Treasury / Cash / Risk Management

In part four of this videocast series Pete Lindstrom, Senior Analyst for Burton Group discusses the tools and techniques needed to secure data in motion. In part four of this video series, Pete Lindstrom from the Burton Group evaluates various protection technologies and strategies and discusses:

• Why data loss protection is part of a larger information risk management problem that also encompasses data retention (e-discovery), integrity and other concerns
• What protection

...

In part three of this videocast series Pete Lindstrom, Senior Analyst for Burton Group discusses the tools and techniques needed to control data leakage. Do you cringe when you read about a lost laptop? Are you nervous that your Internet connection might be a giant intellectual-property sieve? Despite widespread regulatory and contractual stipulations for data protection, chances are that your organization hasn't developed a wholly effective architecture for thwarting...

Read this white paper to learn how to meet compliance regulations and protect your company's data while utilizing electronic data systems to meet business objectives. In a world where the use of electronic data is rapidly increasing, companies must find ways to manage data now so that they effectively control compliance risks. The proliferation of electronic data is both astonishing and overwhelming. The task of managing electronic data is further compounded by the fact...

An evidence management platform features a unified repository, rulesbased workflow, audit capabilities, and reviewer-level performance analytics that enable your general counsel to effectively capture, share, and store information. An evidence management platform features a unified repository, rulesbased workflow, audit capabilities, and reviewer-level performance analytics that enable your general counsel to effectively capture, share,...

This whitepaper focuses on the requirements placed on IT by the amended Rules and discusses strategies and solutions for addressing how to proactively manage electronically stored information. There are numerous cases where ESI on magnetic tape was determined to be reasonably accessible. It is likely this trend will continue as new technologies and e-discovery services continue to target backup tapes. A sure way to reduce the need to make this argument is to be proactive...

In this whitepaper you will learn about the evolution of Ethernet, the reasons VLANs were introduced, and the ways that VLANs can be used. In the history of Ethernet, the virtual LAN is a recent addition. The VLAN was introduced to solve a number of networking issues. In this whitepaper you will learn about the evolution of Ethernet, the reasons VLANs were introduced, and the ways that VLANs can be used. You will also learn about the networking standards that address the VLAN...

Attend this webcast to learn about risk assessment process and tools used by ethical hackers. Attend this webcast to learn about:

• Risk assessment process and tools used by ethical hackers
• Tools commonly used at each step of the process and how they can help you secure the infrastructure
• Examine open-source and commercial tools such as Metasploit, core Impact, and the Exploitation Framework

This white paper provides an overview of the PMBOK® and the key process areas and functions within the IT Infrastructure Library. This white paper starts by providing the reader with an overview of the PMBOK® Guide as well as the key process areas and functions within the IT Infrastructure Library. We then compare and contrast the two bodies of knowledge. Once we have set the foundation for discussion, we look at why many IT projects fail (not just ITSM ones), followed by...

This white paper discusses risk management as a key process in designing security architectures, including a better way for security managers to approach the security ROI issue. Designing security architectures is not so difficult, providing you have a good road map. Policies and procedures within the organization are that road map to effective and efficient security designs. Risk Management is the bridge between the two. One huge element in the risk management process...

Aberdeen research reveals closed-loop marketing practices and processes are fundamental drivers of superior performance for Best-in-Class companies; making closed-loop marketing as important today as it ever was in the past. The term "closed-loop marketing" has been around for decades. The proliferation of marketing channels adds complexity to the challenge of optimizing outbound marketing to deliver relevant messages to customers and prospects...

What is your compliance know-how? Take this quiz and find out. What is your compliance know-how? Take this quiz and find out.

Many questions surround compliance including, how much will complying with the Sarbanes-Oxley Act cost your company? Do you need to hire someone to conduct a Payment Card Industry Data Security Standard (PCI DSS) audit? Have your business partners suffered security breaches?

Find out answers to these questions and more with this quiz from the editors of...

Web and database security present some of the most complex and costly barriers to compliance with the Payment Card Industry Data Security Standard (PCI DSS). Web and database security present some of the most complex and costly barriers to compliance with the Payment Card Industry Data Security Standard (PCI DSS). Issues like secure Web application software development, database encryption, and database transaction auditing in high performance production environments...

Oversight Systems takes continuous controls monitoring to the next level by combining user access rights testing with its patented Real-Time Transaction Inspection. Preventive controls combine with real-time detective controls to provide best p... Most financial processes don't operate inside a vacuum of a single financial system or perfectly defined roles that eliminate all segregation of duties conflicts. Real world compliance demands a complete, closed-...

Oversight Systems automates the analysis and testing of auditors and fraud examiners to reduce ongoing Sarbanes-Oxley compliance costs and provide quality assurance for financial operations. Oversight Systems automates the analysis and testing of auditors and fraud examiners to reduce ongoing Sarbanes-Oxley compliance costs and provide quality assurance for financial operations. As a virtual auditor, Oversight continuously monitors 100% of the transactions and...

Risk management brings you closer to the business, but you must understand that risk is not a numbers game. Risk management is a process-oriented method, choosing decision models that work with the available information. In today's world of sophisticated malware and ubiquitous connectivity, this means ensuring all systems have some baseline of protection. It also means identifying information that is especially critical to meeting business goals, including regulatory...

Security risk models are nowhere near as robust or proven as financial risk models, so at this time the information security practitioners have the best knowledge of the field to be able to assess this risk. Some large organizations were some of the early movers and are interested in quantifying security risk, just as they do with trading risk. It's very analogous to analyzing your risk based on certain market forces and doing what you can to mitigate that risk or measure how much...

We look at three GRC products and the distinct ways these tools can help organizations navigate the complicated regulatory game. GRC is the latest information security buzzword, but marketing hype is doing a disservice to this array of products that address an organization's policy governance, risk management and compliance needs. Most deliver only part of the picture they promise, and every tool in this market has its own focus, areas of maturity and strategies for solving the...

Our early kick-of-the-tires indications are that yes, the industry has responded positively to the guidance. Keep in mind, the agencies are not doing anything different outside the normal exam process. Keep in mind, the agencies are not doing anything different outside the normal exam process. If an organization is scheduled for an exam, the exam will proceed and we will look at the guidance. If an institution is not scheduled for an exam, we will not go in specifically to look just at the...

Read this article to learn more about how governance, risk and compliance tools over-promise, and how organizations need to streamline and break away from their siloed approaches. One of the most hyped terms today is GRC or governance, risk and compliance. It is being used as a catch-all phrase for most information security strategies and tagged onto various products, adding even more confusion in the market as to what it truly means or promises to corporations...

Being a figurehead in operations isn't enough; CISOs need risk management know-how. Being a figurehead in operations isn't enough; CISOs need risk management know-how.

Let me begin by saying I'm friends with many CISOs, and I have done significant business with, reported to, and have been a CISO. During the past five years, I've seen trends that lead me to believe the CISO role needs an update, and those who fail to recognize this may soon wonder where their careers went.

Most CISOs I have run...

Information Security celebrates its 10th anniversary with a new theory on risk management for the next decade. Cramming 10 years of information security into 64 pages this month required a mighty big shoehorn, not to mention months of planning, hundreds of hours of research, interviewing and reporting on the happenings of the last decade in order to justly commemorate this publication's 10th anniversary.

It was a blast putting this issue together because it gave all of us a...

Read this white paper to better understand the poor state of high-privilege access management and the potential security and audit failure points that threaten organizations worldwide. The rise of identity and access management has revolutionized how enterprises define a key domain of IT risk control. Access management has become a cornerstone of best practice in IT governance, risk and compliance control-except the privileged user for shared administrative...

Many organizations realize keeping their data and documents in the production database for an extensive period of time only enhances overall risk and cost. This Mediacast uncovers the benefits of information lifecycle management (ILM). Many organizations are unsatisfied with the growing costs of their SAP database and storage. Furthermore, organizations worry that their business may be at risk due to possible compliance issues. Fortunately, your organization can control...

This Securities and Exchange Commission Exam Survival Guide provides you with the actions you can take to prepare for an SEC exam so that when the call comes, there is minimal stress and disruption to your firm. You know an SEC exam is inevitable and yet are you prepared? It is projected that an RIA firm will receive an SEC exam every ten years whether or not there is direct cause. This 14 page white paper will help you understand what brings the SEC to your door. More importantly, it...

This whitepaper explains why automated reconciliation is quickly evolving into a competitive necessity. The costs associated with manual reconciliation, the benefits from automation, and the best reconciliation workflow model will all be discussed. While the asset management industry has shown steady growth in recent years, market volatility continues to put pressure on profitability. And as recent history has shown, volatility is not the only factor that can roil the...