IT Security approach: Compliance vs. Risk

28 septembre 2016 | 1 min de lecture

co-écrit par Margot

The goal of these few lines is to share some simple thoughts on how to handle IT Security practices and to compare two approaches: the Compliance and the Risk approaches.

Since many years IT security has been mostly handled through compliance checklists, based on market IT security standards (ex. ISO 27002, COBIT, NIST), specific IT general controls (ITGC), domain specific best practices or regulations (ex. Sarbanes Oxley, PCI-DSS), and internal security policies (resulting from previous). (suite…)

Dans cette catégorie

Data Discovery : l’art de trouver l’aiguille dans une botte de données

Evil User Stories ? Comment concilier Agilité et réduction de risque

Retrouvez HeadMind Partners aux Assises de la Cybersécurité !

Analyse des solutions de sécurité réseau et leur complémentarité

assurance Cybersécurité