Governance and Compliance
Research, Cases studies and best practice into GRC (governance, risk and compliance), IT Governance, Data Leakage, regulatory compliance risk assessment and risk analysis.
EXECUTIVE SUMMARY
IT governance is the act of making IT investment decisions, and while it is dependent upon solid processes, ultimately it is people that make the decisions and are held accountable for these decisions. Governance structures relate to the organizational and people mechanisms created around the IT investment process. These include reporting relationships; governance-specific positions; and committees, councils, and working groups either created specifically for or repurposed to execute the governance processes. Effective IT governance requires having the appropriate organizational structures and empowering them to make the required decisions.
IT governance is the act of making IT investment decisions, and while it is dependent upon solid processes, ultimately it is people that make the decisions and are held accountable for these decisions. Governance structures relate to the organizational and people mechanisms created around the IT investment process. These include reporting relationships; governance-specific positions; and committees, councils, and working groups either created specifically for or repurposed to execute the governance processes. Effective IT governance requires having the appropriate organizational structures and empowering them to make the required decisions.
New Privacy Laws a boon for vendors of security products and services
Privacy and the need for it is not new, however, technology and resultant new ways we communicate and conduct our lives require totally new ways of protecting privacy. The responsibility for protecting privacy ultimately falls to the individual and regulators. Individuals are often bad at protecting themselves and our government (while active in the area) is slow. That said, legislation exists now and new legislation and resultant regulation is on the way – in order for organizations (public and private sector) to comply they will need to spend and this spending will be a boon for vendors of security and privacy products and services.
Privacy and the need for it is not new, however, technology and resultant new ways we communicate and conduct our lives require totally new ways of protecting privacy. The responsibility for protecting privacy ultimately falls to the individual and regulators. Individuals are often bad at protecting themselves and our government (while active in the area) is slow. That said, legislation exists now and new legislation and resultant regulation is on the way – in order for organizations (public and private sector) to comply they will need to spend and this spending will be a boon for vendors of security and privacy products and services.
Compliance versus security: mutual benefit or conflicting objective?
Our modern businesses face growing pressure from both internal and external sources to ensure compliance against a range of measures. Some of these directly relate to new or more stringent regulatory requirements, others to an improved awareness of the benefits of good corporate governance. Whatever the drivers, the compliance challenges exist and businesses must adapt and evolve to this new environment.
In this highly regulated and seemingly litigious world, organizations have become obsessive with regard to the billowing need for compliance and governance. Evidence is showing more frenetic work and reporting taking place than actual productive work. And if this is what is occurring in your organization, you need to take stock now.
If there is a tsunami of regulation bearing down on us there is only one thing to do – get out that surfboard.
If there is a tsunami of regulation bearing down on us there is only one thing to do – get out that surfboard.
Quick Links
Login
Latest Video
Implementing Access And Change Control For Group Policy
Portal Switch
Switch to the Convergence & Collaboration Portal.