Can We Be Compliant and Yet Insecure?
Bill Sieglein has written a great article on the challenges of being compliant with laws and regulations,
while needing to mitigate residual risk. It is along the same lines of my Techniques page and Beyond Minimum Compliance article.
Bill gives practical advice for establishing a control baseline, conducting an assessment and tracking remediation.
Read more: http://www.csoonline.com/article/print/450190
Kind regards,
Gideon
Gideon T. Rasmussen
CISSP,
CISA,
CISM,
CIPP
Charlotte, NC
http://www.virtualcso.com
http://www.infosecresources.com
http://www.gideonrasmussen.com/rssfeed.xml
http://groups.yahoo.com/group/gideons-infosec-list
Posted:
Thu Sep 25, 2008 9:08 pm
|
|
|