Blog Posts Tagged with "Governance"


GRC is Not a Tool But a Business Enabler

June 04, 2011 Added by:Rahul Neel Mani

GRC is not an out of the box solution, which would immediately make you compliant. It is a tool that will allow you to collect information, report to you, help you to make changes in it, put the feedback into the new policy, see how much variance exists...

Comments  (0)


Four Components of a Successful SSA Program

February 15, 2011 Added by:Rafal Los

Process can be outlined in documentation and stored on a network share or published in a booklet on everyone's desktop. Process can be a workflow-driven project management system that requires a security-infused approach from requirements gathering all the way through post-release...

Comments  (0)


Internal Controls Under the FCPA

February 11, 2011 Added by:Thomas Fox

Generally speaking, Internal Controls are policies, procedures and training which are installed to safeguard that a business’ assets are utilized in an appropriate manner; with proper oversight and approval and that all company transactions are properly recorded in its books and records...

Comments  (0)


GovCloud Predictions for 2011

January 02, 2011 Added by:Kevin L. Jackson

2011 will be the breakout year for GovCloud. Pressure to reduce budget, pressure to manage resources better, and the political pressure of the next presidential election will combine to accelerate adoption. The GSA IaaS groundwork has been laid and new policies are just about ready to be released...

Comments  (0)


Computer Security Incident Response - Part 3

November 16, 2010 Added by:John McGloughlin

The efficiency and effectiveness of the Security Operations Center (SOC) team depends on disciplined conduct, continuous communication, uniformed approach, low defect rates and positive attitudes. This team is the basis of a continuous effort to protect the assets of the corporation...

Comments  (0)


Computer Security Incident Response - Part 2

November 10, 2010 Added by:John McGloughlin

If you’re part of a policy making body and maybe don’t have very much real world cyber-combat experience - don’t put together a flow chart for how to deal with a reconnaissance threat and hand it to the operational team. You’ll just piss them off and the objective will be lost...

Comments  (0)


The Tao of GRC for CISOs and CSOs

March 25, 2010 Added by:Danny Lieberman

The GRC (governance, risk and compliance) market is driven by three factors: government regulation such as Sarbanes-Oxley, industry compliance such as PCI DSS 1.2 and growing numbers of data security breaches and Internet acceptable usage violations in the workplace. $14BN a year is spent in the US alone on corporate-governance-related IT spending . 

Comments  (2)

Page « < 1 - 2 - 3 > »