Home > Security Tips > Compliance Counselor > Richard Mackey: Building a framework-based compliance program
Security Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

COMPLIANCE COUNSELOR

Richard Mackey: Building a framework-based compliance program


Richard Mackey, Contributor
10.29.2008
Rating: -3.50- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


Watch more from our Security Video Library

Make sure to check out the rest of our interviews with security pros like Avi Rubin, Johannes Ullrich, Dan Kaminsky, and more. 
Behind every compliant organization is a thorough and thoughtful security process. Compliance pro Richard Mackey knows how to build a proper compliance program, from assembling requirements and capturing your current state to establishing realistic expectations and finally meeting the demands of regulations.

In this video, Mackey explains how to ensure discipline and begin an organizational commitment that allows a company to meet compliance standards continuously -- in both the short term and the long term.


PCI DSS COMPLIANCE HELP

  Introduction: PCI DSS compliance help
  Combining compliance efforts to manage PCI DSS
  Using ISO 27002 to achieve PCI DSS compliance
  Network isolation as a PCI DSS compliance method
  Tokenization and PCI compliance
  Use SHA to encrypt sensitive data
  Building a framework-based compliance program
  Align an info sec framework to your business model

Rate this Tip
To rate tips, you must be a member of SearchSecurity.com.
Register now to start rating these tips. Log in if you are already a member.




BROWSE BY TAG
Compliance Counselor,   Security Audit, Compliance and Standards,   IT Security Audits,   Information Security Policies, Procedures and Guidelines,   Information Security Management,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Compliance Counselor
Benefits of ISO 27001 and ISO 27002 certification for your enterprise
Identity lifecycle management for security and compliance
Interpreting 'risk' in the Massachusetts data protection law
FTC Red Flags Rules: How to create an identity theft prevention plan
Creating a HIPAA employee training program
Data protection tips for corporate compliance leaders
PCI DSS compliance requirements: Ensuring data integrity
Understanding PCI DSS compliance requirements for log management
Are 'strong authentication' methods strong enough for compliance?
Strategies for using technology to enable automated compliance

IT Security Audits
Standards compliance does not equal sound information security risk management
Tony Spinelli: Prioritize Information Security over Compliance
How to prepare for a FERPA audit
MasterCard increases PCI compliance requirements for some merchants
How to select a set of network security audit guidelines
How to write a risk methodology that blends business, security needs
PCI compliance requirement 11: Testing
Using IAM tools to improve compliance
Forensic accounting success depends on information security support
HIPAA compliance: New regulations change the game

Information Security Policies, Procedures and Guidelines
Health Net breach failure of security policy, technology
How to protect distributed information flows
Whitelists, SaaS modify traditional security, tackle flaws
Melissa Hathaway urges more cooperation, government attention to cybersecurity
Reuters: Obama ready to select cyber security czar
How a corporate Twitter policy can combat social network threats
Should enterprises be concerned with Twitter in the workplace?
Information security management hype: Debunking best practices
Data breach avoidance begins with security basics, panel says
Expert: Information security spending often restricts innovation

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
defense in depth  (SearchSecurity.com)
non-disclosure agreement  (SearchSecurity.com)
security policy  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Research Solutions for Network Security, Access Control and Security Threats
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts