IT GRC Forum

FacebookJoin our Linkedin Group!Follow us on Twitter!Subscribe to our Feeds!

Most Popular

E-mail

Software AGHow to Implement Effective Enterprise Risk Management

Over the past few years, organizations are more focused on "being in control." They are increasingly—often forced by regulations—building and implementing processes that underpin the company's "In Control Statement". The inevitable extra costs and efforts are often seen as a burden, distracting people from what they should focus on: doing business!

Read more...
 
E-mail

corpintegrityRegulatory Intelligence: Approaching Regulatory Change in a Consistent Process

The old paradigm of regulatory change management is clearly a recipe for disaster given the volume, pace of change and the broader operational impact of today's laws and regulations. Just as the CFO needs a financial system or the sales department needs CRM, legal and compliance need regulatory intelligence.

Read more...
 
E-mail

MEGAEnterprise Architecture (EA) as an enabler for GRC

Many organisations' governance, risk management and compliance (GRC) practices have not changed for years. The result is organisations are struggling to keep up with the complex regulatory environment and meet external stakeholders' expectations. Many organisations, no matter what sector they trade in are seeking to become more flexible and profitable while increasing internal controls and reducing risk. These objectives appear to be contradictory, but one way large organisations can unite them is by improving their approach to GRC.

Read more...
 
E-mail

www.fixmo.comMobile Security and Risk Management

The proliferation of smartphones, tablets, mobile apps and BYOD policies are revolutionizing the way we work, but are also exposing organizations to increased operational risk and a growing range of security threats. Read this white paper for a comprehensive approach to mobile security, risk management and compliance for the new era of mobile computing and BYOD in the workplace.

Read more...
 
E-mail

CoalfireComplying with PCI-DSS Requirement 9.9

The physical Point-of-Interaction (POI) devices that accept and process credit card transactions can be one of the most vulnerable attack vectors for criminals intent on stealing cardholder data. The combination of advancing technologies like 3D printing or near field communication (NFC) with outdated policies and untrained staff allows fraudsters an opportunity for substitution of POIs and insertion of physical skimmers that can result in huge losses of cardholder data.

Read more...
 
E-mail

www.lockpath.comEnabling ISO/IEC 31000 Adoption with the LockPath Keylight Platform

An increasingly common question is "How do I implement ISO 31000 with your Governance, Risk and Compliance (GRC) platform?" This white paper introduces in broad strokes the purpose and approach of ISO 31000.

Read more...
 
E-mail

corpintegrityCollaborative Accountability in Policy Management: Effectively Managing Policies Across the Enterprise

Most organizations fail to manage the lifecycle of policy, resulting in policies that are out-of-date, ineffective, and not aligned to business needs. It opens the doors of liability, as an organization may be held accountable for policy in place that is not appropriate or properly enforced. Organizations require a consistent process to develop, communicate, monitor, and maintain corporate policy and procedures.

Read more...
 
E-mail

SDG CorpHow to Effectively Manage the Compliance Lifecycle

In today's world of high uncertainty, rapid economic changes, and increasingly complex regulations, compliance has become a permanent part of doing business. Juggling the requirements of industry regulations, data privacy laws, and government mandates is no easy task, and maintaining ongoing compliance is complicated by constant changes, amendments, and overlaps. What's more, as regulations increase, the resources needed to comply with them increase as well – and so do the stakes.

Read more...
 
E-mail

www.intel.comPCI-DSS V2 Countdown to Compliance

Recorded: December 14 | 2010    View Webinar

Version 2.0 of the PCI Data Security Dtandard takes effect on January 1, 2011. Are you fully-prepared for the upcoming changes, to avoid non-compliance fines of up to $500k per incident?

Read more...
 
E-mail

Data SheetData Sheet: Bringing GRC Federation into IT Security

GRC, by definition, involves bringing together governance, risk and compliance disciplines from across an increasingly complex, extended enterprise with deep interlocks to customer and supplier eco-systems. While it's not realistic to expect organizations to converge on a common set of GRC processes across this complex landscape, there is huge value in taking a federated approach to GRC that leverages the common risk elements from each business unit, IT and security teams, and management of third parties.

Read more...
 
Page 13 of 18

  Most Popular | All 


Subscribe via Email

 Your Email:
Banner
Banner
Banner
Banner
Banner
Banner
Banner
Banner