Governance, Risk Management & Compliance
Blog posts which just reference whitepapers etc. can annoy some of you so I try and limit these, but if you are one of the many IT managers or DBA’s worried about compliance then please read on.
![clip_image001[6]](https://msdntnarchive.blob.core.windows.net/media/TNBlogsFS/BlogFileStorage/blogs_technet/andrew/WindowsLiveWriter/GovernanceRiskManagementCompliance_14757/clip_image001%5B6%5D.jpg "clip_image001[6]")
The IT Compliance Guide is a comprehensive guide to all of those annoying acronyms that seem to get in the way of our work, like SOX, GLBA, HIPAA, EUDPD, PCI DSS, ISO 27002, COBIT 4.1, and AICPA GAPP. Some of these (SOX HIPAAS AICPA) will only apply to those of you who work for an American firm (like me then!), but the EU data protection Directive (EUDPD), and the ISO Code of practice for information security management (ISO27002), are closer to home so this is definitely worth looking at. It also includes an excel workbook to guide you through the processes.
The whole thing has been signed off by auditors Grant Thornton and is free to download.
Technorati Tags: GRC,compliance,risk management,governance