IT Compliance Advisor:

risk management

May 24, 2010  7:25 PM

Paychex risk management analysis method shoots and scores

Posted by: Scot Petersen
CIO, risk management

Final Four bracket pools are not just for basketball fans anymore. In an unusual risk management analysis methodology, payroll and human resource services provider Paychex breaks down its risk...

April 27, 2010  3:58 PM

Principal agent risk needs to be in your risk management model

Posted by: Linda Tucci
Add new tag, ri, risk management

The courts will eventually determine whether the profiteers at Goldman Sachs who spun toxic securities into gold were extremely skilled players in the legal gambling dens of Wall Street, or whether they rigged the house (mortgages). Meantime, even companies that are not being

March 26, 2010  7:46 PM

Experts provide a scary peek into cloud computing security risks

Posted by: Linda Tucci
CIO, cloud computing security, risk management

The cloudiness of cloud computing security is already getting to be an old joke -- certainly, an overused headline. But it was no joke this week listening to the head of IT security at Boston College, the CISO of Brown University, a prominent Boston intellectual property lawyer and the CEO of a...

December 1, 2009  4:34 PM

IT governance, risk and compliance: Buzzword or not, GRC is relevant

Posted by: GuyPardon
carbon compliance, Carbon footprint, compliance, GRC, GTC software, IT compliance, IT governance, regulatory compliance, risk management

As IT professionals log back in after the Thanksgiving holiday break, meeting regulatory compliance mandates continues to occupy significant amounts of both time and...

August 20, 2009  6:09 PM

Amended Massachusetts data protection act focuses on risk management

Posted by: SarahCortes
201 CMR 17.00, compiance, consumer protection, data protection, Federal Trade Commission, FTC, Gramm-Leach-Bliley Act, Information security, IT compliance, Massachusetts’ Data Privacy Law, privacy, regulation, risk management, Security

As Alexander Howard reported earlier today, the Massachusetts data protection law has been amended. The revised data privacy regulations -- 201 CMR 17.00, “Standards for the Protection of Personal...

August 5, 2009  2:13 PM

Compliance officers discuss business, IT alignment at ISACA conference

Posted by: GuyPardon
conference, Information security, Information Systems Audit and Control Association, Information technology audit, Information technology governance, ISACA, risk management

This guest post is from Joe Hewitt, an IT compliance specialist for American Honda Finance Corporation.  His views do not represent those of Honda, any of its divisions, or employees. The 2009 ISACA International Conference held in Los...

June 17, 2009  7:16 PM

Don’t forget business model risk in your risk management strategy

Posted by: Scot Petersen
business model risk, business process automation, CIO, ERP, IT, MIT, podcast, risk management, SOX

The MIT Sloan CIO Symposium on May 20 in Cambridge, Mass., featured several panels on the top issues affecting CIOs. But one panel on governance, risk and compliance afterwards produced the most interesting discussion of the day, for me at least, when I...

April 27, 2009  5:45 PM

Kodak CISO on meeting today’s compliance challenges

Posted by: GuyPardon
Chief information security officer, CISO, compliance, Eastman Kodak, podcast, risk management, RSA Conference, Security

In this IT Compliance Advisor podcast from, associate editor Alexander B. Howard interviews Bruce Jones, chief information...

Bookmark and Share     0 Comments     RSS Feed     Email a friend

April 7, 2009  3:09 PM

Vetting users exposes new compliance risks

Posted by: Scot Petersen
compliance, enterprise risk management, podcast, privacy, risk, risk management, Security

Most visitors to websites arrive and leave relatively anonymously. But as e-commerce evolves, businesses are using the Web to invite in specific users, in order to offer special services to them or participate in a study such as a clinical trial. Steve Ross, a director in the

March 19, 2009  8:43 AM

How do you align an IT risk assessment with COBIT controls?

Posted by: SarahCortes
Audit, business, CISA, COBIT, Information technology, IT controls, risk, Risk assessment, risk management

[One of our readers, compliance officer Ramon de Bruijn, wrote to the editors of at last month looking for some advice. Specifically, he asked "What is the best way to implement a risk assessment in...

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: