Security audit, compliance and standards

Get tips from the experts on security audits, compliance and standards. Advice is offered on data privacy and theft, audit planning and management, how to work with auditors, and compliance with standards, regulations and guidelines such as PCI DSS, GLBA, HIPPA, SOX, FISMA, ISO 17799 and COBIT.

October 15, 2021 15 Oct'21
China wants more say in setting global technology standards

China wants a bigger seat at the global technology standards-setting table, and experts advise the U.S. to take a cautious yet optimistic approach to its growing interest.
August 25, 2021 25 Aug'21
AWS launches Backup Audit Manager compliance tool

A new AWS Backup feature, the Audit Manager, tracks backup activities to help customers determine if they are meeting business and regulatory compliance requirements.
January 19, 2021 19 Jan'21
Data privacy law is coming, big tech privacy officers say

At the digital CES 2021 event, privacy leaders at Google, Twitter and Amazon said the time is right for a data privacy law.
December 16, 2020 16 Dec'20
Social media data practices land in FTC crosshairs

The Federal Trade Commission is seeking information on how social networking giants like Facebook, Twitter and YouTube collect and use consumer data.

Bring yourself up to speed with our introductory content

CSO (Chief Security Officer)

A Chief Security Officer (CSO) is a C-suite executive responsible for a company's physical and digital security. Continue Reading
What are cloud security frameworks and how are they useful?

Cloud security frameworks help CSPs and customers alike, providing easy-to-understand security baselines, validations and certifications. Continue Reading
Data protection impact assessment tips and templates

Conducting a data protection impact assessment is key to evaluating potential risk factors that could pose a serious threat to individuals and their personal information. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

How to evaluate and select GRC vendors and tools

There is a variety of governance, risk and compliance software on the market. Learn about some of the available products and how best to evaluate GRC tools and vendors. Continue Reading
10 CCPA enforcement cases from the law's first year

It's been more than a year since CCPA enforcement began, and organizations started hearing from the California attorney general. Explore 10 early cases of alleged noncompliance. Continue Reading
IoT legislation device manufacturers need to know about

To avoid penalties and meet government agency requirements, IoT device manufacturers must adhere to new standards and regulations. Learn the latest here. Continue Reading

Learn to apply best practices and optimize your operations.

Data center security compliance checklist

In five steps, create a security compliance plan for your data center. Discover different standards, learn audit schedules and develop procedures to align with compliance. Continue Reading
Ensure HIPAA backup compliance with documentation, testing

With new storage tools and evolving backup practices, it is crucial covered entities remain HIPAA-compliant with their backups. Here are a few ways to ensure compliance. Continue Reading
An adequacy audit checklist to assess project performance

Adequacy audits are conducted to assess the efficacy of IT system controls and identify areas for performance or other improvements. Use this audit checklist to get started. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How to deal with the lack of IoT standards

With each IoT standards body creating its own architecture or framework, IT professionals have many options to sort through for any IoT deployment. Continue Reading
In comparing GDPR and CCPA, lessons in compliance emerge

In anticipation of the CCPA Jan. 1, 2020, implementation date, business leaders should understand the parallels between GDPR and CCPA to learn from the EU's GDPR rollout period. Continue Reading
IoT security regulations refocus data privacy best practices

New and old IoT regulations create a maze of rules and best practices that organizations must navigate to become more transparent about their IoT security practices. Continue Reading