Personal data is any information relating to you, whether it relates to your private, professional, or public life. In the online environment, where vast amounts of personal data are shared and transferred around the globe instantaneously, it is increasingly difficult for people to maintain control of their personal information. This is where data protection comes […]
Main Content
IT Compliance
IT Compliance is taking appropriate control of and protecting information, including how it is obtained and stored, how it is secured, its availability (how it is distributed internally and externally), and how the data is protected. The internal compliance functions revolve around the policies, goals, and organizational structure of the business. External considerations include satisfying […]
IT Security Audit
At its root, an IT security audit includes two different assessments. The manual assessment occurs when an internal or external IT security auditor interviews employees, reviews access controls, analyzes physical access to hardware, and performs vulnerability scans. These reviews should occur, at a minimum, annually. Some organizations, however, prefer to do them more frequently. Organizations […]
Risk Management
Risk management is the practice of mitigating and managing risk through system controls and is therefore closely aligned as an integral function of IT governance and IT compliance. GRC (Governance, Risk, and Compliance) is an integrated strategy to effectively and appropriately manage policies, processes, and controls. The collective management of these three functions – rather […]
IT Governance
IT Governance is the function of managing and addressing the overriding technical, strategic, and procedural processes. IT governance is a subset of the overall corporate governance process and is overseen in most cases by the appropriate C-suite professional such as a Chief Compliance Officer (CCO) with increasing cross-functional responsibilities from a Chief Technical Officer (CTO).
IT Security
Network security. Cyber security. Endpoint security. These different, often overlapping arms of IT security can get confusing. As hackers get smarter, it’s increasingly important to know what each does and how to implement them into your own network. In the wake of the highly-connected Internet of Things (IoT) and the rise of the cloud, we’re […]
