SearchCompliance: Compliance news and advice for senior IT and business managers

Schmidt: Apply risk management to the nation's cybersecurity threats

Alexander B. Howard — Mon, 08 Feb 2010 14:52:06 EST

The U.S. cybersecurity coordinator looks to risk management to reduce vulnerabilities. His call for cybersecurity research and development was matched by passage of legislation in Congress.

'Sexting' case should prompt review of employee privacy policy

Linda Tucci — Fri, 05 Feb 2010 13:35:03 EST

A sexting case before the Supreme Court could have a broad impact on employee privacy rights. In the meantime, companies would be wise to update and review their privacy and computer use policies with workers.

Business method patents ruling could spell relief from patent trolls

Andrew Baer — Mon, 01 Feb 2010 14:57:54 EST

Business method patents have created a legal minefield, but the patent risk landscape may be altered by a court decision that could rewrite business method patent law.

How Bilski v. Kappos may define the future of business method patents

Andrew Baer — Mon, 01 Feb 2010 14:57:54 EST

The Bilski v. Kappos business method patents ruling may make users of third-party software and IT services reconsider strategies for managing patent infringement risk.

XBRL financial reporting a hard sell; new GRC XBRL taxonomy on the way

Linda Tucci — Mon, 01 Feb 2010 14:41:08 EST

Early adopters of XBRL say the benefits for electronic financial reporting are many, but companies remain leery of investing resources until they see practical benefits.

New ISO 31000 risk management standard receives good early reviews

Linda Tucci — Wed, 27 Jan 2010 15:44:22 EST

The new risk-management standard ISO 31000 answers a big conundrum in risk management: how to get everybody talking about risk in the same way. But is it for you?

Information security and compliance in the life sciences, revisited

Steven Ross — Wed, 27 Jan 2010 15:05:12 EST

Information security and compliance have special meaning for the life sciences, given the potential for reputation harm and privacy breaches.

Lack of incident response plan leaves hole in compliance strategy

Kevin Beaver — Fri, 22 Jan 2010 13:17:03 EST

Without an incident response plan, businesses can tend to be reactive rather than proactive when data breaches occur. Here are some steps to follow.

The top regulatory compliance trends for IT operations in 2010

Alexander B. Howard — Fri, 15 Jan 2010 13:19:41 EST

The top regulatory compliance trends for 2010 include XBRL, PCI DSS, disaster recovery, vendor security management, carbon compliance and social networking risks.

FTC set to examine strength of cloud computing security, privacy

Alexander B. Howard — Wed, 13 Jan 2010 16:17:10 EST

The FTC has filed comment indicating that it will examine cloud computing security and privacy protections in an upcoming workshop.