http://www.compliancehome.com/ ComplianceHome is one of the Web's largest library of resources for compliance management of HIPAA, SOX, FISMA, GLBA, FDA, COOP & COG, FFIEC, Basel II, OSHA and ISO 27002/17799. Visit our directories which are the best source on White papers, related news articles, resources on the web, training, webinars, conferences, rules & regulation overview, ask the expert, job and search on vendors, solutions & products. http://www.compliancehome.com/images/rsslogo.gif http://www.compliancehome.com/ en-us Tue, 22 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12660.html Following the successful launch of the vsRisk ISO27001 compliance tool at Infosecurity Europe 2007, Vigilant Software has launched a complementary software tool for IT consultants and information security specialists. vsRisk Consultant Edition (vsRCE) is a powerful new software product that will enable information security consultants to deploy vsRisk as their preferred risk assessment tool in up to 10 different clients. Targeted at specialist consultants dealing with ISO27001 compliance, vsRCE is an affordable and intuitive risk assessment management tool for the IT consultant community that allows consultants the ability to directly support their clients' risk assessment activity from an off-site location. vsRCE allows clients to create and export risk assessment files that can be analysed on the consultants' own workstations or laptops, and then re-imported into the client's own software. http://www.compliancehome.com/news/ISO-27002-(17799)/12660.html Tue, 22 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12654.html Skybox Security announces the fourth-generation of its security risk management software platform. Over 125 of the world's largest companies have adopted Skybox's unique combination of analytics and automation. With Skybox View organizations can accurately pinpoint and prioritize areas of high risk and predict compliance exposures in just minutes. http://www.compliancehome.com/news/ISO-27002-(17799)/12654.html Wed, 16 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12632.html CompuCom Systems announced that it has achieved International Organization for Standardization (ISO) 20000 certification, the international standard for IT Service Management (ITSM). Based on the adoption of Information Technology Infrastructure Library (ITIL) best practices, the ISO 20000 certification is one of many standards and framework components CompuCom follows and benchmarks the companys industry-leading delivery of IT services. Currently, CompuCom is one of a select few companies registered in North America. To be successful in todays competitive global markets, organizations are realizing that they need consistent, enforceable and repeatable processes to improve the quality of their IT services, meet regulatory requirements and ensure a reliable and agile infrastructure to support key business needs. As part of CompuComs overall commitment to delivering quality for clients, the ISO 20000 certification builds upon over two decades of expertise. ISO 20000 is the first form http://www.compliancehome.com/news/ISO-27002-(17799)/12632.html Wed, 09 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12583.html Security solutions developer High Tower Software has released a security appliance designed to help IT personnel in smaller organizations mitigate network security risks and better manage regulatory compliance. Called Cinxi Express, the new product is a Security Information Event Manager (SIEM) that collects log data from network devices, applications and users, analyzes the information to assess potential security and compliance threats, and alerts personnel when risks are detected. Like High Tower's enterprise-class Cinxi SIEM solutions, Cinxi Express delivers a full suite of log management, threat response, compliance monitoring, and data forensics capabilities organizations need to ensure that networks are secure and operating within corporate and regulatory guidelines. http://www.compliancehome.com/news/ISO-27002-(17799)/12583.html Thu, 03 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12532.html NEW SENSAGE SOFTWARE TRANSFORMS VALUE OF EVENT LOG DATA FOR CORPORATE DECISION MAKERS http://www.compliancehome.com/news/ISO-27002-(17799)/12532.html Thu, 03 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12531.html Combining power and flexibility, with Microsofts .net technology, AchieverPlus provides a unique, management gateway that can easily be embedded into an organisations existing processes without disrupting working practises. The system unifies all the organisations disparate systems, standards, policies and resources across any number of sites and locations. Multiple areas of compliance can be included, such as regulatory, legislative and best practice, encompassing many industry and regulatory compliance standards. Specific compliance management solutions for the most highly regulated business areas include:Sarbanes Oxley, MiFID, Life Sciences (such as Health and Safety), ISO 9000 /1 and more. Traditionally, with disparate databases managing each area of compliance, users would have to search multiple systems to identify their tasks and alerts. This can lead to errors and omissions and increase the amount of time spent on managing tasks. In addition, many organisations have seen the http://www.compliancehome.com/news/ISO-27002-(17799)/12531.html Mon, 31 Mar 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12502.html Atlantic Crossing is in the business of assisting companies with Technology, New Markets and Corporate Finance consulting services. http://www.compliancehome.com/news/ISO-27002-(17799)/12502.html Tue, 18 Mar 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12442.html