Clik here to view.
A model for vendor due diligence
Many organizations today rely on third parties for varying levels of information processing. This is especially true where hosted services provide core applications required for a critical business...
View ArticleClik here to view.
Good Planning Requires Follow-up
Many organizations still believe that having a great business continuity plan, complete with a solid contract with a third-party recovery partner, is enough to protect them from the inevitable. As...
View ArticleClik here to view.
Government Dysfunction Strikes Another Blow for Insecurity
For many years, even before the Internet, changing default access codes, passwords, and other vendor assigned information was considered a basic no-brainer. And I understand normal people (non-IT) not...
View ArticleClik here to view.
SAS 70 replacement: SSAE 16
I’ve never been a big fan of SAS 70, even though it seemed to many like a great way for an organization to tell the board and its auditors that it practiced due diligence. You know, ” hey look, I got...
View Article
