Building a risk-based compliance program: Security School:

Security Building a risk-based compliance program:

Compliance School

Building a risk-based compliance program

Compliance is no longer just an issue for the executive, legal and accounting teams to do deal with. It is now a daily concern for IT staffs, and more specifically, for the security staffs who must ensure that the servers, endpoints and mobile devices meet the standards set by dozens of regulations. As compliance has become more of an IT issue, the idea of basing a compliance program on a risk management approach has begun to gain a lot of momentum. A recent survey of business executives and IT professionals by Polivec Inc. showed that 73% of respondents believe risk analysis is an important basis for a compliance effort.

Display in sets of:
  • Quiz: Building a risk-based compliance program

    Quiz -  A five-question multiple-choice quiz to test your understanding of Richard Mackey's Compliance School lesson.

  • How to apply ISO 27002 to PCI DSS compliance

    Tip -  The Payment Card Industry Data Security Standard may be fairly straightforward, but it's lacking in defining the processes that will ultimately lead to PCI DSS compliance. In this tip, expert Richard Mackey explains why the ISO 27002 can not only help...