| > | Why Automating Vulnerability Management Pays
New research shows how automating procedures to find and fix vulnerabilities and unknown exploits in IT systems reduces unexpected business downtime and data loss or theft, and how it contributes to reductions in IT audit deficiencies.
more |
| > | Automation, Practice and Policy for Better Information Security
See how organizations use specific practices and policies to minimize downtime caused by information security problems and deficiencies, and achieve the fewest incidents of loss or theft of sensitive information. more |
| > | Best Practices for Managing Information Security
Benchmark research suggests that organizations with CISOs managing the information security function get much better results. More |
| > | Verizon Data Breach Investigations Report
Interesting findings from investigations of the Verizon Business Risk Team More |
| > | Research into Best Practices for Info Security and IT Audit
A recent IT-PCG research report identifies best practices that help improve service levels and data protection. more |
| > | Guidance on Monitoring Internal Control Systems
AICPA: based on COSO guidance More |
| > | Risk Readiness and Redundancy for PCI
Symantec: covers current state of PCI regulations and mandates More |
| > | Resource Guides
Protiviti: topics include internal audit, Sarbanes Oxley and risk management among others. More |
| > | Information Technology Audit Guidance
The IIA: covers Global Technology Audit Guide and Guide the the Assessment of IT Risk More |
| > | Healthcare topics
Symantec: covers patient care, electronic discovery and regulatory compliance among other topics.
More |
| > | Topical Guidance
ISACA: covers standardsm research, CobiT, certification, ICQ and audit programs, ValIT, and the Informaiton Systems Control Journal among others. More |
| > | International Standards for the Professional Practice of Internal Auditing
The IIA: covers standards for attribution and performance among others. More |
| > | Research Report on InfoSec Savings: New ITPCG research indicates significant savings potential for information security and audit with incremental spending for best practices. More |
| > | Report on the Underground Economy: New research from Symantec shows undergound economy is thriving and growing. The report details what's being traded, financial risk and loss to on-balance sheet economies, information most at risk, and demographic distribution of the new Internet black-hole economy. Report |
| > | Costs of Legal Custody of Information - IT-PCG research shows spending on legal custody of information for legal settlements, legal expenses, and IT costs is up to 94 percent lower for firms with best practices. More |
| > | Top Business/Technology Challanges and Opportunities
New research from ISACA shows regulatory compliance, IT management and governance, and information security are the top threee challenges facing organiations today. More |
| > | The 2008 CSI Computer Crime and Security Survey is available direclty from the Computer Security Institute. More |
| > | Critical Connections on the Cyber Frontier
This report highlights the need for continued education, cooperation, and shared connections between private and public sectors to improve the protection of vital information. More |
| > | IT Governance, Risk and Compliance Management in the Real World
This research report from EMA, conduced with more than 200 particpants, identifies the processes, practices and technologies most highly valued by high performers. This report is available to EMA Premium Subscribers. More |
| > | The IT Policy Compliance Group has issued new research titled 2008 Annual Report: IT Governance, Risk and Compliance — Improving business results and mitigating financial risk More |
| > | In Control? Gaining competitive advantage through governance, risk and control best practices
New research published by Deloitte sheds light on the progress of 32 major financial services institutions from around the World in developing governance and control systems. More |
| > | Evolution of Risk and Controls: from Score-Keeping to Strategic Partnering from KPMG based on research conducted by the Economist Intelligence Unit looks at the ascent that risk and controls managment is making and the challaneges facing organizations. More |
| > | The IT Policy Compliance Group has released its latest research report entitled "Core Competencies for Protecting Sensitive Data." More |
| > | Ernst & Young's report in conjuction with Oxford Analytica, Strategic Business Risk 2008 The Top 10 Risks for Business should be top of mind for senior managers. The report explores, in depth, strategic risks facing twelve of the worlds most important industrial sectors and provides comparative findings for others. More |
| > | This IT Policy Compliance Group research report entitled “Why Compliance Pays: Reputations and Revenues at Risk,” helps to quantify the risks and financial penalties that come from non-compliance and data loss. More |
| > | While viruses and worms remain the most common security problems, data theft concerns are not far behind, according to InformationWeek's 10th annual Global Information Security survey. More |
| > | The IT Policy Compliance Group has recently released a research report entitled “Taking Action to Protect Sensitive Data.” According to the report, twenty percent of organizations are suffering from 22 or more sensitive data losses per year. More |
| > | The Compliance Journey: research from KPMG finds that organizations could better leverage IT resources to reduce costs and improve responsiveness. More |
| > | The 2006 Global Information Security Survey
Conducted by Ernst and Young with nearly 1,200 organizations in 48 countres, this research report includes findings covering organizational structure, leveraging the impact of compliance, data protection and privacy, business continutity and practices. More |
| > | Realtime-ITCompliance If you're looking for other sources for news, research and opinions, see what others are saying at the Realtime-ITCompliance site. More |
| > | Managing Spending in IT to Improve Compliance Results - Find out how spend and how it is is being allocated, are both aligned with compliance results in this newest benchmark report.
More |
| > | IT Control Objectives for Sarbanes Oxley - 2006
This document, issued by the ITGI, reflects the latest findings on IT control objectives for Sarbanes Oxley. More |
| > | Sabanes-Oxley Section 404: A Guide for Management by Internal Control Practioners: The IIA's guide to SOX 404 guidance for management based on real-world experience by internal auditors and reflecting SEC and PCAOB guidance. More |
| > | Information Security Governance
This report reviews the importance of governance for the security of information and IT systems and delivers guidance for boards members and executive managers. More |
| > | Emerging Trends in Internal Controls, Fourth Survey:
Ernst & Young’s survey of 255 accelerated filers shows that companies are looking for ways to leverage their learning and approaches to compliance and the management of risk - beyond financial reporting. More |
