Governance, Risk Management & Compliance
Blog posts which just reference whitepapers etc. can annoy some of you so I try and limit these, but if you are one of the many IT managers or DBA’s worried about compliance then please read on.
![clip_image001[6]](https://msdntnarchive.z22.web.core.windows.net/media/TNBlogsFS/BlogFileStorage/blogs_technet/andrew/WindowsLiveWriter/GovernanceRiskManagementCompliance_14757/clip_image001%5B6%5D.jpg "clip_image001[6]")
The IT Compliance Guide is a comprehensive guide to all of those annoying acronyms that seem to get in the way of our work, like SOX, GLBA, HIPAA, EUDPD, PCI DSS, ISO 27002, COBIT 4.1, and AICPA GAPP. Some of these (SOX HIPAAS AICPA) will only apply to those of you who work for an American firm (like me then!), but the EU data protection Directive (EUDPD), and the ISO Code of practice for information security management (ISO27002), are closer to home so this is definitely worth looking at. It also includes an excel workbook to guide you through the processes.
The whole thing has been signed off by auditors Grant Thornton and is free to download.
Technorati Tags: GRC,compliance,risk management,governance
Comments
Anonymous
October 30, 2008
PingBack from http://mstechnews.info/2008/10/governance-risk-management-compliance/Anonymous
January 13, 2009
I liked your guide,maybe you can do a case study ona company who has implemented a IT security risk program and what were the challenges and any recommendations. Thanks JasmineAnonymous
August 11, 2009
Yeah Jasmine, that would be a good case study.Anonymous
September 03, 2010
Andrew , It seems the link for the guide is broken now . Can you provide a new one or send me a copy of the sameAnonymous
September 05, 2010
Sorry about this the guide has indeed moved sand you can download it from here: technet.microsoft.com/.../dd229342.aspx Andrew