Security audit, compliance and standards

Get tips from the experts on security audits, compliance and standards. Advice is offered on data privacy and theft, audit planning and management, how to work with auditors, and compliance with standards, regulations and guidelines such as PCI DSS, GLBA, HIPPA, SOX, FISMA, ISO 17799 and COBIT.

Top Stories

Answer 07 Apr 2023
Defining policy vs. standard vs. procedure vs. control

Infosec pros may have -- incorrectly -- heard the terms 'standard' and 'policy' used interchangeably. Examine the differences among a policy, standard, procedure and technical control. Continue Reading
By
- Katie Donegan, Social Media Manager
Tip 27 Oct 2021
5 IT security policy best practices

As businesses and technologies grow and evolve, it's important IT security policies do, too. Follow these five best practices to ensure policies are fresh and relevant. Continue Reading
By
- Diana Kelley, SecurityCurve

Search Networking

12 remote access security risks and how to prevent them
Enterprises face myriad remote access security concerns, but training and clear communication can help bolster security programs ...
How to use Cilium Hubble for network observability
Cilium's Hubble tool provides network observability while working in Kubernetes. This guide explains how Hubble works and how to ...
HPE Aruba deepens network security and OpsRamp visibility
A new 'digital circuit breaker' capability for HPE Private Clouds, increased visibility of third-party hardware with OpsRamp and ...

Search CIO

Key differences between chief data officers vs. CIOs
CDOs and CIOs hold distinct roles in the tech-driven C-suite. Both roles are key to improving data collection and usage ...
Chief digital officer vs. chief technology officer: An explainer
For many enterprise organizations, CDOs focus mostly on digital strategy and customer engagement, while CTOs focus on managing ...
Enterprise risk management team: Roles and responsibilities
Every facet of business operations is exposed to risks, requiring a risk management team that's composed of a diverse mix of ...

Search Enterprise Desktop

End users can code with AI, but IT must be wary
The scale and speed of generative AI coding -- known as vibe coding -- are powerful, but users might be misapplying this ...
10 troubleshooting steps for when Windows Update is frozen
When a Windows desktop is frozen and can't update, there could be many causes. The troubleshooting process can be complicated, ...
Troubleshooting the most common issues with Windows 11
When Windows 11 administrators encounter an issue with a desktop without a clear fix, they should perform general troubleshooting...

Search Cloud Computing

Nutanix expands storage, Kubernetes and AI platforms at Next
The latest capabilities and partnerships highlighted at Nutanix's Next conference expand disaggregated storage to Pure Storage, ...
Explore edge computing services in the cloud
Discover the powerful advantages of edge computing over cloud computing, delivering faster performance and significantly lowering...
A guide to the CompTIA Cloud Essentials+ certification exam
The CompTIA Cloud Essentials+ certification empowers nontechnical professionals with essential cloud knowledge to make informed ...

ComputerWeekly.com

Nordic countries plan offline payment system for disaster backup
Board member of the Bank of Finland reveals plan as likelihood of losing internet connectivity increases amid geopolitical ...
Government will miss cyber resiliency targets, MPs warn
A Public Accounts Committee report on government cyber resilience finds that the Cabinet Office has been working hard to improve,...
Preparing for post-quantum computing will be more difficult than the millennium bug
The job of getting the UK ready for post-quantum computing will be at least as difficult as the Y2K problem, says National Cyber ...

Close