professionals to protect company assets. But those in the GRC field welcome the new challenges -- and the salary boost that tends to come with them, our annual IT Salary Survey found.
Cloud, social media influencing corporate approach to risk management
The cloud and social media provide huge business benefits, but also pose giant risks to companies. In this video shot at the 2013 Marcus Evans Enterprise Risk Management Conference in Chicago, SearchCompliance Editor Ben Cole sat down with five risk management professionals to discuss how the cloud and social media are influencing their businesses' approaches to enterprise risk management strategies.
Webcast: Evolving data protection, privacy laws create BYOD legal concerns
BYOD policies have evolved into must-have tools for IT organizations trying to protect data assets while also appeasing employees who want to use their personal devices for work. Worldwide data protection laws, however, complicate BYOD deployment for organizations operating on a global scale. In this video webcast, learn how organizations can avoid BYOD legal concerns in the face of evolving data security and privacy laws.
Identifying metrics to determine risk management ROI
IT risk mitigation and strategy has become common for businesses, but specific metrics to determine the success of these efforts are often hard to come by. Was the organization just lucky that nobody sought their sensitive data, or was their risk strategy effective in preventing a breach? In this video, risk management pros give advice on how businesses can identify company-specific risk management metrics.
HIPAA compliance rules extend to business associates
A new rule extends Health Insurance Portability and Accountability Act (HIPAA) compliance requirements to covered entities' business associates, creating new compliance obligations for many organizations. In this tip, learn how organizations can determine if they are affected by the rule change, and why it requires updates to data security and privacy operations.
BYOD movement introduces new compliance risks
BYOD programs are touted as a way to improve employee satisfaction, increase productivity and reduce costs. Mobile devices are also susceptible to unsecure networks, application downloads and data, creating numerous regulatory compliance concerns. In this FAQ, learn more about the potential security and compliance risks stemming from BYOD.
Big data forces new look at data management
Many organizations have struggled with how to handle unstructured data -- often described as text-heavy, trivial and unorganized information. The amount of data floating around the average organization makes determining who owns specific data, how long to keep that data, and who is responsible for managing it a difficult proposition. To avoid increased risk and storage costs, however, businesses are going to have to start making changes to how they approach information governance.
FAQ: The evolution of U.S. cybersecurity legislation
After years of U.S. officials trying -- and failing -- to pass a cyberprotection law, legislators in 2013 once again debated cybersecurity bills. In this FAQ, learn about the latest bills designed to protect the nation's infrastructure and organizations from cybercrime, and learn why previous iterations were denied largely due to opposition from business groups.