Tag: Compliance audit

No matter what role you play in the audit process, the experience can be painful. If you’re an external consultant, you have to work with clients who have limited budgets and high expectations. And if you’re an internal IT/security auditor, you might have to wade through a sea of internal...

The day before the deadline for GDPR compliance, I received emails from 8 different companies asking for my consent for them to collect data about me. But I can’t even remember how I got on these vendors’ mailing lists, and I haven’t received any other communication from them lately....

In a legislation-laden era, more and more organizations are falling under the mandates of governmental or industry regulation. The requirements can be complex and confusing, and it’s hard to know where to start in creating and enforcing policies that will keep your company in compliance, so many...

Tracking user account changes in Active Directory is primarily important from compliance and security-related considerations and also for operational efficiency purposes. Inactive user accounts or a large number of new accounts with extended permissions, disabled or suspiciously modified user...

When it comes to security, event logs are supposed to be the best friends of an IT guy managing the environment, right? Roger Grimes from InfoWorld claims that the evidence of malicious activity can be found in Event Logs. So, if companies today already have all necessary data that points...

Change is inherent to the growth of any successful organization. Adaptation to organizational changes is a necessary reality, and without it, organizations couldn’t keep up with the changing times, demographics, workflows and business. That is why changes in IT infrastructure are a necessary...

SOX compliance for IT systems has become an increasingly important issue for organizations of all kinds. Intended to assign a quantifiable level of accountability to organizations and the IT controls that impact financial reporting operations, the act includes two sections that affect IT...