All Resource articles – Page 21
-
Resource
Selecting Foundational Controls Makes PCI DSS Compliance Easier
Key components of regulatory compliance include being able to demonstrate the use of appropriate IT-related internal controls that mitigate fraud risk, and the implementation of necessary safeguards for legally protected information that’s electronically stored and transmitted. Read this Dell white paper for a look at PCI DSS security compliance from ...
-
Resource
GRC Capabilities Illustrated Series: Perform GRC Actions and Controls for Principled Performance
Principled performance is all about being able to reliably achieve objectives while addressing uncertainty and acting with integrity. You need to address threats, opportunities, and requirements by encouraging desired conduct and conditions and preventing what is undesired. Performing the right management actions and controls over business operations, risk, and compliance ...
-
Resource
e-Book: Making the Leap From Compliance to ERM
For compliance and audit executives, deciding on the right enterprise risk management (ERM) structure can be a challenge—especially as the risk landscape continues to evolve with a fierce focus on anti-corruption, anti-money laundering, and cyber-security. The trick is moving from the compliance routines of today to a more coherent ERM ...
-
Resource
Managing the Insider Threat with Active Directory Security
Active directory is a prime target for attackers due to its importance in authentication and authorization for all users. Unfortunately, these breaches don’t always originate from the outside. Read this white paper to explore how a typical insider threat unfolds, and how to use best security practices to defend your ...
-
Resource
Challenged by the OFAC 50% Rule?
Is your organization depending on self-reported data to onboard, monitor, and assess risk? Updated Office of Foreign Assets Control (OFAC) guidance from the Department of Treasury has pushed businesses to have rigorous due diligence measures in place to understand the corporate ownership structure of their partners, third parties, customers, and ...
-
Resource
e-Book: Purging Vendor IT Risk
Third-party risk management continues to confound many companies, with compliance officers feeling frustrated that the strategies and processes necessary to keep pace with these risks are evolving faster than their companies can manage. At the same time, technology is becoming increasingly difficult to navigate and can leave businesses vulnerable to ...
-
Resource
The Need for Third-Party Archiving in Office 365
Do you use, or potentially have plans to use, Office 365? If so, remember that your responsibility to archive email remains. You will still need to respond to litigation, routine discoveries, and pervasive regulations. Will Office 365’s email archiving capabilities meet your needs or will you need a better archiving ...
-
Resource
GRC Illustrated Series: Align Your Business for Principled Performance
Principled performance is all about being able to reliably achieve objectives while addressing uncertainty and acting with integrity. That means you need to develop objectives based on a full understanding of the context in which your organization operates and design strategies for operations, risk management, and compliance that are effective ...
-
Resource
e-Book: The Evolving Era of Big Data
Data has broken free from the confines of computers and mobile devices, making it hard for pretty much anyone to control what is collected, how it is aggregated, and how it can be used. To make matters worse, a new breed of connected devices is becoming a far more difficult ...
-
Resource
Actionable Insights from the 2015 World's Most Ethical Companies®
It’s clear that just as regulatory oversight has never been more complex, public expectations about transparency, corporate culture, and business behavior are part of everyday conversation. These factors, among others, have led to an expansion in the field of ethics and compliance. Leading practices of prior years have become today’s ...
-
Resource
Epic Data Fails: How Companies Can Lose 20% of Their Value in 10 Minutes
Data security is paramount, and inadvertent data exposure (either due to malicious intent or human error) can cost companies millions of dollars. Every day, we engage in mundane activities that could be placing sensitive data at risk without our knowledge.Novaworks’ white paper, Epic Data Fails: How Companies Can Lose 20 ...
-
Resource
GRC Illustrated: Learning Lessons for Principled Performance
Principled performance is all about being able to reliably achieve objectives while addressing uncertainty and acting with integrity. That dictates setting objectives and strategies, based on a full understanding of the external and internal contexts within which our organization operates and responding to them appropriately. We must ask:What might happen ...
-
Resource
Lessons from the LIBOR Scandal
The manipulation of the London Interbank Offered Rate (LIBOR) has urged further analysis of electronic communications usage within regulated firms. The electronic communications landscape continues to evolve, as information is constantly created, exchanged, and stored. For regulated firms, it is essential to monitor and manage the flow of information to ...
-
Resource
e-Book: Conducting Effective Investigations
Corporate investigations are a critical component of a robust compliance program; without the right resources to investigate allegations of wrongdoing, a company can suffer serious financial damages, and its credibility with regulators can also be called into question.To help compliance officers and legal teams navigate those challenges, this e-Book produced ...
-
Resource
e-Book: Leading Practices for Audit Committees
Serving on a corporate audit committee has not been easy for some time now. Required disclosures are likely to increase; the workload in dealing with the external audit firm will increase as well. Without careful attention, your audit fees will go the same way too.To help audit committees—and the corporate ...
-
Resource
Governance, Risk, and Compliance Software - Maintain Your IT Budget with Consistent Compliance Practices
Governance, Risk, and Compliance (GRC) software can help state and local governments move from a reactive to a proactive stance with their IT systems. It lets them answer the question, "How long since your last…?" with a comforting "less than an hour ago." Read this third-party report to learn about ...
-
Resource
Best Practices Guide for IT Governance & Compliance
Federal regulations, such as the Sarbanes-Oxley Act (SOX), the Health Insurance Portability Accountability Act (HIPAA), and the more recent Payment Card Industry (PCI) initiative, require businesses to know exactly what changes are being made to structured and unstructured data in their corporate networks. As a result, IT organizations need to ...
-
Resource
Ensuring Enterprise Visibility, Auditing, and Reporting for Windows Environments
Systems and security administrators must achieve and prove IT compliance and security, support active directory migrations, and report on the configuration of active directory, Windows file servers, and SQL servers across their enterprise. With a manual approach, these become Herculean, error-prone tasks that increase the risk of security breaches and ...
-
Resource
Insider Threat Spotlight Report
Get comprehensive survey findings from more than 500 cyber-security professionals, all offering unique insights into the state of insider threats today, as well as the best solutions to keep your network protected. Find out how your peers can help you:Understand the five growing trends for insider threatsChoose the right security ...
-
Resource
Google EU User Consent Policy: Are You Compliant?
Google recently announced it will be implementing a new user consent policy. Essentially, this new policy requires all websites serving EU visitors, including those not based in the European Union, to comply with the EU Cookie Directive.The EU Cookie Directive has led to a concerted effort by regulators to set ...