Utilities are under increasing pressure for accountability bearing down from several angles. The calls to manage IT risk and compliance forces them to rethink how they approach compliance economically and strategically.

Although data privacy and identity theft have a higher profile in the minds of consumers, data retention issues can have a far greater financial impact on businesses. Every company, whether public or private, large or small, must have a policy and enforcement system to deal with the messages and files generated by the organization every day.

This paper explains SAP's vision for a cross-enterprise governance, risk and compliance (GRC) solution and the benefits it can provide, defines key terms, and discusses what to look for when evaluating GRC software options.

Working together, the major payment card providers have developed a set of data security standards and created a council for enforcing them. Although the Payment Card Industry Data Security Standard (PCI DSS) has become a global requirement, many organizations are lagging in compliance.

This SAP Executive Insight focuses on helping executives determine: What are the consequences of today's typical GRC approaches?

There's no doubt protecting payment information during transmission, processing and storage is a business imperative. But, the current "lock-down" approach, which focuses on encrypting payment data within your environment, has proven inadequate, unmanageable, or both. Think about it.

As the economy begins to show signs of a pending recovery, medium and large businesses continue to shift their attention from payment processing to payment processing management-meaning, there's an increasing emphasis on improving the process of managing payments throughout the entire order acceptance lifecycle, not just transacting a payment at the time of sale.

This report is based on a survey of U.S. and Canadian online merchants. Decision makers who participated in this survey represent a blend of small, medium and large-sized organizations based in North America. Merchant experience levels range from companies in their first year of online transactions to some of the largest e-retailers and digital distribution entities in the world.

Welcome to PCI Compliance For Dummies! Compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) is mandatory if your company stores, processes, or transmits payment cardholder data. This book is all about understanding PCI and how merchants can comply with its requirements.

This white paper reviews the basics of PCI, including who must comply, compliance requirements, validation requirements and penalties. It also examines key things to look for when selecting a PCI network testing service and introduces QualysGuard PCI.

Managing IT risk is part of running any business, helping you increase security, reduce management costs and achieve greater compliance. Corporate leaders who fail to identify, assess and mitigate IT risk are setting themselves up for security breaches and financial losses. Read this paper to learn how to effectively assess IT risk and manage compliance.

This whitepaper will examine PCI DSS and explain how Lumension® Compliance and IT Risk Management can help organizations reduce the cost of addressing compliance by streamlining and automating the IT audit process, unifying control and compliance frameworks, automating assessment and remediation processes, and enabling continuous monitor­ing of their compliance and IT risk management posture.

A FISMA compliance approach that relies on a manual and labor-intensive process can produce mountains of paper and electronic documents that no one can organize and make sense of. Such a compliance strategy results in overwhelming confusion where the assumption is that everything is in place because personnel are too busy to make sense of it all: that is, until things break down and all the fingers are pointed at the agency. This whitepaper highlights the six critical elements agencies should keep in mind in order to reduce the burden of FISMA compliance, while achieving greater control and security.