IT Compliance Advisor:



April 21, 2009  2:42 PM

Database logging and privileged access control

Posted by: SarahCortes
Access control, Audit, Audit trail, Chief information security officer, COBIT, compliance, log files, log management, Sarbanes-Oxley Act, Security

Ship captains have long started their days by initialing log entries. As a former senior security executive at a financial services firm with $500 billion in assets under management and over 20,000 employees, my day would start similarly. Each morning, I’d take responsibility for reviewing lists...

April 9, 2009  4:00 PM

Keep your change management process simple

Posted by: Scot Petersen
change management, COBIT, ISO, ITIL

This is a guest post by Laurence Anker, engagement manager, technology risk management, at Jefferson Wells International Inc. The only constant in information technology today is change. The changes are broad and rapid across the domains of hardware, system software, application...

March 31, 2009  2:36 PM

Prepare for compliance auditors: Encourage compliance with IT policies

Posted by: SarahCortes
Access control, COBIT, compliance, compliance audit, Firewall, policy, Security

This post is the second in a two-part series. The first post, "review policies and standards," addressed the first step in preparing for the auditors....

March 19, 2009  8:43 AM

How do you align an IT risk assessment with COBIT controls?

Posted by: SarahCortes
Audit, business, CISA, COBIT, Information technology, IT controls, risk, Risk assessment, risk management

[One of our readers, compliance officer Ramon de Bruijn, wrote to the editors of at last month looking for some advice. Specifically, he asked "What is the best way to implement a risk assessment in...

February 27, 2009  7:20 PM

IT compliance policies, standards and technical directives

Posted by: GuyPardon
Capability Maturity Model Integration, COBIT, Information Systems Audit and Control Association, Information Technology Infrastructure Library, National Institute of Standards and Technology, Standard

"A day at the beach can turn into a hurricane fast." That's the tagline Sarah Cortes chose for Inman TechnologyIT, her Cambridge, Massachusetts-based...

February 18, 2009  9:37 PM

Windows compliance: Resources on data retention and data protection

Posted by: GuyPardon
CCO, CIO, COBIT, compliance documentation, data protection, data retention, IT compliance, Linux, Microsoft, Microsoft SharePoint, Microsoft Windows, Operating system, RSS, Windows compliance

As any CIO or compliance officer knows, compliance affects multiple parts of IT infrastructure and the organization as a whole. Strategy, security, storage, networking, records keeping and human resources are all part of the mix. As an editor at, that means I scan the


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: