peshkova - Fotolia
One only need glance at the major headlines from the past year to recognize the importance of governance, risk management and compliance strategy to businesses and their customers. Big-name retailers such as Target, Home Depot and Sony experienced major data breaches, putting a spotlight on businesses' data protection readiness. Companies' efforts to lock down online security were further complicated as privacy compliance mandates evolved and data volumes grew exponentially.
In 2014, SearchCompliance strived to provide our readers with the latest strategies to navigate the increasingly complicated regulatory, information governance and risk management landscape. In our "Top 10 of 2014," we list the site's most popular articles in the past year. We hope you find it useful when developing your business' governance, risk and compliance strategy in 2015 and beyond.
The public, private sector benefits of whistleblower protection
Can information leaks actually build trust in information security and its associated processes? According to Professor Glenn Harlan Reynolds from the University of Tennessee's College of Law, the answer is "yes" -- and companies aren't doing enough to encourage whistleblowers to leak bad behavior. In this video interview, Reynolds discusses the benefits of whistleblower protection and how an "army of Davids" has forced changes to security processes.
Automated SoD boosts legal, regulatory compliance processes
Regulatory compliance mandates such as the Sarbanes Oxley Act requires segregation of duties (SoD) to prevent error and fraud. Huge data volumes and the need for rapid transactions, however, have made manual SoD impractical. In this feature, Michael Rasmussen from GRC 20/20 Research discusses how automated SoD can ultimately drive down regulatory compliance costs and reduce fraud.
Three steps to a mature cybersecurity program
A cybersecurity strategy is daunting in the digital age, as companies struggle to ensure top-down data protection despite constant threats. In this tip, corporate compliance and risk management expert Jeff Jenkins presents what he says are three invaluable -- but often overlooked -- strategies that are essential to cybersecurity program development.
The missing links of records management compliance
Data processing, electronic commerce and digital communications have forced big changes to records and information management processes. And as the global regulatory landscape continues to shift, companies can sometimes be oblivious to the processes required to achieve records management compliance. In this tip, information governance expert Jeffrey Ritter discusses these "missing links" to records management compliance, and why they increase costs and the likelihood of regulatory missteps.
Companies seek security, business benefits with formal GRC programs
As regulatory compliance and data security become increasingly difficult to maintain in the digital age, more companies are turning to a formal GRC strategy to keep up. In doing so, some organizations are examining the ways in which GRC programs are not only expensive, but can also benefit the bottom line.
Records and information management likely to lead privacy compliance charge
Privacy has become a top business priority for organizations, and compliance regulations increasingly mandate improved consumer data protection. In this Q&A, attorney John Isaza says records and information management (RIM) professionals are prime candidates to lead change management efforts as businesses adapt to new privacy compliance requirements.
Big data analytics reduces risk, boosts information value
It is no secret that big data creates numerous legal and compliance risks for modern organizations. The biggest big data risk, however, according to Information Governance Initiative founder and Executive Director Barclay T. Blair, may be an inability to properly analyze every piece of information for potential value.
As data sources multiply, profiling key to information management
The prevalence such technologies as mobility and cloud computing has made it difficult for companies to track and monitor information for effective e-discovery, data security and compliance. In this video interview, eDJ Group Inc. principal analyst and co-founder Barry Murphy discusses why data profiling is key to a successful information management strategy as data sources expand.
Debunking the modern information governance myths of information governance
Data management processes have become more complicated in the big data era, but modern information governance doesn't require radical changes to existing strategies, according Ritter. Here, Ritter identifies five persistent information governance myths and explains why adapting data management processes to the digital age is not as difficult as some businesses may think.
Consumer protection under microscope after Target breach
Although the Target breach occurred at the end of 2013, it was the first of a flurry of high-profile data breaches that had broad data security ramifications throughout the year. In this article, part of our popular IT Compliance FAQ series, we take a closer look at the Target breach and how it led legislators to reexamine retailers' data security and consumer protection measures.