A model for vendor due diligence
Many organizations today rely on third parties for varying levels of information processing. This is especially true where hosted services provide core applications required for a critical business...
View ArticleGood Planning Requires Follow-up
Many organizations still believe that having a great business continuity plan, complete with a solid contract with a third-party recovery partner, is enough to protect them from the inevitable. As...
View ArticleGovernment Dysfunction Strikes Another Blow for Insecurity
For many years, even before the Internet, changing default access codes, passwords, and other vendor assigned information was considered a basic no-brainer. And I understand normal people (non-IT) not...
View ArticleSAS 70 replacement: SSAE 16
I’ve never been a big fan of SAS 70, even though it seemed to many like a great way for an organization to tell the board and its auditors that it practiced due diligence. You know, ” hey look, I got...
View Article
More Pages to Explore .....