Wednesday, July 11th, 2007
Handling compliance and risk have become inescapable elements of the modern CIO’s role as they strive to ensure the business can forge ahead while not exposing areas of weakness or potential liability. Danny Bradbury explains the dilemma… Compliance can be a daunting word for IT managers. Ultimately, it’s about managing risk exposure at a broad level. So what can IT directors do to satisfy the rest of the board, especially given that regulations are mostly vague, principle-based affairs? Be thankful for vague rules. The few regulations that meddle with operational specifics aren’t generally helpful security guides, argues Michael Barrett, chief information security officer at PayPal. READ MORE
Posted in Compliance Management, Risk Management | No Comments »
Monday, July 9th, 2007
Although data breaches in the public and private sectors are frequent, few incidents of identity theft have occurred as a result of the loss or unauthorized exposure of personal information, the Government Accountability Office said. Fortunately for potential victims, only three of the 24 biggest breaches that GAO reviewed led to detected incidents of fraud on existing accounts and one incident of the unauthorized creation of a new account, according to GAOs analysis of available data and interviews with researchers, law enforcement officials and industry representatives. Retailers and a credit card processor were responsible for the data breaches that led to identity theft. GAO said it uncovered no clear evidence of fraud in 18 incidents, and insufficient data was available to make a determination in two incidents. However, it is difficult to know for certain the magnitude of identity theft, GAO said. READ MORE
Posted in Compliance Management, Risk Management | No Comments »
Friday, July 6th, 2007
Vague guidance and lack of bright-line definitions led to an era of expensive, ultra-conservative audits. As a result, and under the advice of their auditors, many companies are now reining in their SOX efforts. What’s changing? Experts detail the latest SOX guidance, new accounting standards, and optional risk-assessment methodology.
Posted in General | No Comments »
