Compliance
Compliance-related resources to help firms comply with Sarbanes-Oxley (Sarbox), the Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley (GLB), and other government mandates.
Tech Leaders Call for Global Harmony on Privacy, Security
How Open Source Licenses Affect Your Business and Your Developers
Tue, January 24, 2012 - Copyleft licenses have been the most popular choice for new open source projects. Recently, however, developers and companies seem to be moving from the GPL in favor of less restrictive permissive licenses for open source projects. What's behind the trend and how does it impact your business?
Android Developers Face Legal Hurdles in License Compliance
Thu, August 18, 2011 - Developers who make apps for Android have a lot more to worry about than just building great software.
Visa to Make it Easier for Merchants to Adopt Chip-Based Card Payments
Tue, August 09, 2011 - Visa today announced plans that will let qualifying merchants in the U.S. eliminate the need to annually validate their compliance with the Payment Card Industry (PCI) data security standard.
Cloud Computing: 4 Tips for Regulatory Compliance
Mon, August 08, 2011 - Cloud computing makes it harder for enterprises to be sure they're complying with industry and government regulations. IT and legal experts offer CIOs advice on how to stay in compliance even when their applications reside in the cloud.
Apple Gets Serious About iPad Security, Is It Enough?
Wed, August 03, 2011 - Can you send encrypted email from your iPad? Not yet. As iPads pour into the enterprise, CIOs hope Apple can help solve this and other security problems.
Oracle Overtime Case Spells Trouble for California Tech Companies
Mon, July 11, 2011 - California's Supreme Court recently ruled against Oracle in an overtime case that may have far-reaching implications for employees and employers across the U.S., especially other California-based tech companies.
What Recession? Sarbox Compliance Appears Unhurt By Pressure
Tue, June 21, 2011 - The recession's many corporate pressures didn't have any impact on the Sarbanes-Oxley compliance work of finance and audit executives, according to research by the internal audit and consulting firm Protiviti.
Enterprises Get New Guidance on PCI Compliance in Virtual Environments
Wed, June 15, 2011 - Enterprises got some much needed clarification on the implementation of PCI requirements in virtualized environments on Tuesday.
Putting a Finger on Compliance Control
Mon, June 13, 2011 - Last year, administrators in the City of Winter Park, Fla., realized they had a serious compliance risk in their police department. The FBI's Criminal Justice Information Services Division has regulations that call for tight access controls for records. However, many officers share workstations and, therefore, also share passwords. The solution, they realized, was to deploy fingerprint scanners that would enable individual authentication.
Offshoring: 7 Tips To Prepare for India's Proposed Privacy Rules
Fri, May 13, 2011 - India's proposed data privacy regulations could create serious logistical problems for offshoring customers if passed. Offshore outsourcing attorneys and analysts explain how the data protection rules will impact customers.
Making the ROI Case for GRC Platforms
Thu, May 05, 2011 - As the governance, risk, and compliance market matures, product vendors and potential buyers alike are struggling to make the case for GRC implementations--whether it's being able to point to credible return on investment figures, or building a business case to justify the expense of a software platform. This is certainly not due to a lack of value, but rather a lack of parameters to work with when defining essential elements relating to cost, benefit, flexibility, and risk. When possible, the GRC proposition should be driven by a vision of better governance and performance, but when pressed for more specific justification, the following factors will help provide specific supporting evidence to make the case:
What Do Security Auditors Really Think?
Tue, March 15, 2011 - What do auditors involved in making sure companies meet compliance requirements really think? For starters, companies don't care much about privacy and security, while encryption gets applied at a minimum to meet rules, according to a study of 505 security auditors by Ponemon Institute.
Survey on PCI: How it's Impacting Network Security
Wed, January 12, 2011 - A survey of 500 information technology professionals with responsibility to assure compliance with the Payment Card Industry (PCI) security standard shows just over half find it "burdensome but necessary" in their organizations and about a third see it impacting their virtualized network environments in particular in the future.
One Enterprise's Two-Year Apple Mobile Makeover
Wed, December 01, 2010 - Apple gadgets aren't fit for the enterprise? RehabCare begs to differ: This healthcare provider embraces iPhones, iPads and iPod Touches and relies on custom-built iOS apps to improve patient care and beat up the competition.


