IT Compliance and Controls
Converging Business, Information, and Controls
-
Categories
- Access and Authorization
- Application Controls
- Direcitonal Alignment
- Fraud
- FTC
- GLBA
- Human Resources
- Identity Theft
- Incident Response Capability
- iso27001
- Life Cycle Management
- Logical Access
- Monitoring and Performance Reviews
- Operations Resiliency
- Oyster
- PCI
- Physical Access
- Policy and Procedures
- Risk Awareness
- Security and Assurance
- Sustain Operations
- Technology Intelligence
- Technology Strategy Orchestration
- Tone at the Top
- Trusted Communications and Network
- Trusted Computing Platform Systems
- Uncategorized
-
Archives
-
Admin
-
My Book:
Payment Card Industry (PCI DSS) Controls Explained-
Speeches & Publications:
Quoted in 5 IT essentials: A recession-proof priority list - IT World by Amy Bennett
Quoted in How Anonymous Do Businesses Need? - IT Business Edge, article by Lora Bentley. Checkout my expanded response here
Contributed and Quoted in Cheap IT Security? The Tools were there all along - CSO Online, article by Bill Brenner
Invited to speak at the "CSO Executive Seminar Series on PCI Compliance & Application Security" on September 10th, New York City
Contributed and Quoted in American Bankers Association Journal (ABA Journal), article by Lauren Bielski - "The Case for E-Project Management"
Contributed and Quoted in Inc Magazine - Inc. Technology, article by Lora Shinn - "Instituting Security Metrics"
IT Compliance and Controls is ranked in the Top 15 books for CIOs by CIO Insights
Contributed and Quoted in SC Magazine: "VISA reports progress on PCI DSS compliance" January 2008
E-Commerce News: “Pleasing Customers, Securing Transactions: Having E-tail both ways” January 2008
Press Release: Retailers emphasizing balancing Compliance and Operational Resiliency December 2007
PCI DSS Teleconference: "Let's Talk PCI: An hour with the experts (co-presented with Tizor Systems)
Environmental SDLC Change Control Software Development Blogroll Acquire and Support GLBA Application Controls FTC Oyster PCI Life Cycle Management Trusted Computing Platform Systems Fraud Security and Assurance Direcitonal Alignment Identity Theft Physical Access Operations Resiliency Trusted Communications and Network Access and Authorization Logical Access Human Resources Technology Strategy Orchestration Tone at the Top Sustain Operations iso27001 Policy and Procedures Incident Response Capability Technology Intelligence Monitoring and Performance Reviews Uncategorized Risk Awareness
-
Recent Posts
- Deloitte: Business ‘Value’ Metrics are Needed …
- Widespread Data Breach Evidence found on P2P Environments
- Lessons from Financial Crisis for CIO and Executive Technology Leadership, pulled from Senior Supervisors Group
- Hard valuations and real world returns for IT GRC
- Beware Outsourcing Savings from oDesk and others…
Recent Comments
- DocuMaker: Outsourcing Through Rentacoder explains the proper way to outsource online before making mistakes via...
- Scott Patterson: Thank you for finding and referencing the ACFE’s information in your blog article. We hope it...
- steve hunt: Good work, James. But don’t you feel that the IT security- or auditor-view of data protection is...
- John James O'Brien: Governance, transparency, consistency–principles&# 8211;all good. I’d like to see ICT...
- dre: FX’s talk about the Attack Surface of Modern Applications was more like prolific. Will we see the...
© 2006–2007 IT Compliance and Controls — Sitemap — Cutline by Chris Pearson