Articles on Compliance Management

Implementing IT-GRC: Five Biggest Pitfalls in IT Governance, Risk, & Compliance
BY PROFESSOR SANJAY ANAND
Since 1981, there have been over 114,000 new governmental regulations written in the United States.

So Long Silos—Move Beyond Silos to an Integrated, Automated Approach
BY JIM HIETALA
The Competitive Enterprise Institute calls regulation a $1.14 trillion "unbudgeted tax" on U.S. companies, hidden from public view.

Assessing the ROI for IT Compliance
BY DR. VICTOR BERLIN
How much should enterprises invest in IT compliance or in a specific IT-compliance tool?

A Compelling Argument for Automated Code Testing
BY PROFESSOR HOWARD A. SCHMIDT
The golden age of hackers and cybercriminals driven by a desire to embarrass website owners or cause mindless e-vandalism is hopefully a fading memory.

The CORES of Compliance
BY TOM DIAMOND
IT departments are spending more time and resources on compliance initiatives then ever before.

Online Only—Exclusive Article:

Contrasting Payment Card Industry Data Security Standard (PCI DSS) compliance solutions with a best practices approach to information security
BY ALAN BELSHAW

Compliance Training: Quick and Cost-Effective with Online Learning
BY CHARLIE GILLETTE
Death. Taxes. And compliance training. They're the only things you can count on if you're a public company. You can ignore them, but they won't go away.

Moving from Vulnerable Code to Vulnerable Service: The IT Compliance Challenge
BY RON MEYRAN
Hackers, discovering they can make money from cyber attacks, offer their services for sale.

Adapt Or Be Left Behind: The Changing World of Compliance within the United States Department of Defense
BY SETH COWAND AND ROB AYOUB
What is DIACAP? Why do I need a new paradigm in DoD compliance policies? What does it mean to me?

Global Compliance Initiatives: What do They Mean for Me?
BY ROB AYOUB
The compliance acronyms roll right off our lips these days: HIPAA, SOX, PCI. All these and many others are top-of-mind to executives and practitioners throughout the industry. What about the European Union Directive 2002/58/EC, or India's Information Technology Act?

The Role and Responsibility of a Chief Compliance Officer
BY GUY F. TALARICO, J.D.
Many compliance professionals anticipate a Securities and Exchange Commission (SEC) examination with trepidation. However, those who put in place a systematic process, applied diligently and consistently, with records that adequately document the review and corrective action, will be prepared.

From IT Compliance to IT Governance - Managing Risk Within the IT Organization
BY SANJAY ANAND
Buzzwords like Governance, Risk and Compliance (GRC) have traditionally been in the domain of accounting, finance, ethics and law. However, with regulations like Sarbanes Oxley (SOX), the Gramm Leach Biley Act (GLBA), the Healthcare Insurance Portability Accountability Act (HIPAA) and others impacting virtually every area of the business, IT is no longer bereft of GRC.

What can Government Agencies (like the SEC) Teach You About Compliance?
BY DAVID WILSON
Most private businesses don't look to government agencies as models for success about, well, much of anything. But, as a much older saying goes, there's often an exception that tests the rule.

Technical Challenges to Electronic Discovery
BY RUSSELL SHUMWAY
Under the newly updated Federal Rules of Evidence, electronic discovery has taken on new emphasis. Technical staff now have a pivotal role in the process.

Categorizing a System: Why must this be so hard?
BY GARY TARBET
Categorizing information systems based on the National Institute of Standards and Technology (NIST) Federal Information Processing Standard (FIPS) 199 is no easy task for even the most knowledgeable information security professional.

Go to our archives >>

Sponsor/Partner Offers

University of Fairfax
Let your INFOSEC career soar! A Compliance Spectrum™ Fellowship can help you earn an INFOSEC MS/PhD online. Read more >>