ZenGRC

Simply Powerful GRC

Home » Resource Center » Blog

Blog

Found 1521 Results
Page 23 of 153

Preparing for FedRAMP


Many government agencies exist as businesses and organizations use cloud-based technology for various services. Cloud computing is the way of the future – but it also introduces new security risks to organizations using the cloud as a technology strategy. Many government agencies own susceptible data, which could have potentially devastating implications in the wrong hands. […]

U.S. Capitol Building with digital node overlay

December 28, 2023

What is Data Governance?


Data governance is the collection of policies and practices that an organization uses to assure that it can use its data assets effectively and efficiently to achieve its business goals. Typically data governance includes such concepts as data quality and data stewardship, which allow a company to control its enterprise data assets and metrics more […]

Big data technology and data science. Data scientist querying, analysing and visualizing complex data set on virtual screen. Data flow concept.

Tags:

What is a PCI Gap Assessment?


A PCI DSS gap assessment (sometimes called a PCI gap analysis) examines a company’s cardholder data environment (CDE) to determine compliance with the Payment Card Industry Data Security Standard (PCI DSS). A qualified security assessor (QSA) performs the assessment. An information security framework, the PCI DSS aims to help merchants and service providers protect credit […]

female holding credit card while typing on keyboard

Hybrid Cloud vs. Multi-Cloud: What’s the Difference?


In the beginning, there was “the cloud.” The concept was a bit fuzzy around the edges (like all clouds), but compliance officers understood what the term meant. The cloud was the ability of one company to provide computing, storage, and networking capabilities to other companies via the Internet — whenever the customer needed those services, […]

December 21, 2023

What Is the FedRAMP Marketplace?


The Federal Risk and Authorization Management Program (FedRAMP) is meant to assure the security of cloud services used by the U.S. government. It standardizes the security assessments, authorizations, and continuous monitoring of Cloud Service Offerings (CSOs) used by federal government agencies. With the help of FedRAMP’s guidelines and standards, federal agencies can assess whether a […]

Hand holding tablet with cloud technology and dark concept

December 20, 2023

PCI DSS Requirements


The Payment Card Industry Data Security Standard (PCI DSS) protects cardholder and sensitive authentication data wherever merchants or service providers store, process, or transmit it. Established by the Payment Card Industry Security Standards Council (PCI SSC), PCI DSS compliance requires a Self-Assessment Questionnaire (SAQ) and Qualified Security Assessor (QSA) to ensure credit card information remains […]

Tags:

Mapping COBIT to COSO


The Sarbanes-Oxley Act (SOX) requires publicly traded companies to declare and adopt a framework that the business will use to “define and assess internal controls.” In response, most publicly traded companies have adopted one of two frameworks that meet the SOX requirements: the Committee of Sponsoring Organizations (COSO) internal control framework and the IT Governance […]

3d,Topographic,Map,Background,Concept.,Topo,Contour,Map.,Rendering,Abstract

7 Best Practices for Data Loss Prevention


Most organizations have at least one thing in common: they generate and consume more and more data yearly. Dealing with all this data can be overwhelming, especially for those organizations that haven’t fully embraced the digital transformation and the cultural shifts that come with it. As your data grows, so does the risk that your […]

concept of digital information loss. Digital code disappear

December 19, 2023

How to Achieve and Maintain AWS Compliance


For many organizations, the transition to the cloud for data storage is inevitable.  Whether shifting operations entirely to a cloud environment or modernizing your systems using cloud-based applications, you must choose the best cloud computing platform with the best cloud security for your compliance program. While you won’t need to manage physical servers or storage […]

how to build a compliance program

What is Regulatory Compliance?


Regulations have long existed to govern how organizations collect and use information online and what cybersecurity precautions organizations should take while conducting business online. As digital transformation of business processes has accelerated in the last few years, however, that means ever more organizations — large and small — must comply with all those regulations. Regulatory […]

man using a touch device with compliance icons overlay

Page 23 of 153

Ready to Experience Simply Powerful GRC?

×