IT Compliance is taking appropriate control of and protecting information, including how it is obtained and stored, how it is secured, its availability (how it is distributed internally and externally), and how the data is protected. The internal compliance functions revolve around the policies, goals, and organizational structure of the business. External considerations include satisfying […]
Main Content
Risk Management
Risk management is the practice of mitigating and managing risk through system controls and is therefore closely aligned as an integral function of IT governance and IT compliance. GRC (Governance, Risk, and Compliance) is an integrated strategy to effectively and appropriately manage policies, processes, and controls. The collective management of these three functions – rather […]
IT Governance
IT Governance is the function of managing and addressing the overriding technical, strategic, and procedural processes. IT governance is a subset of the overall corporate governance process and is overseen in most cases by the appropriate C-suite professional such as a Chief Compliance Officer (CCO) with increasing cross-functional responsibilities from a Chief Technical Officer (CTO).
IT Security Audit
At its root, an IT security audit includes two different assessments. The manual assessment occurs when an internal or external IT security auditor interviews employees, reviews access controls, analyzes physical access to hardware, and performs vulnerability scans. These reviews should occur, at a minimum, annually. Some organizations, however, prefer to do them more frequently. Organizations […]
IT Security
Network security. Cyber security. Endpoint security. These different, often overlapping arms of IT security can get confusing. As hackers get smarter, it’s increasingly important to know what each does and how to implement them into your own network. In the wake of the highly-connected Internet of Things (IoT) and the rise of the cloud, we’re […]
Internet Security: Guarding Against Cyber Crimes
The internet itself is considered an unsecured network—a scary truth when we realize it’s essentially the backbone for how we give and receive information. That’s where internet security (or cyber security) comes in, and it’s a term that can get pretty broad, as well. This branch of security is technically a part of computer security […]
