Organizations collect a wealth of information as part of their governance, risk and compliance programs, and security professionals are missing out on important insights if they don't take advantage of it.
Governance, Risk and Compliance (GRC) represents a business oriented approach to establishing ownership and accountability throughout the organization to improve decision making.
While this may seem straightforward, establishing a GRC program within an organization is not a simple task. It is also not a new...
TD Bank has been ordered to pay $52.5 million in penalties for violations of the Bank Secrecy Act and securities laws as a result of failing to file timely suspicious activity reports related to nearly $1 billion worth of transactions.
Organizations generally do a good job focusing on governance, risk and compliance. But breaches add up, and LockPath CEO Chris Caldwell wonders "Where is the 'S' in GRC?" - where is the security?
Businesses today operate in complex and highly dynamic global environments. Successful execution of business strategies requires an ability to effectively balance revenue generation and operational efficiency objectives with risk management and compliance obligations.
This white paper discusses:
The top 10...
RSA, The Security Division of EMC, commissioned Forrester Consulting to examine the Total Economic Impact (TEI) and potential return on investment (ROI) that enterprises may realize by deploying the company's governance, risk and compliance (GRC) solutions.
Working with customers, Forrester identified and...
Today's businesses operate in complex, geographically distributed and highly dynamic environments. The confluence of legal, regulatory, technology and business developments increases the complexity and scope of an organization's existing GRC program.
This white paper illustrates how several CIOs have employed...
Automating governance, risk and compliance reduces vulnerabilities that can have an adverse impact on the bottom line, says Sergio Thompson-Flores, chief executive of Modulo, a provider of GRC offerings.
The penalties paid out by HSBC and Standard Chartered Bank for violations to money-laundering regulations should serve as a wake-up call, says Kevin Sullivan. In fact, banking institutions should brace for more fines.
This white paper outlines the limitations of traditional defense mechanisms; specifically, how cybercriminals have refined the malware manufacturing and development process to systematically bypass them - thereby initiating an arms race with defenders. Security patches are found to be a primary and effective means to...
Integrated governance, risk and compliance (GRC) solutions provide a holistic view that allows for early detection of problems that may otherwise go undetected using independent examination.
This white paper provides an in-depth case study in which a bank's mortgage lending is monitored using defined:
Key...
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
Auditors find that the SEC's IT office documented and incorporated National Institute of Standards and Technology patch requirements in its policies and procedures but that guidance wasn't always followed.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
