IT Compliance Journal

IT Compliance Journal - Volume 2, Number 2

IT Compliance Journal - Volume 2, Number 2

10.5 This issue of the IT Compliance Journal takes aim at a perennial trouble spot for compliance practitioners--information security. Prominent info-sec standards (ISO 27001/27002 and NIST Special Publication 800-Series), symmetric key encryption, and even the security risks posed by auditors themselves are all evaluated from an information security and compliance perspective.
Current ITCi members can access the Journal by signing in. If you are not an ITCi member, please take a moment to register, launching your free membership and IT Compliance Journal subscription.

Show Table Of Contents

    • 7 COMSTATs
    • 9 Reaching Out to Protect Within: Comparing and Contrasting ISO 27001/27002 and NIST Special Publication 800-Series Information Security Standards
    • 21 Symmetric Key Management Systems
    • 27 Addressing IT Preparedness for E-Discovery: A Control Framework
    • 37 Holding Auditors Accountable for Data Security
    • 40 Compliance Bibliography

Download Now

Archived Issues

Volume 1, Issue 2: Privacy and Information Security

11.27 This issue of the IT Compliance Journal focuses on helping you to understand and mitigate the risks of information exposure. Download your copy and get critical insight from experts in the fields of law, financial services, and information security.

Download Now

Featured White Papers

New White Paper - Meeting and Exceeding PCI 1.1 Compliance Today

Demonstrating compliance with PCI is about following best practices, which is in the enterprises' best interests as well as the consumers. This paper looks at ways of successfully addressing the various requirments of PCI DSS v1.1.