SearchSecurity.com's Compliance School

Welcome to SearchSecurity.com's Compliance School. In this free, multimedia Security School, guest instructor Richard Mackey shows you exactly what you need to do to meet regulations' ongoing demands and arms you with actionable items to ensure your business remains continuously compliant. This course includes lessons about the Sarbanes-Oxley Act, one of which is highlighted by a SOX Scorecard to help you see where your organization stands on SOX basics. Compliance-related technologies and ways to improve on compliance processes are also discussed. All of these resources are available on-demand, so you can learn at your convenience.    Compliance improvement: Get better as you go forward    Gauging your SOX progress    SOX: Taking action    Understanding compliance-related technology    About the Instructor	SCHOOL HIGHLIGHTS
	Our editors would like your feedback on Compliance School
	Learn how this school can earn you CPE credits from (ISC)²
	Visit our other Security Schools
	Visit our regulatory compliance resource center
	Download free security IT software

Compliance improvement: Get better as you go forward
New lesson: For enterprise professionals charged with security, auditing and internal IT controls, "getting better" at compliance is all about continuous process improvement. Process, in this sense, is an intelligent mixture of technology adoption/use, improvements in corporate governance and more granular IT policy and procedure. This lesson explores essential practices and tools for "going forward."

Gauging your SOX progress
In this Compliance School lesson, guest instructor Richard Mackey challenges your organization's SOX compliance efforts with a scorecard. He also helps you understand the various SOX-related security standards with a foundational article that takes you step-by-step through the process of building a compliance framework.

SOX: Taking action
In this lesson, guest instructor Richard Mackey offers one 60-minute webcast and three 15-minute quickcasts to help you and your team take on the challenges of SOX's on-going demands. He helps you understand SOX's goals, COSO and COBIT, audits, provisioning, vulnerability management, and who is responsible for what on your security team to help keep your organization compliant.

Understanding compliance-related technology
This lesson takes a look at the products that claim to help you comply with Sarbanes-Oxley's requirements and offers insight about their validity and how to best use them.

About the Instructor:
Richard Mackey, ISACA, CISM, Vice President, SystemExperts is regarded as one of the industry's foremost authorities on distributed computing infrastructure and security. He has advised leading Wall Street firms on overall security architecture, virtual private networks, enterprise-wide authentication, and intrusion detection and analysis. He also has unmatched expertise in the OSF Distributed Computing Environment. Prior to joining SystemExperts, Mackey was the director of collaborative development for The Open Group (the merger of the Open Software Foundation and X/Open) where he was responsible for the integration of Microsoft's ActiveX Core with DCE and DCE Release 1.2. Mackey is an original member of the DCE Request For Technology technical evaluation team and was responsible for the architecture and defining the contents of DCE Releases 1.1 and 1.2. He has been a frequent speaker at major conferences, including Information Security Decisions, and has taught numerous tutorials on developing secure distributed applications.

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Sarbanes-Oxley Act Information security book excerpts and reviews RSA attendees see data classification, rights management projects stumble Hannaford breach illustrates dangerous compliance mentality Does SOX provision email archiving? PCI compliance drives identity management spending, says IBM's GRC chief How to conduct an efficient and thorough employee access review. IBM to boost security spending, push PCI DSS program What types of software can help a company perform a security risk assessment? Industry group uses awareness month to lobby for data breach laws Code Green pitches data protection for SMBs Sarbanes-Oxley Act Research Creating and Managing Information Security Policies What's your advice for getting other business units to contribute to crafting an effective information security policy? Security Awareness Training Essential Part of Infosec Program Is it necessary to grant a full administrative privileges to a security administrator? How to lock down instant messaging in the enterprise Worst practices: Bad security incidents to avoid Thompson calls for marriage of data and security management Companies Collecting Too Much Customer Data Increase Exposure Interview: Arizona CISO David VanderNaalt Incident response success in five quick steps Social networking Web site threats manageable with good enterprise policy Creating and Managing Information Security Policies Research COBIT Does SOX provision email archiving? COSO and COBIT: The value of compliance frameworks for SOX ISO 17799: A methodical approach to partner and service provider security management Mapping the path toward information security program maturity RSA Conference 2006 Introduction to COBIT for SOX compliance How BS7799 and COBIT differ, part two Standards-based compliance: A how-to guide Competing regulations clog road to compliance COBIT Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary defense in depth  (SearchSecurity.com) non-disclosure agreement  (SearchSecurity.com) security policy  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary