IT Compliance Advisor:

March, 2009

1

March 31, 2009  2:36 PM

Prepare for compliance auditors: Encourage compliance with IT policies



Posted by: SarahCortes
Access control, COBIT, compliance, compliance audit, Firewall, policy, Security

This post is the second in a two-part series. The first post, "review policies and standards," addressed the first step in preparing for the auditors....

March 30, 2009  2:01 PM

60 Minutes: ‘The Internet is infected’ with the Conficker worm



Posted by: GuyPardon
Anti-Virus, April Fools Day, Conficker, Denial-of-service attack, Information security, intrusion defense, malware, Microsoft, Microsoft Windows, Security, security policy, Windows Malicious Software Removal Tool

Leslie Stahl's segment on 60 Minutes on the danger of the Conficker worm releasing a massive DDoS attack or other malicious action on April 1 has received...


March 26, 2009  6:57 PM

Know your PCI DSS requirements



Posted by: Scot Petersen
compliance, credit cards, e-commerce, Heartland, Heartland Payment Systems, PCI, PCI DSS, QSA, Qualified Security Assessor, retail

IT Knowledge Exchange blogger Charles Denyer has some sound...


March 26, 2009  2:05 PM

Prepare for compliance auditors: Review policies and standards



Posted by: SarahCortes
Access control, business, compliance, compliance audit, Information Systems Audit and Control Association, ISACA, regulatory compliance, Security

So you got the word, the compliance auditors are coming in. It’s like that big squash or tennis match. You’re feeling pretty good, and you think you’re ready. After all, you’re an IT professional, conscientious, hard-working and knowledgeable. But do you know what standard the auditors will...


March 23, 2009  7:13 PM

Cloud compliance: Will PCI be applied to cloud computing by the FTC?



Posted by: GuyPardon
Amazon.com, cloud compliance, Cloud computing, Cloud Security, Google, Hewlett-Packard, IBM, Payment card industry, PCI, SaaS, Sun Microsystems

The hype around cloud computing may have subsided, but the issues around adapting and adopting the underlying model are as hot...


March 19, 2009  8:43 AM

How do you align an IT risk assessment with COBIT controls?



Posted by: SarahCortes
Audit, business, CISA, COBIT, Information technology, IT controls, risk, Risk assessment, risk management

[One of our readers, compliance officer Ramon de Bruijn, wrote to the editors of SearchCompliance.com at editor@searchcompliance.com last month looking for some advice. Specifically, he asked "What is the best way to implement a risk assessment in...


March 13, 2009  8:54 PM

Coming: State privacy laws run amok



Posted by: Scot Petersen
compliance, conference, data protection, encryption, governance, MA data protection law, regulatory compliance, risk management

As business owners are preparing for the new Massachusetts data protection law, also known as 201 CMR 17: Standards for The Protection of Personal Information of Residents of the...


March 13, 2009  6:03 PM

Risk-based approach to information governance at Compliance Decisions



Posted by: GuyPardon
Capability Maturity Model Integration, compliance, conference, data protection, encryption, governance, Information security, MA data protection law, regulatory compliance, Risk assessment, risk management, Twitter, Virtualization

As I wrote yesterday, the Compliance Decisions Summit got off to a great start when Eric Holmquist and Richard Mackey considered the

  Bookmark and Share     0 Comments     RSS Feed     Email a friend


March 12, 2009  5:09 PM

Considering the future of compliance at Compliance Decisions



Posted by: GuyPardon
business, compliance, compliance decisions, conference, Information security, Information Security Governance, regulatory compliance, risk management, Security, Statement on Auditing Standards No. 70: Service Organizations, Symantec, Twitter, Virtual private network

The Compliance Decisions Summit taking place in Newton, Mass., got off to a great start this morning.


March 5, 2009  4:44 PM

Weekly Digest: Compliance headlines from Twitter for March 5, 2009



Posted by: GuyPardon
Boston Massachusetts, compliance, conference, Google Health, hashtags, HIPAA, Information Technology Infrastructure Library, ITIL, Online Communities, Social network, Twitter, web

As those of you who have followed the launch of SearchCompliance.com know, we've been using our @ITCompliance account on Twitter to share news, find our audience, get the freshest compliance news and pass on...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: