Current State of International Standards and Global Harmonization Efforts Regarding Cybersecurity

by yadzinski | September 23, 2015 | Cybersecurity, Data & Cybersecurity, Public Policy, Standards

Understanding the New Rules of the Game During the past decade, ISO has published many management system standards for topics ranging from quality and environment to information security, business continuity management and records management. Despite sharing common elements, ISO management s ....

Untitled 1

Shared Assessments in 2014: A Good Year with So Much Ahead

December 18, 2014 | Certified Third Party Risk Professional (CTPRP), Collaborative Onsite Assessment, Program Tools, Regulations, Standards

It has been an exciting time to participate in the Shared Assessments Program. Looking back at 2014, it has been a good, active year, with the rollout of our Certified Third Party Risk Professional (CTPRP) certification, our kick-off of the annual Vendor Risk Management Benchmark Study, the successf ....

How to Strengthen Cybersecurity Defenses

PCI Security Standards Council Focuses on Third Party Risks

August 12, 2014 | News, Security, Standards

Confirming the need for stringent third party risk assessments, the PCI security standards council issued a guidance this week focusing on the need to thoroughly assess third party service providers who store, process or transmit cardholder data. The PCI Guidance underscores and reinforcing Shared ....

Common Security Framework (CSF)

ISO/IEC 27001:2013 – A New Set Of Clothes And A Common Language

by yadzinski | February 19, 2014 | Standards

BSI ISO/IEC 27001:2005 is nearly 8 years old and information security threats have changed substantially during this time. As part of the normal revision cycle for standards, ISO/IEC 27001:2005 has been revised and the new version, ISO/IEC 27001:2013 was published September 26, 2013 with a release d ....

EBA Guidelines on Outsourcing Arrangements

OCC Proposes Formal Guidelines For Its Heightened Expectations For Large Banks

January 16, 2014 | Press Release, Standards

FOR IMMEDIATE RELEASE January 16, 2014 WASHINGTON — The Office of the Comptroller of the Currency (OCC) today released a proposal setting forth new standards, based on the agency’s heightened expectations program, for large national banks and federal savings associations that would be enfor ....

Third Party Business Continuity And Disaster Recovery Programs

An Important Week In Third Party Risk Management

November 14, 2013 | News, Standards, Third Party Risk

It’s been an exciting week in the 3rd party oversight arena, first with the OCC’s revised third party guidance released on October 31st and then, on November 7th, the formal release of the latest PCI DSS, version 3.0. As expected, both the OCC’s guidance and the latest PCI data security stan ....

Next Page »