Amongst the many challenges that GDPR presents, the workload involved in interaction with customers is one of the least understood and planned for. This workload can be placed in one of three primary categories: Consent management, Data Subject Access requests and Breach management. All of these topics can require a variety of processes, all but…
How to balance security and compliance
Businesses of all sizes not only face increasing security threats, but also greater regulatory compliance requirements. Here are some strategies to help find a balance between Security and Compliance and align your information security activities with your industry/regulatory compliance requirements. Security and Compliance Despite considerable efforts within the information security … Read More
Your Chief Information Security Officer will soon need more clout
If consumers weren’t skittish enough, Home Depot recently joined the rapidly lengthening list of big box retailers experiencing sometimes prolonged data breaches: Albertson’s, Dairy Queen, The UPS Store, Sally Beauty, Target, Michael’s, Neiman Marcus, P.F. Chang’s and SuperValu.
More than a few Chief Information Security Officers (CISO) must be nervous.
Ensuring Compliance Within GRC
In this article we will be looking at Compliance within GRC. Our broad definition of compliance is ensuring that a series of controls are established that ensure that decisions are made and are prioritised in accordance with accepted policy. We have included the decision-making process that is consequential to ‘being in accordance with’ as a…
