
Accountability vs. Compliance in the Cloud
Engineers don’t have time to translate their workloads into “audit speak”. Auditors can’t provide...
Read More...
Are we ready to be a society in the cloud?
We just got our daily update from JDSupra (still LOVE THEM!) titled "California's Shine the Light...
Read More...
CISSP Study Glossary
Here's the vocabulary you need to navigate any security publication. Sitting on the train? Do a...
Read More...
Data Centric Security and EU General Data Protection Regulation (GDPR)
While 15% of EU citizens report not trusting businesses with their information, they also lack the...
Read More...
Data in the Cloud - Explicit consent, Right of portability, Right to be forgotten
How old is your facebook picture? (No, don't tell me, I don't care.) How much of our privacy...
Read More...
Decision 2010/87/EU
EU Data Protection Authorities Approve Google’s Cloud Commitments for International Data...
Read More...
Description Criteria - AICPA Guidance for Cybersecurity Risk Management Program
Effective April 15th 2017, AICPA's New Cybersecurity Risk Management Examination Report
Read More...
Do We Even Have to Say This?
Why, in an evolved society, would we need a policy that prohibited employees from making...
Read More...
Example of a Great Web Privacy Policy
I like this privacy policy.
Read More...
GDPR Timebomb
Keith Lipman, Esq. is an outstanding writer and contributor at JDSupra
Read More...
GRC Platforms and Open Standards
Place holder for summary of GRC tools and platforms Place holder for summary of GRC tools and...
Read More...
Green IT - Sustainable Enterprise Services
Question: Is Green Less or More? Climate Change isn't the only reason to care about GREEN...
Read More...
Harmonization
History of controls harmonization is really the history of managing conversations about risk. Cyber...
Read More...
I Want To Know What It's Like
You need to unblock cookies to view a YouTube video. We find it powerful and timely. If you prefer...
Read More...
Inconvenient Truth: An Older Brother Perspective on Women Entering IT
An Inconvenient Truth for Women
Read More...
ISO/IEC 27001 Compliance Readiness
ISO/IEC 27001:2005 - now ISO/IEC 27002:2013
Read More...
ITAF
ITAF Information Technology Assurance Framework
Read More...
Knowing Your A.S.S. from Your A.K.A
Do you know your a.s.s from your t.l.a?
Read More...
Laws - most frequently asked in CISSP exam
Here are some laws that come up frequently in technology conversation and are also most often...
Read More...
Marc Vael - Kibersahs 2016
Privacy by Design, presented by Marc Vael, President ISACA Belgium
Read More...
Maturity vs. Compliance
Making Process Real, a seminar in preparing to meet new regulations for controls as proposed by...
Read More...
Me Tarzan, You Jane: NIST SP800-171 & GDPR Glossary
Me Tarzan, You Jane is my way of reminding everyone that we can't get far without some common...
Read More...
National Cyber Security Strategy 2016-2021 - Gov UK
In order to propose controls that would implement the requirements of the GDPR in UK governed...
Read More...
National Vulnerability Database
National Vulnerability Database
Read More...
NERC CIP
North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) –...
Read More...
New York Department of Financial Services (“DFS”) Cybersecurity Regulation
New York State Department of Financial Services (DFS) first-in-the-nation cybersecurity regulation to...
Read More...
NIST Cloud Computing Reference Model SP 500-292
NIST Cloud Computing Reference Model SP 500-292
Read More...
NIST SCAP & XCCDF
The Security Content Automation Protocol - SCAP
Read More...
No SOC No $ervice AICPA SSAE 16
AICPA Service Organization Control Reports - SOC 2
Read More...
PCI Compliance Approach
Security and Privacy Issues and Precautions There are Six Steps to Achieving PCI Compliance, seven if...
Read More...
Privacy Resources - Facts, not Fiction
Risks in Life Logging - ENISA, because Europe saw it coming
Read More...
RunBook UML
Did you know you can export a visio html map of your UML (Unified Model Language) diagram?
Read More...
Security, Privacy, Breach Notification and HIPAA
HIPAA – HITECH, Aligning Secure Host Baselines According to Common Security Framework CSF
Read More...
Talk2Me
[Although this thread is out of date - has some historical value for anyone researching bogus SEO...
Read More...
Telecom Complexity Diagrams
Did you know you can export a visio html map of your UML (Unified Model Language) diagram?
Read More...
This is not my baby picture
"The conference went well, I think, is all I can say for sure." In spite of actual applause, a...
Read More...
Thoughts On Being Human in the Cloud
Themes of discussion on EnterpriseGRC Solutions - Governance Risk and Compliance, Maturity vs....
Read More...Today We Work
Today We Work Out of respect to those who waitFor the privilege of perceived usefulnessWe...
Read More...
Using Workday to Drive a New Auditing Paradigm - IAM and SOX Controls Automation
The New Auditing Paradigm - IAM and SOX Controls Automation Workday Rising presentation showed an...
Read More...
Virtual Reality, Cyber Security, and Compliance
It is not just a game By Barbara Davi
Read More...
What is the Compliance Science behind Regulatory DNA?
Can you translate your product or industry to the most current regulatory requirements? Can you...
Read More...
What it Takes to Non-Compete
A fight is going on inside me," he said to the boy. "It is a terrible fight and it is between two...
Read More...
When Will It Stop?
My mother sighed a lot. She pulled on high heeled boots and a big furry hat like the one singers and...
Read More...
Why Align With ISO/IEC 27002:2013?
Tools approach to automating ISO27002 ISMS Policy aligned continuous monitoring
Read More...