Compliance
Six Critical Elements to Achieve Economies in FISMA Compliance
A FISMA compliance approach that relies on a manual and labor-intensive process can produce mountains of paper and electronic documents that no one can organize and make sense of. Such a compliance strategy results in overwhelming confusion where the assumption is that everything is in place because personnel are too busy to make sense of it all: that is, until things break down and all the fingers are pointed at the agency. This whitepaper highlights the six critical elements agencies should keep in mind in order to reduce the burden of FISMA compliance, while achieving greater control and security.
Achieving Compliance with the Massachusetts Data Protection Law
By March 1, 2010, all organizations with operations and/or customers in the state of Massachusetts will be required to follow comprehensive information security requirements regarding both paper and electronic records containing personal information. These requirements include enforcing password security, encrypting all personal information stored on laptops and removable devices and ensuring up-to-date firewall protection, operating system patches and the latest versions of security agent software. Read this whitepaper to learn how your organization can meet the necessary requirements and improve its security practices.
Six Critical Elements to Achieve Economies in FISMA Compliance
Published: January, 2010 - For the past eight years, government agencies have struggled to comply with the requirements of the Federal Information Security Management Act of 2002 (FISMA).1
FISMA Prescriptive Guide
File Integrity Monitoring: Compliance and Security for Virtual and Physical Environments
Read this white paper to find out the first solution to effectively combine configuration assessment and file integrity monitoring, enabling automated and sustainable configuration control throughout virtual and physical infrastructures.
Cost Effective Security and Compliance with Oracle Database 11g Release 2
The increasingly sophisticated nature of information theft, and the continued emergence of new data privacy protection regulations worldwide, requires strong data security.
Foundations of GRC: Establishing an Enterprise View of Risk & Compliance
Published: September, 2009 - Success in today's dynamic business environment requires the organization to integrate, build, and support business process with an enterprise view of risk and compliance. Without a new approach to risk and compliance, the scattered and non-integrated risk and compliance approaches of the past fail and introduce greater risk and regulatory threats to the business.
Value of a Common Architecture for GRC Platforms
Jan 2010 - Business is complex and dynamic, and requires agility to stay competitive. Market leadership requires the organization is quick to respond to changing conditions - to pause means loss. Governance, risk, and compliance (GRC) processes often work against business agility. Requirements and initiatives managed across numerous silos, using manual or varying technology approaches, burden the business. The lackof a common process and technology architecture comes at a significant management cost.
Keeping Up Your SOX Compliance and Turning IT into a High Performer by Improving Change Control
Achieving NERC Cyber Security Standards Compliance with Lumension
The North American Electric Reliability Corporation(NERC) is a non-profit corporation chartered to ensure that the bulk electric system in North America is reliable, adequate and secure.
Information Security & Multi-Compliance: Avoiding Audit Fatigue with a Single IT Compliance Strategy
Read this white paper about a tactical guide enabling you to take action and achieve operational excellence.
FISMA Compliance: Making the Grade
IT GRC: Managing Risk, Improving Visibility, and Reducing Operating Costs
For all organizations with current or planned initiatives in the area of IT governance, risk management, and compliance (IT GRC), this report describes the policy, planning, process, and organizational elements of successful implementations.