Compliance reporting metrics offer stakeholders a shared language for assessing compliance. ISO 27004:2016 provides guidelines for quantitative analysis.
Read MoreCompliance
Segregation of Duties in IT: Ya Gotta Keep ‘Em Separated
ISO/IEC 27001 requires segregation of duties in IT to be compliant. Audit and automation can help with the separation of functions to achieve compliance.
Read MoreDefcon 2017 Roundup: 7 Lessons for Information Security Professionals
Defcon 2017 roundup: lessons from the 25th annual hacker convention have a lot to teach information security professionals.
Read MoreHow to Scope PCI Compliance in a Few Easy Steps
Determining how to scope PCI compliance can make the difference between an easy audit and a complex audit. Learn the steps to determining your scope here.
Read MoreCybersecurity Management and GRC Automation
As wave after wave of cyberattacks threatens international security, cybersecurity management becomes more pressing. Although it has always been on business’s radar, the recent barrage brings the impact of cyberattacks... Read More