IT Compliance Advisor:

Information security


April 8, 2014  5:44 PM

Transparency, business-wide buy-in key components of GRC strategy



Posted by: Ben Cole
CIO, GRC, information risk management, Information security

The recent news that a former Microsoft employee was being charged by federal prosecutors for providing confidential company software code to a tech blogger raised interesting questions. While the former employee's acts were certainly criminal, there was also controversy concerning

August 26, 2013  7:05 PM

GRC, big data require law firms to reexamine information governance



Posted by: Ben Cole
CIO, compliance audit, compliance management, cyber security, data breaches, data protection, data security and storage, e-discovery, information governance, Information security, Law, Law firm

Big data presents numerous data governance challenges: Regulatory compliance, information security and risk management and are all complicated by the amount of data generated by the average business today. Law firms are very affected by this exponential data growth and the increased


September 28, 2009  9:23 PM

Information security and compliance resources from around TechTarget



Posted by: GuyPardon
compliance, Health care, Health Insurance Portability and Accountability Act, HITECH, Information security, IT compliance, Payment card industry, PCI DSS, policy, Security, Wired Equivalent Privacy

The laws and regulations that CIOs and CISOs must understand and reflect in their operations are by nature applicable to many different areas of information technology. As a recent study on the privacy profession showed,


September 11, 2009  8:46 PM

The fundamentals of information security for SMBs — easy to read, free



Posted by: Linda Tucci
Information security, NIST

Information security pros weary of explaining the basics of protecting their companies’ information, systems and networks to employees who really don’t want to be bothered might want to take a look at “Small...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


August 25, 2009  5:29 PM

Capability and Maturity Model Creation in Information Security



Posted by: GuyPardon
CMM, compliance, Information security, Information security management system, International Organization for Standardization, Payment card industry, PCI DSS, Security

This is a guest post from Secure Payments and Chaordic Design Evangelist Michael Dahn. He blogs frequently about PCI and information security at ChaordicMind.com. Contact him there or follow @sfoak on...


August 20, 2009  6:09 PM

Amended Massachusetts data protection act focuses on risk management



Posted by: SarahCortes
201 CMR 17.00, compiance, consumer protection, data protection, Federal Trade Commission, FTC, Gramm-Leach-Bliley Act, Information security, IT compliance, Massachusetts’ Data Privacy Law, privacy, regulation, risk management, Security

As Alexander Howard reported earlier today, the Massachusetts data protection law has been amended. The revised data privacy regulations -- 201 CMR 17.00, “Standards for the Protection of Personal...


August 17, 2009  9:22 PM

201 CMR 17 FAQ: Updates to Massachusetts data protection law



Posted by: GuyPardon
201CMR17, compliance, data protection, encryption, FTC, Information privacy, Information security, Personally identifiable information, privacy, Security

Earlier today, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) issued an update to 201.CMR.17, the


August 5, 2009  2:13 PM

Compliance officers discuss business, IT alignment at ISACA conference



Posted by: GuyPardon
conference, Information security, Information Systems Audit and Control Association, Information technology audit, Information technology governance, ISACA, risk management

This guest post is from Joe Hewitt, an IT compliance specialist for American Honda Finance Corporation.  His views do not represent those of Honda, any of its divisions, or employees. The 2009 ISACA International Conference held in Los...


July 22, 2009  2:29 PM

Compliance resources: Tips and news from around TechTarget



Posted by: GuyPardon
Cloud computing, Health Insurance Portability and Accountability Act, identity theft, Information security, Security

Did you know that TechTarget now has more than 60 different websites, each of which focuses on a different form of technology? You can find compliance resources on nearly...


July 17, 2009  10:22 AM

No easy answers for complying with data protection regulations



Posted by: Scot Petersen
compliance, data protection regulations, encryption, Information security, MA 201 CMR 17

As the effective date of Jan. 1, 2010, approaches for Massachusetts’ data protection regulation, business owners and information security managers are getting a little bit edgy about compliance with MA 201 CMR...

Bookmark and Share     1 Comment     RSS Feed     Email a friend


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: