IT and PCI Compliance
How to Build a Data Catalog: Key Steps and Challenges?
In a data-driven landscape, organizations face the challenge of managing vast amounts of data from various sources efficiently. A data catalog serves as a critical tool in this endeavor, providing a centralized inventory of an organization's data assets, their metadata, and their relationships. Building a data catalog involves a systematic approach that encompasses data discovery, profiling, classification,..
Auditing Information Security Using ISO 27001
ISO 27001 describes how to manage information security in a company. According to its documentation. ISO 27001 was developed to "provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system." By applying ISO 27001 standards effectively in your organization you can ensure robust security for your organization's vital inf..
Customer Relationship Management: Strategic Methods to Manage Relationships
Today, software tools are used to manage the "mechanics" of customer relationship. However, you cannot rely on software to manage your relationships with customers. This is the human interaction which must take place. Acquiring the right customers in the first place and then discovering their ever-changing needs goes far beyond interacting with a screen. Successful organizations, spend time talking with cus..
PCI Compliance – What Your Company Needs to Do to Get There
Your company must be PCI compliant if it receives payments in the form of credit cards, checks and wires? As our technology base in the world has improved and made our lives easier, so has the threat of having our identities stolen. Each year we hear of several companies that have experienced data breaches and the major negative impact it has on all consumers. Data breaches are not only detrimental to consu..
Technical Managers: Hired for hard skills & fired for soft skills
The basics of great management are the same whether in the technical or non-technical sphere because you are dealing with human beings. The key is to develop a plan to implement all assignments by delegating the detailed tasks to technical professionals to execute using proven methodologies and keeping individuals motivated. Coaching each person to get the results you are responsible for and helping each pe..
Creating a Cyber Incident Response Program That Works
The best way forward is an efficient Incident Response Program that allows an organization to respond with speed and agility while empowering businesses to maintain continuous operations. Such a solution also reduces revenue loss, reduces fines and lawsuits, and protects brand reputation.Information Security, Governance & Risk, are all critical aspects of the planning and execution of the Information Se..
Creating a Robust IT Governance Program
IT governance (ITG) is defined as the processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals. Organizations today are subject to many regulations governing the protection of confidential information, financial accountability, data retention, and disaster recovery, among others. They're also under pressure from shareholders, stakeholders, and customers.To..
Data Privacy and Information Security Compliance Requirements
Cybersecurity is a critical issue facing every financial institution and the stakes are rising all the time. Cybercrime, in general, is growing through the roof and the risk of cyber attacks on financial institutions is becoming ever more magnified and apparent. In response, regulatory expectations for robust information security programs, security awareness training, and well-developed cyber risk control s..
GDPR, Are You Ready?
What is the regulation called GDPR? Is your business ready for the change? How do these new laws affect your business? What is sensitive data? These are some of the questions that this webinar called "GDPR, are you ready?" Can answer.This webinar is a comprehensive discussion on the General Data Protection Regulation from the EU. The General Data Protection Regulation (GDPR) which is designed to enable indi..
HIPAA Audits – an Insiders Perspective
I will be speaking to real life audits conducted by the Federal government for Phase 2 and beyond (I’ve been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). It seems almost daily I am receiving calls from nervous practice managers and compliance officers all over the USA regarding a HIPAA audit letter or call they have received. This le..
HIPAA training for the Compliance Officer
This webinar will be addressing how practice/business managers (or compliance offers) need to get their HIPAA house in order before the imminent audits occur. It will also address major changes under the Omnibus Rule and any other applicable updates for 2018. Areas also covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT. The primary goal is to ens..
HIPAA vs SAMHSA (42 CFR Part 2)
This lesson will be addressing how practice/business managers (or compliance offers) need to ensure their organization is complying with the Federal Substance Abuse and Mental Health Administration (SAMHSA) regulations (42 CFR Part 2) and how this differs from the HIPAA (Health Insurance Portability and Accountability Act) Privacy and Security Regulations. Both regulations carry significant civil and even c..
How ISO/IEC 27001 Can Help Achieve GDPR Compliance & Reduce Data Breach Risks
Organizational IT usage categorization can be either support transaction processing or decision-making. Transaction-based information systems process data for routine business activities, whereas a decision-based information system commonly advises managers and professionals in non-routine judgments. Accordingly, information systems represent an architectural component that collects data, processes transact..
How to Apply ISO 27001 Principles to Enterprise Risk Management In 2018
ISO 27001 describes how to manage information security in a company. According to its documentation, ISO 27001 was developed to "provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system." By applying ISO 27001 standards effectively in your organization you can ensure robust security for your organization's vital inf..
Information Cyber Security Planning for Governance, Risk and Compliance (GRC) Framework - Organization and Responsibilities
Information Cyber Security Planning for Governance, Risk and Compliance (GRC) is essential in this world of new technologies, cyber events, natural and manmade disasters. GRC refers to a company's coordinated strategy for managing the broad issues of corporate governance, enterprise risk management (ERM) and corporate compliance with regard to regulatory requirementsEnterprise IT Governance, Risk, Complianc..