Regulatory Reality:

November, 2010

1

November 29, 2010  3:19 PM

You can’t have partial regulatory compliance



Posted by: David Schneier
assessment, Audit, CISO, compliance, compliance officer, HIPAA, ISO, PII, regulatory, Regulatory Compliance

I recently decided to establish an automatic link between my personal checking account and a mutual fund account that was established for my son years ago when he was a baby.  The account was originally funded with a gift from a family member and while it's grown reasonably well percentage-wise,...

November 16, 2010  6:07 PM

What is the practical value of compliance policies?



Posted by: David Schneier
Audit, bcp, compliance, general controls, GLBA, NCUA, regulatory, Regulatory Compliance, risk, risk assessment, Security

My practice recently wrapped up an engagement in which we conducted a tabletop test of a client's business continuity plan.  As always with such exercises, it's interesting to find out how much distance exists between what's documented in an institution's policy/program and how business is...


November 2, 2010  2:33 PM

Risk management process demands vigilance



Posted by: David Schneier
assessment, Audit, controls, GLBA, NCUA, regulatory, Regulatory Compliance, risk assessment

I was in the midst of writing my weekly blog post focusing on threadbare thin compliance efforts when I was distracted by news of a potential terrorist incident.  As you likely know by now, it appears that Al-Qaeda was either attempting to send explosive devices onto airplanes or was conducting a...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: