|
Archived IT - Compliance Articles
|
06 May 2013
|
Dodd-Frank's Third Anniversary: The IT Journey to Date [30948]
Wall Street and Technology, May 5th, 2013
"As we approach the third anniversary of the Dodd Frank Wall Street Reform and Consumer Protection Act in July, it is worthwhile to take a look at its impact on banks and their respective IT departments so far.
The implementation of the rules has been fraught with delays and confusion. The regulators who were entrusted with the job of proposing the rules and transforming the guidelines into policies have struggled to reach consensus with the industry, and have therefore been forced to repeatedly revise and delay compliance dates. The ongoing process prevented the initial implementation of strategic solutions, since firms were not willing to risk investing in new technology until the final rules came into better focus..."
(Get More Information . .)
|
|
22 Apr 2013
|
Can We Cease Check-Box Compliance? [30765]
Dark Reading, April 25th, 2013
"For years now, security insiders have railed against the check-box compliance ethos, warning enterprises that simply chasing after regulatory lists won't ever fully address the risks facing their organizations. While there are some early indicators that show that this message may be finally gaining acceptance among tech and line-of-business executives, security experts say the transition to risk-based decision-making is still a long way off..."
(Get More Information . .)
|
|
22 Apr 2013
|
Big Data Governance and EU Data Law - Part 1 [30667]
Bloor Research, April 15th, 2013
"I met someone at a recent CMSG meeting who suggested that one aspect of the Big Data opportunity was about to hit major problems because it was collecting data for targeted marketing to individuals and no-one is paying attention to the EU data protection implications of this. Philip Howard, however, points out that this isn't really a Big Data issue but something that needs to be considered by the Business Intelligence and Analytics applications further on down the line..."
(Get More Information . .)
|
|
22 Apr 2013
|
Protecting Client Data with PCI Hosting Compliance [30668]
Business 2 Community, April 15th, 2013
"With the expanded use of cloud computing in business and the explosion in the online use of credit cards in the past two decades, the security of sensitive financial information has become vitally important to companies conducting business over the internet. Massive data breaches at companies like Sony, TJX and Barnes and Noble and at credit card processors like Global Payments have potentially exposed millions of unsuspecting customers to unauthorized bank withdrawals, identity theft and criminal misuse of their credit cards..."
(Get More Information . .)
|
|
22 Apr 2013
|
10 Key Compliance Pitfalls -- And How to Avoid Them [30569]
Dark Reading, April 811th, 2013
"Today, it's the rare business that doesn't have some regulation on its radar, whether it's because the business processes credit cards, handles personal client information, is publicly traded, handles medical information, operates on behalf of a national or regional government, or any other number of considerations.
In fact, not only do most organizations have to comply with some regulatory mandate or another, most of them need to comply with multiple regulations. InformationWeek's 2012 Regulatory Compliance Survey found that 71% of the organizations surveyed had more than one compliance requirement that they must adhere to..."
- Striving Toward the Bottom
- Having Only a 'Little Knowledge'
- Over- or Under-Scoping
- Fielding an Eternal Stopgap
- Ignoring Remediation Issues
- Checking the Box but Ignoring the Risk
- Ignoring Dark IT
- Over-Trusting
- Misinformation and Lack of Transparency
- Viewing Compliance as a Project
Read on for details.
(Get More Information . .)
|
|
22 Apr 2013
|
Having the 'Right to Know' Doesn't Mean You Actually Will Know [30474]
IT World, April 3rd, 2013
"Legislators in California have introduced a 'Right to Know Act' that would compel companies operating in the state to disclose any data they have collected about you, as well as the names of any other organizations to whom they've disclosed that information over the past year. Organizations would have 30 days to respond with the names and contact info for any business that has your data..."
(Get More Information . .)
|
|
|
|
|
