Home > IT Blogs > Regulatory Reality/

Regulatory Reality:

governance

12
September 1, 2009  3:29 PM

IT audits versus reviews



Posted by: David Schneier
Audit, compliance, general controls, GLBA, governance, GRC, IT, ITGC, NCUA, Regulatory Compliance, risk, risk assessment

I had mentioned in my last post a recent conversation with my partner regarding a proposed IT general controls (ITGC) audit. My primary role in our practice is to head up regulatory compliance services which includes audits, assessments and program development; my...

  Bookmark and Share     1 Comment     RSS Feed     Email a friend

July 2, 2009  2:53 AM

2 for 1 sale: How governance leads to compliance.



Posted by: David Schneier
Audit, compliance, GLBA, governance, GRC, PCI, Regulatory Compliance, SOX

A while back I’d written about the Unified Compliance Framework from Network Frontiers, which takes quite literally every regulation and framework within the IT domain and maps them in such a way where you can identify how a single control addresses multiple requirements. In...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

May 14, 2009  6:38 PM

Who put the G in GRC?



Posted by: David Schneier
Audit, compliance, governance, GRC, Regulatory Compliance, risk

I’m something of an advocate for Governance, Risk and Compliance (GRC) and have been for several years.  I’ve been known to rant a bit how it’s not properly organized as an acronym because everyone who knows knows that risk comes first and so it should’ve been...

  Bookmark and Share     3 Comments     RSS Feed     Email a friend

12