You are here: Home > IT Compliance
Archive | IT Compliance RSS feed for this section

IT for GRC: Improving Information Quality

on December 4, 2008 in GRC, IT Compliance

Carole Switzer, President of OCEG and Lee Dittmar, principal of Deloitte Consulting LLP presented this webinar. There is an imperative to improve governance, risk management and compliance processes to better manage risk, address increasing regulatory requirements, increased executive accountability and the fragmentation of information. It is about getting the right information, to the right person, [...]

Read full story Please leave a comment

What are WIFs?

on December 3, 2008 in Compliance Programs, IT Compliance, Whistleblower

My notes from the EthicsPoint webinar on intake models and the value of web intake forms.  The presenter was Erin Watkinson a business solutions consultant at EthicsPoint. A custom web intake form is a replacement for paper based forms. You can use the web to report on issues. Reporting should encourage employees to first go [...]

Read full story Please leave a comment

Public Hearing on Massachusetts Data Privacy Regulations

on December 3, 2008 in IT Compliance, Privacy, Records Management

The Massachusetts Office of Consumer Affairs and Business has published a Notice of Public Hearing on 201 CMR 17.00, Standards for the Protection of Personal Information of Residents of the Commonwealth. (.pdf) The hearing is on Friday, January 16, 2009 at 2:00 pm in Room No. 5-6, Second Floor of the Transportation Building, 10 Park [...]

Read full story Please leave a comment

Computer System Requirements for New Massachusetts Privacy Regulations

on November 5, 2008 in IT Compliance, Privacy

As discussed in earlier alerts (Additional Guidance on the Massachusetts Privacy Regulations, Privacy and Security Alert: Massachusetts Has New Data Security Regulations and New Massachusetts Privacy Laws), starting on January 1, 2009, businesses will be held to a higher standard regarding the protection of Massachusetts residents’ personal information. The regulations set out in detail the [...]

Read full story Comments { 1 }

Compliance and Cloud Computing

on September 30, 2008 in IT Compliance

Sara Peters wrote and article on Security Provoked: How Can You Prove Compliance in the Cloud? Whether you’re in the midst of an audit or a forensic investigation, thorough logs are the key to proving compliance with security regulations. So how do you prove your organization is/was compliant when you aren’t able to maintain logs? [...]

Read full story Comments { 2 }
Newer posts