Security audit, compliance and standards

Get tips from the experts on security audits, compliance and standards. Advice is offered on data privacy and theft, audit planning and management, how to work with auditors, and compliance with standards, regulations and guidelines such as PCI DSS, GLBA, HIPPA, SOX, FISMA, ISO 17799 and COBIT.

New & Notable

Download this free guide

Instant Download: Building an Incident Response Action Plan

77% of organizations admit they don’t have a formal cybersecurity incident response plan (CSIRP) that is applied consistently across the organization, according to IBM. If you’re one of them, here’s everything you need to know about building an efficient incident response action plan.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Security audit, compliance and standards News

November 14, 2019 14 Nov'19
InfoTrax settles FTC complaint, will implement infosec program

InfoTrax settled an FTC complaint over an extensive data breach that lasted two years. Now, it can no longer collect any personal data until it implements its own infosec program.
November 13, 2019 13 Nov'19
Microsoft to apply CCPA protections to all US customers

Microsoft said it will apply the California Consumer Privacy Act across the nation and extend the law's data privacy protections to customers in all fifty states.
August 21, 2019 21 Aug'19
Salesforce DNSSEC project aims to boost site security, speed, uptime

Salesforce, which juggles multiple DNS providers to serve customers while complying with global data-privacy regulations, spearheads new DNS models to enable deeper encryption.
July 29, 2019 29 Jul'19
Untangling GDPR fines with Synopsys' Tim Mackey

Tim Mackey of Synopsys tries to clear up some of the mystery around how GDPR regulators determine the fines levied on companies for major data breaches or privacy violations.

View All News

Security audit, compliance and standards Get Started

Bring yourself up to speed with our introductory content

What types of cybersecurity insurance coverage are available?

Cybersecurity insurance coverage could prove invaluable to risk mitigation -- if it's chosen carefully. Find out which type of insurance plan is right for your organization. Continue Reading
Single Sign-On (SSO)

Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. Continue Reading
Top 7 IT security frameworks and standards explained

Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right one for your organization. Continue Reading

View All Get Started

Evaluate Security audit, compliance and standards Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Understand CASB technology before you buy

CASB technology offers threat protection, increased visibility and policy enforcement. Explore how these tools protect access to cloud applications, and then compare some of the top products. Continue Reading
How the future of data privacy regulation is spurring change

Some companies have taken steps to improve data governance in anticipation of data privacy rules. Experts discuss the challenges of compliance in a shifting regulatory landscape. Continue Reading
5 cloud storage privacy questions to ask potential providers

Data confidentiality in cloud computing is a major enterprise concern, yet providers are often lacking in their details. Here are the questions to ask before adopting a service. Continue Reading

View All Evaluate

Manage Security audit, compliance and standards

Learn to apply best practices and optimize your operations.

3 security and ethics considerations for modern-day CISOs

Many conversations today revolve around security and ethics. A strong CISO voice is crucial to keeping enterprises safe while embracing this critical cultural awakening. Continue Reading
Navigate PII data protection and GDPR to meet privacy mandates

Know the commonalities surrounding personally identifiable information to better navigate and comply with the regulations and penalties IT managers must contend with today. Continue Reading
Report shows CISOs, IT unprepared for privacy regulations

Several data management principles are common across new and developing privacy regulations, but Internet Society reports that many U.S. organizations are falling behind. Continue Reading

View All Manage

Problem Solve Security audit, compliance and standards Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

IoT data privacy forces organizations to rethink data ownership

Now more than ever, providers of IoT devices and experiences play an integral role in addressing IoT data privacy issues and influencing outcomes, market forces and societal health. Continue Reading
Best practices to conduct a user access review

User entitlement reviews ensure employees only have access to essential systems and unauthorized employees -- or miscreants -- don't. Learn how to conduct an audit of user privileges. Continue Reading
What are the most important email security protocols?

Internet email was designed independent of security considerations, but these are the top email security protocols that add mechanisms to keep messaging safe from threats. Continue Reading

View All Problem Solve