Blog Posts Tagged with "Governance"

F520f65cba281c31e29c857faa651872

GRC is Not a Tool But a Business Enabler

June 04, 2011 Added by:Rahul Neel Mani

GRC is not an out of the box solution, which would immediately make you compliant. It is a tool that will allow you to collect information, report to you, help you to make changes in it, put the feedback into the new policy, see how much variance exists...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Four Components of a Successful SSA Program

February 15, 2011 Added by:Rafal Los

Process can be outlined in documentation and stored on a network share or published in a booklet on everyone's desktop. Process can be a workflow-driven project management system that requires a security-infused approach from requirements gathering all the way through post-release...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Internal Controls Under the FCPA

February 11, 2011 Added by:Thomas Fox

Generally speaking, Internal Controls are policies, procedures and training which are installed to safeguard that a business’ assets are utilized in an appropriate manner; with proper oversight and approval and that all company transactions are properly recorded in its books and records...

Comments  (0)

21d6c9b1539821f5afbd3d8ce5d96380

GovCloud Predictions for 2011

January 02, 2011 Added by:Kevin L. Jackson

2011 will be the breakout year for GovCloud. Pressure to reduce budget, pressure to manage resources better, and the political pressure of the next presidential election will combine to accelerate adoption. The GSA IaaS groundwork has been laid and new policies are just about ready to be released...

Comments  (0)

E2c407e8f2b2f7e67cf000863bd588da

Computer Security Incident Response - Part 3

November 16, 2010 Added by:John McGloughlin

The efficiency and effectiveness of the Security Operations Center (SOC) team depends on disciplined conduct, continuous communication, uniformed approach, low defect rates and positive attitudes. This team is the basis of a continuous effort to protect the assets of the corporation...

Comments  (0)

E2c407e8f2b2f7e67cf000863bd588da

Computer Security Incident Response - Part 2

November 10, 2010 Added by:John McGloughlin

If you’re part of a policy making body and maybe don’t have very much real world cyber-combat experience - don’t put together a flow chart for how to deal with a reconnaissance threat and hand it to the operational team. You’ll just piss them off and the objective will be lost...

Comments  (0)

959779642e6e758563e80b5d83150a9f

The Tao of GRC for CISOs and CSOs

March 25, 2010 Added by:Danny Lieberman

The GRC (governance, risk and compliance) market is driven by three factors: government regulation such as Sarbanes-Oxley, industry compliance such as PCI DSS 1.2 and growing numbers of data security breaches and Internet acceptable usage violations in the workplace. $14BN a year is spent in the US alone on corporate-governance-related IT spending . 

Comments  (2)

Page « < 1 - 2 - 3 > »