IT Governance

IT Governance | News, how-tos, features, reviews, and videos

CSO 2.0: How to take your security program to the next level

Security is all about the big picture now. Here are some pointers from George Viegas on how the "CSO 2.0" can take a more effective approach to security in 2014 and the future

EMC Adds Aveksa to its Enterprise Security Portfolio

With the 4th now behind us, EMC announced its acquisition of Aveksa, an Identity and Access Management (IAM) vendor focused on identity governance. As acquisitions go, this one was on the small side so much of the security world...

What's next for GRC?

Two veteran CISOs offer a hard look at what GRC needs to deliver its full potential value

GRC: Trying to take the bite out of risk

Is governance, risk and compliance (GRC) software the right choice for your company?

Patch management still big stumbling block in risk management, survey shows

Everyone talks about "risk and compliance" in security, but what do companies have to do to make it through audits and meet regulations related to information security? And what are the costs? McAfee asks those questions in its "Risk...

Do Insecure Open Source Components Threaten Your Apps?

Since Apache Maven, the brainchild of Sonatype founder Jason van Zyl, emerged as a top-level Apache Software Foundation project in 2003, the Central Repository has become a primary source of open source components. Jackson says the...

Case study: What's the business case for GRC?

Governance, risk and compliance (GRC) can be a dauntingly complex undertaking. But for Fiserv, the alternative was even more complicated.

12 tips for implementing GRC

GRC technology can provide an organization with critical information necessary in a regulatory-driven business world. But before even looking at GRC tools, consider these tips for successful investment and implementation

Cybersecurity Report Stresses Need for Cooperation

As they grapple with a growing crop of increasingly sophisticated threats that know no political borders, nations must dramatically improve their framework for coordinating on cybersecurity policy and preventing and responding to...

Some Thoughts on The SANS 20 Critical Security Controls

As I transitioned from the weekend to the work week last night, I settled down to review the 20 Critical Security Controls (v3) published by the SANS Institute. If you haven’t seen this list, you really should take a look as it’s an...

Making the ROI case for GRC platforms

The ultimate goal of GRC is to support business agility, but be ready to supply your CFO with these additional details



Defining GRC tools and the GRC market is tricky as the line between eGRC and IT GRC blurs


IT GRC tools: Control your environment

IT governance, risk and compliance (GRC) tools help bring order to enterprises' crazy quilt of overlapping regulations, redundant audit programs and manual processes


Dos and don'ts for IT GRC success

Throwing tools at the problem won't get you anywhere. Experts provide IT GRC guidance for making your life simpler - not more complicated.

Forrester's 2011 security strategy recommendations

How to take a more systematic approach to governance and data protection even as the computing landscape continues to change

Fraud incident reports down, says report

A quarterly measure of fraud reporting among employees finds violations have dropped

Consider the Consensus Audit Guidelines (CAG)

As a federal government watcher, I get exposed to some happenings in Washington that few outsiders know about. One such initiative is the Consensus Audit Guidelines (CAG). Simply stated, CAG applies the old 80%/20% rule to...

5 Steps for Achieving Effective Mobile Security Governance

How do you keep mobile security intact as devices proliferate? Consultant Robert Zhang breaks down the keys to success.

SOA What? Why You Need an SOA Governance Framework

Igor Khurgin and Saurabh Verma of Acumen Solutions on why your enterprise needs a SOA governance framework before lawlessness takes over.

Three Big Trends in Information Security: Past, Present and Future

A 20+ year industry veteran, Joanne Moretti of CA Inc., gives us her take on the biggest drivers in IT security and looks not only to the past, but predicts what CSOs and CIOs are heading for in the future.

Load More
You Might Also Like