By December 6, 2011, all federal agencies must develop a compliance plan for how they will identify and protect Controlled Unclassified Information (CUI). Is your agency ready?
In this white paper, Patricia Hammar, executive secretary of the CUI Presidential Task Force, provides expert advice on developing a CUI...
The compliance deadlines are aggressive - but so are today's threats, says Vishal Salvi, CISO of HDFC Bank, discussing the challenges of meeting the Reserve Bank of India's new information security standards.
This white paper details solutions designed for government agencies that provide the visibility, control and automation needed to support asset management across the IT asset life cycle, planning, acquisition, management and disposition of software, hardware and related licenses.
The result is lower asset costs,...
As government and state agency budgets fluctuate the demand for security has never been more important. Increasing regulations, differing requirements from international locales, and sophisticated attacks all contribute to serious challenges that call for thorough security solutions. Red Hat has deep security...
Oregon state agencies are coming together to develop a centralized plan, ending a previously siloed approach, to simplify compliance with Internal Revenue Service rules to safeguard taxpayer data, says state CISO Theresa Masse.
Documenting procedures for the State Department's custom-made, continuous-monitoring tool known as iPost will help ensure that the data collected are appropriately used to protect the agency's global IT system, a GAO audit says.
Oregon Chief Information Security Officer Theresa Masse finds herself at the center of a state initiative to simplify compliance by agencies with Internal Revenue Service rules to safeguard taxpayer data.
Since becoming Vermont's first CISO three years ago, Kris Rowley's been on a quest to create an IT security culture in state government. Rowley's latest initiative, bringing risk assessment in-house, is helping build that culture.
Integrated governance, risk and compliance (GRC) solutions provide a holistic view that allows for early detection of problems that may otherwise go undetected using independent examination.
This white paper provides an in-depth case study in which a bank's mortgage lending is monitored using defined:
Key...
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
In the wake of WikiLeaks revelations of critical data, Asian banking institutions now are paying even greater attention internally to issues of governance, risk and compliance, says K. Sugumaran of RSA.
Auditors find that the SEC's IT office documented and incorporated National Institute of Standards and Technology patch requirements in its policies and procedures but that guidance wasn't always followed.
Office of Management and Budget Director Jacob Lew issues a directive to require 5.7 million federal employees and contractors to use personal identity verification credentials to access federal IT systems and facilities by Oct. 1.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.