2011 Payment Security Practices and Trends Report

Managing payment security is an ongoing challenge for organizations. To help businesses understand management trends and practices among peer groups, CyberSource and Trustwave, in partnership with the Merchant Risk Council (MRC), commissioned the Payment Security Practices and Trends Survey. The report summarizes the findings and provides insights and industry benchmarks, as well as industry trends.

Enterprise Architecture (EA) as an enabler for GRC

Many organisations' governance, risk management and compliance (GRC) practices have not changed for years. The result is organisations are struggling to keep up with the complex regulatory environment and meet external stakeholders' expectations. Many organisations, no matter what sector they trade in are seeking to become more flexible and profitable while increasing internal controls and reducing risk. These objectives appear to be contradictory, but one way large organisations can unite them is by improving their approach to GRC.

Top Requirements for Successfully Automating SOX Quarterly Self-Assessments: Part 2

Recorded: April 27 | 2011    View Webinar 

For many organizations, Sarbanes-Oxley compliance is mandatory; both on the financial side and on the IT side managing the process can be an arduous an unwitting waste of time.  Walkthroughs that need to be reviewed by numerous individuals, tens of controls that need to be sampled and tested in detail can come with time lags that makes an already detailed task more cumbersome.

CISO Handbook: Enterprise iPhone & iPad Security & Compliance

Focused on protecting corporate information as your workforce goes mobile, this CISO Handbook explains:

Expand Compliance Coverage: How to Identify and Manage Compliance with All of Your Data Security and Privacy Obligations

Recorded: 26 May 2010   View Webinar

Presenting: Chris Noell, Executive Vice President, Product Management, TruArx

In this 1-hour webcast, Chris Noell, TruArx EVP of Product Management, discusses why it's important to uncover ALL the data security and privacy regulations which affect your business. Chris will then review obstacles which prevent organizations from managing compliance obligations against more than a handful of regulations.

Building a Better Vulnerability Profile

Organizations of all sizes are dealing with a deluge of security data feeds from disparate solutions – a primary problem being vulnerability scan data. Managing vulnerability data is messy.

Bow Tie Methodology with the ARIS Governance, Risk and Compliance Solution

In risk intensive businesses like the energy sector, a new risk analysis and description methodology has become more and more popular – Bow Tie diagrams. The success of this diagram lies in its clear structure and simplicity which is easy for the non-specialist to understand, but still has sufficient depth for an expert discussion.

How to Effectively Manage the Compliance Lifecycle

In today's world of high uncertainty, rapid economic changes, and increasingly complex regulations, compliance has become a permanent part of doing business. Juggling the requirements of industry regulations, data privacy laws, and government mandates is no easy task, and maintaining ongoing compliance is complicated by constant changes, amendments, and overlaps. What's more, as regulations increase, the resources needed to comply with them increase as well – and so do the stakes.

Ten Questions to Identify Compliance Risks When Sharing Information

Corporate and regulatory compliance policies have forced companies to ensure that information flows are documented, auditable, and highly secure. Yet in order to conduct their business, companies must share sensitive information outside the firewall, introducing serious potential information risk.