Blog Posts Tagged with "Compliance"


DOJ Weighs-In at Compliance Week

June 03, 2010 Added by:Thomas Fox

Assistant Attorney General for the Criminal Division of the U.S. Department of Justice (DOJ), Lanny Breuer gave the final day’s keynote speech at the Compliance Week 2010 Conference.

Comments  (0)


Anton Chuvakin's Compliance Mega-Epiphany

June 01, 2010 Added by:Anton Chuvakin

After spending a week at an amazing Project Honeynet  2010 Annual “Get-together” in Mexico City, I realized that the workshop environment was missing one big thing: nobody ever mentioned COMPLIANCE (!!!).

Comments  (0)


Compliance or Security?

May 25, 2010 Added by:Mark Gardner

In recent days I have read a few comments like "that's compliance, not security." This has puzzled me. When did the two become divorced? In the interests of full disclosure and for those who have not read anything I have written before, I am an Information Security Auditor, specialising in ISO27001, but I also Audit against other Standards and company policies.

Comments  (11)


Dealing with ISO 27001 & BS 25999-2 Internal Audits

May 20, 2010 Added by:Dejan Kosutic

If this is the first time you have come across the notion of internal auditor, you are probably puzzled – Why would I need another control? Who is going to pay for it? Who should I employ to do it? It is such a waste of time…

Comments  (0)


Hewlett-Packard, Watergate and the FCPA

May 18, 2010 Added by:Thomas Fox

It has been many years since Watergate and the many lasting legacies which occurred from that break-in of the Democratic National Committee. Indeed one of those legacies is the Foreign Corrupt Practices Act (FCPA) itself. This article will focus on one of the more mundane legacies, that of the “Watergate deposition”, which was, for those of us who were riveted by the hearings of the ...

Comments  (0)


FCPA Compliance and Continuous Controls Monitoring

May 09, 2010 Added by:Thomas Fox

In a 2008 speech to the Texas General Counsel Forum, former United States Deputy Attorney General Paul McNulty provided his perspective on Foreign Corrupt Practices Act (FCPA) compliance investigations and the Department of Justice (DOJ) enforcement actions. From his experience as the former second highest-ranking official in the DOJ and the chairman of the President’s Corporate Fraud Task Fo...

Comments  (0)


The Tao of GRC for CISOs and CSOs

March 25, 2010 Added by:Danny Lieberman

The GRC (governance, risk and compliance) market is driven by three factors: government regulation such as Sarbanes-Oxley, industry compliance such as PCI DSS 1.2 and growing numbers of data security breaches and Internet acceptable usage violations in the workplace. $14BN a year is spent in the US alone on corporate-governance-related IT spending . 

Comments  (2)


Need to consolidate information security compliance efforts? Try open source.

March 12, 2010 Added by:Ted LeRoy

Many organizations have to comply with multiple regulatory requirements for their information security infrastructures.  Fragmented efforts to comply Sarbanes-Oxley (sarbox or SOX), Gramm Leach Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA),  Payment Card Industry - Data Security Standard (PCI-DSS), and ISO 27000 series, to name a few, can result in c...

Comments  (0)


Mitigating Risks by Leveraging a Core Business Process

October 20, 2009 Added by:Mike Cuppett

When it comes to audits and other compliance requirements - think Sarbanes-Oxley, PCI-DSS, internal and external audits, etc. - people tend to get a bit uptight and flustered. Fortunately, by keeping a calm head and a rational perspective, your reaction to these challenges can be cool and calm, allowing you to leverage a methodology you already know - risk mitigation.

Comments  (0)


Compliance as a Service

October 01, 2009 Added by:Bob Broda

CaaS would be a value added service that would attract plenty of customers. But how real is the likelihood of this service being offered? There are a number of issues associated the CaaS concept:

Comments  (0)

Page « < 31 - 32 - 33 - 34 - 35 > »