IT Compliance and Controls

In the past five years of delivering work that has been focused on aligning and enhancing corporations against contractual agreements, operational requirements, and risks – today officially classified as Governance, Risk and Compliance (or GRC) through technology I have seen real returns for my clients.  While these improvements happen immediately, the real rewards are realized [...]

[Read more →]

An incredible trend is happening in the “for contract” market  – specifically the for hire programmers.  oDesk and eLance both show dramatic upticks in the amount of work being posted and delivered on the site (nice article here on the growth).  oDesk alone is tracking about 100,000 hours a week of work, or nearly $65 [...]

[Read more →]

As the economies around the world remain challenged by the economic environment, the propensity for fraud is significantly higher.  One may speculate that fraud is consistent but only our sensitivity shifts between good and bad times.  Whichever school of thought you support is a matter of risk perspective, and quite irrelevant today. Fraud is up [...]

[Read more →]

As friends know, I have been launching businesses for the past few years with varied success and feelings about venture capitalists.  The summation is the common “chicken and egg problem”.  Meaning most investors that do not understand a new technology, or paradigm shifting solutions the investor(s) seek to see the solution working.  The inventor and [...]

[Read more →]

There are many challenges to growing a business, sustaining a business, and definitely changing a business.  The latter, most would agree, is by far the hardest and largest challenge for organizations seeking to adopt controls throughout the business.  Now controls is a generic term being used now to include policies, procedures, technology safeguards, and routine [...]

[Read more →]

This week is Compliance Week and for most that implies vendor pitches and F.U.D., but there has been specific tidbits flow from the conference that indicate otherwise.  If you are not in attendance the consistent flow on Twitter (your window into conversations of interest) and upon blogs should give you a reasonable re-cap.  I strongly [...]

[Read more →]

There are numerous instances where laptops and portable devices are lost / stolen.  The classic CEO whose laptop disappeared at a conference to those thieves who coincidentally opened the one trunk of an auditor’s rental car and gained access to significant sensitive information sprinkle the news wires. While imagination can speak to what the impacts [...]

[Read more →]

Recently I contributed to a CIO Magazine and Network World piece on what is the impact to – Security and Privacy – in a downturn.  Specifically, what happens to all that sensitive data that was once locked behind doors and large security systems when the lights go out and the auction gavel hits the block?  [...]

[Read more →]

A new book review has been placed online by MSI.  A nice overview and elaboration of the book content. A nice highlight: “DeLuccia lays a foundation by examining the importance of internal IT controls…explains why silo IT strategy wastes time and resources, offering a better solution in having an IT enterprise control environment” Comments and [...]

[Read more →]

Last night I attended the Atlanta MIT Forum discussion focused on Cloud Computing, Grid Computing, and the challenges of organizations operating within this platform and environment.  The discussion was broadcast live over GPB around the world, and no matter how many times I attend live shows – it is always exciting to be ‘in the [...]

[Read more →]