Resources for Federal Information Security Management Act (FISMA)

Database Risk and Compliance Adviser:You've Got Policies - But are They Working?

www.dmreview.com

In managing risk and sustaining compliance around corporate databases, a key step is defining the appropriate policies. These provide clarity and serve as yardsticks against which to measure corporate performance. Enterprises typically do a good job at identifying policies for database protection (including security, change management and other operational issues) - but that is the easy part. The greater challenge is presented in turning those written guidelines into automated and actionable activities. Only then can database managers and C-suite executives have peace of mind that database users are doing what they're supposed to do. This also supports another major challenge - providing proof to auditors that users have in fact complied with policies (in order to show compliance with industry, federal or internal regulations).

View the Resource

Share or bookmarklet this web page at: