IT Compliance Advisor:



August 21, 2009  4:10 PM

Clarifying mobile encryption requirements for 201 CMR 17.00 compliance

Posted by: GuyPardon
201 CMR 17.00, business, Chief information officer, CIO, compliance, data protection, encryption, IT compliance, Mobile phone, Open source, Personally identifiable information

When I reported on amendments to the Massachusetts data protection law earlier this week, one of the comments that undersecretary of consumer affairs Barbara Anthony made was a point of interest...

July 20, 2009  7:26 PM

Managing e-discovery and compliance: What would Eliot Spitzer do?

Posted by: SarahCortes
Audit, business, compliance, e-discovery, Eliot Spitzer, high-risk data, market timing, Massachusetts, privacy, Project management, Putnam, Putnam Investments, regulation, Security, Technology

E-discovery - or electronic discovery - has many technical aspects. Questions of available tools, case law, regulations and scope are critical. One of the most important and often overlooked...

June 23, 2009  7:16 PM

Booz Allen wins Open Enterprise Award for collaborative environment

Posted by: GuyPardon
Booz Allen Hamilton, business, collaborative environment, E20, Enterprise 2.0, European Union, Human resources, Intranet, open enterprise, PeopleSoft, Social Enterprise

Booz Allen Hamilton won the Open Enterprise Award for 2009 at the Enterprise 2.0 Conference in Boston today for their innovative internal collaborative environment. The Open Enterprise...

June 23, 2009  11:13 AM

Should data security and privacy laws specify data encryption?

Posted by: SarahCortes
201 CMR 17.00, business, California Data Security and Privacy Law, civil liberties, compliance, consumer protection, Cryptography, data encryption, Data Security, GLB, Health Insurance Portability and Accountability Act, HIPAA, Information security, IT security, Massachusetts Data Security and Privacy Law, Massachusetts SB 173, Massachusetts Senate, Massachusetts’ Data Privacy Law, MGL 93H, privacy, Privacy Law, Security, SOX, Technology

Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 26, 2009  2:05 PM

Prepare for compliance auditors: Review policies and standards

Posted by: SarahCortes
Access control, business, compliance, compliance audit, Information Systems Audit and Control Association, ISACA, regulatory compliance, Security

So you got the word, the compliance auditors are coming in. It’s like that big squash or tennis match. You’re feeling pretty good, and you think you’re ready. After all, you’re an IT professional, conscientious, hard-working and knowledgeable. But do you know what standard the auditors will...

March 19, 2009  8:43 AM

How do you align an IT risk assessment with COBIT controls?

Posted by: SarahCortes
Audit, business, CISA, COBIT, Information technology, IT controls, risk, Risk assessment, risk management

[One of our readers, compliance officer Ramon de Bruijn, wrote to the editors of at last month looking for some advice. Specifically, he asked "What is the best way to implement a risk assessment in...

March 12, 2009  5:09 PM

Considering the future of compliance at Compliance Decisions

Posted by: GuyPardon
business, compliance, compliance decisions, conference, Information security, Information Security Governance, regulatory compliance, risk management, Security, Statement on Auditing Standards No. 70: Service Organizations, Symantec, Twitter, Virtual private network

The Compliance Decisions Summit taking place in Newton, Mass., got off to a great start this morning.

February 12, 2009  4:59 AM

LegalTech 2009: The intersection of e-discovery and information governance

Posted by: GuyPardon
business, Interwoven, Law, Law firm, Lawsuit, New York

This is a guest post from Barclay T. Blair, author of Information Nation and head of the information governance practice at Forensics Consulting Solutions LLC.

Last week I made the trek to New York to attend

Bookmark and Share     0 Comments     RSS Feed     Email a friend

February 2, 2009  7:41 PM

How will the Massachusetts Data Protection Law affect IT compliance?

Posted by: GuyPardon
business, Chief information officer, data protection, Government, Harvard Medical School, Health care, Massachusetts, Office of Consumer Affairs, PIFI, PII, regulatory compliance

The Massachusetts Office of Consumer Affairs and Business Regulation established a significant new regulations in 2008, 201 CMR 17.00: Standards for...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: