One of the risk management components in a business continuity plan that is often overlooked for compliance requirement review is the organization’s sponsored website.  Many companies simply do not realize their potential exposure to legal liability in this area and the question can be asked “why is that so?” 

This question is answered in an article recently posted in ArticleSpan and is recommended reading to give risk managers keen insight to reducing this liability in their organization.  In addition, sixteen (16) high risk activities that indicate the need for website legal compliance are clearly stated for consideration and testing your organization’s vulnerability to this risk.

Click here to read this article.

In a recent article by Randy George, of Information Week, there is a focus on the growth of Data Loss Prevention (DLP) within the IT departments of organizations.

One of the largest motivations for increased support for DLP within organizations is to ensure and satisfy regulatory compliance requirements by that organization.  And, meeting these requirements remains an important element of every organization’s business continuity plan.

Some of the results from recent studies on this topic are well represented in graphical formats in this article.

Is your organization in line with this continuing trend by IT security professionals?

In both a recent article published in the Science Daily, as well additional information released in an abstract by the Proceedings of the National Academy of Sciences of the United States of America, the topic of risks involved with a record retention policy that includes an individual’s Social Security number was updated to include the dymanics of that risk when combined with the increased use of social networking and other internet activities by those individuals.

Reading this article should cause you to at least review and possibly re-think your company’s policies involving record retention, information security, compliance management, and other components of what your company is doing to guarantee the privacy rights of its employees.