Compliance Jurisdictions Across Borders By Lamont Wood
When it comes to regulatory compliance, the fact that jurisdictions cross international borders may be a show-stopper, or may prove to be irrelevant. But it's almost impossible to know in advance where the show-stoppers lie. more...
Seven Steps to Fight Product Counterfeiters By Philip Gallagher
Large and small businesses throughout the world face a growing threat from counterfeiting and piracy, with annual global trade in fake goods now worth more than $600 billion, up from $5.5 billion in 1982. more...
Classify This! 10 Best Practices to Jumpstart Your Data Classification Program By Mathew Schwartz
Many CIOs dream of applying automated classification to any data generated in the enterprise in hopes of ensuring scarce security resources will protect its most sensitive data. more...
Continuous Auditing: Tips from the Front Line by Lamont Wood
Done right, continuous auditing should actually result in less work and expense than traditional auditing. But, that assumes that the task is approached correctly, the right fundamentals in place, and you avoid various pitfalls.
more...
Progress Report on New Federal Rules on E-Discovery By Christopher Hord
It has been more than a year since amendments to the Federal Rules of Civil Procedure concerning the discovery of “electronically stored information” went into effect. more...
PCI compliance lagging in Europe By Mathew Schwartz
European companies’ PCI compliance levels appear to be markedly lower than their business counterparts in North America. See how the experts explain the difference more...
IT Policy Compliance: 2007 Year in Review By Lamont Wood
Looking back, we may one day hail 2007 as the year when the dusty topic of document retention became a matter of corporate life and death. Thanks to the pervasiveness of networked computers, corporate data proved again and again that it could not only leak into the wild, but, once there, take on a life of its own—and do enormous harm to its parent. more...
Strategies for a Successful PCI DSS Audit By Christopher Hord
Negative publicity surrounding high profile data breaches, legislative scrutiny and economic pressure from banks and credit card companies are all forcing organizations to comply with the Payment Card Industry Data Security Standard (PCI DSS), if they have not already done so. However, unless it's done efficiently, the process of compliance can be complex and expensive. Conversely, done right, your compliance efforts can help you remain in compliance as the PCI DSS is updated. more...
Retrieval survival: Are you prepared? By George V. Hulme
From e-mail servers to PDAs to terabyte-sized databases — electronic information is sprawling. Companies need to be prepared to find any requested information before they find themselves embroiled in a lawsuit or having to answer auditors’ questions. more...
Understanding J-SOX Requirements: An IT perspective By Aki Tohyama
J-SOX is the unofficial name that refers to recent Japanese legislation on financial reporting requirements similar to those of the Sarbanes-Oxley Act sections 302 and 404 in the United States. more...
Crossing the International Auditing Divide By Jennifer Baljko
It's no use trying to run and hide. If companies want to play in the global economy, they'll have to contend with all sorts of regional, national and international auditing practices and legislation. more...
Who Calls the Shots on Transatlantic Data Privacy? Philip Gallagher
These days, the US and EU authorities are playing hardball over data transfer rules. Supposed legal safeguards do not appear to be working as intended. more...
Understanding the Risk Management Process
See how internal auditors can help identify risks, as well as their likelihood and impact, and contribute to a more effective risk management plan. more...
E-Discovery Rules: Turn Risk To Advantage By Jennifer Zaino
E-discovery is serious business. While SOX compliance has cost companies a lot of money over the past few years, e-discovery claims an even larger share of spending. more...
Recommendations for an Effective Continuous Audit Process
See how you can implement an effective continuous audit program by knowing what it does, how it works and how to get started. more...
IT Compliance Trends to Watch in 2007 by Mathew Schwartz
Expect business users to take more responsibility for complying with regulations and avoiding data breaches, as organizations increasingly use encryption, NAC, and tap frameworks to create repeatable, cost-effective compliance. more...
New Rules, New Roles for CISO George Hulme
From the backroom to the boardroom, the demands of regulatory compliance have forever changed the role of the chief information security officer. more...
IT Compliance: The Year in Review by Lamont Wood
In the field of IT compliance, the year 2006 was hardly dull. Here is a quick review. more...
Pay Now or Later: Complying with Data Protection and Privacy Laws by Lamont Wood
If your firm stores consumer data, you can pay the price to comply with data protection and privacy regulations. Or you can risk being non-compliant. more...
Why a Web Site for IT Compliance Research?
Jim Hurley
This new web site is designed to fill a gap in knowledge about IT compliance performance trends by providing research that will help benchmark current practices. more...
Benchmark Backgounder Jim Hurley
This Q&A with Jim Hurley looks at what the benchmarks are, what they are not, and how the findings can be used. more...
| 