Configuresoft launched Configuresoft University, a series of educational webinars, podcasts and events addressing the most pressing IT issues facing the industry. Configuresoft University, sponsored by Configuresoft's Center for Policy and Compliance (CP&C), kicks off this week with two Webinars addressing PCI Compliance and Virtualization Management and Security. Configuresoft's Center for Policy & Compliance (CP&C) is a team of security and compliance experts that conduct much of the same research and analysis that is required within any IT organization. CP&C sifts through the overabundance of security and compliance information and develops and maintains best practices and detailed technical controls to speed compliance for a variety of regulatory and operational standards, ranging from PCI, IS017799/27001, COBIT and NIST to GLBA, HIPAA and Sarbanes-Oxley. http://www.compliancehome.com/news/ISO-27002-(17799)/12442.html Wed, 12 Mar 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12413.html The SpecialtyAutomated GREEN Catalog, a testament to green and eco-friendly testing practices, now contains a large menu of rapid, standardized, sensitive, and objective online vision tests, including Online Dynamic Visual Acuity Tests. The new catalog provides online, rapid, and objective visual acuity tests. No more vision testing equipment. We have exactly what the doctor ordered: Online vision tests that anyone can use with their own computer connected to the Internet. No software, downloads, or new equipment are needed. Our visual acuity tests are designed to comply with standards established by the International Council of Ophthalmology. Our vision tests are rapid, uniform, and low-cost. Now physicians, researchers, and drivers license offices can streamline vision testing operations quickly and inexpensively. Our online vision tests can be easily implemented into existing computer setups. Theres no reason to have vision tests administered any other way except online, the truly http://www.compliancehome.com/news/ISO-27002-(17799)/12413.html Tue, 11 Mar 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12407.html ISI Telemanagement Solutions, provider of comprehensive cost management solutions for voice, data, wireless and integrated communications, and a Cisco Development Partner since 2000, today announced the release of their new Business Intelligence Solutions package for users of Cisco Unified Communications platforms. With ISI's Business Intelligence suite of products, Cisco Unified Communications users will now be able to compile and analyze data for non-traditional customer contact phones showing critical management information, including: Ring Time, Abandoned Calls, and Traffic Analysis & Statistics. http://www.compliancehome.com/news/ISO-27002-(17799)/12407.html Fri, 07 Mar 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12389.html Europes leading GRC (Governance, Risk and Compliance) systems company, Achiever Business Solutions, has launched a .Net version of its widely acclaimed AchieverPlus system that delivers a single point of access across all regulatory, quality and process resources in an organisation. Combining power and flexibility, with Microsofts .Net technology, AchieverPlus provides a unique, management gateway that can easily be embedded into an organisations existing processes without disrupting working practises. The system unifies all the organisations disparate systems, standards, policies and resources across any number of sites and locations. Multiple areas of compliance can be included such as regulatory, legislative and best practice, encompassing many industry standards. Specific solutions for the most highly regulated business areas include: Sarbanes Oxley, MiFID, Life Sciences (such as Health and Safety), ISO 9000 /1 and more. http://www.compliancehome.com/news/ISO-27002-(17799)/12389.html Mon, 03 Mar 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12359.html Modulo, provider of IT GRC solutions will introduce MetaFramework, a multi-regulatory compliance solution for meeting mandates and guidelines such as SOX, PCI, FISMA, ISO 27002 (17799), ISO 27001, HIPAA, NERC CIP, COBIT, DIACAP, A130 and FISAP at the Gartner Compliance and Risk Management Summit 2008. The new part of Modulo Risk Manager features -- considered one of the world's top IT GRCM solutions according to Gartner's IT governance, risk and compliance management (GRCM) research divulged last month -- allows the user to produce a rating and set of reports for any of the contained standards. http://www.compliancehome.com/news/ISO-27002-(17799)/12359.html Wed, 30 Jan 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12183.html eIQnetworks, provider of integrated security, risk and audit management solutions, announced the expansion of its flagship SecureVue product offering with the immediate availability of two new appliance-based versions. These appliances allow enterprises to seamlessly leverage the full benefits of the SecureVue security, risk and audit management platform in a cost-effective hardware solution that can be rapidly deployed. The appliances SecureVue 2000 and SecureVue 3000 incorporate the comprehensive functionality of the SecureVue software platform, making next-generation security information management (SIM) and IT governance, risk and compliance (GRC) available in an appliance form that offers enterprises and channel partners. http://www.compliancehome.com/news/ISO-27002-(17799)/12183.html Mon, 28 Jan 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12171.html Modulo, provider of risk management solutions in the security industry, will participate in Technosium 2008, which will occur between January 27 and January 31 in Santa Clara, California. The company will introduce MetaFramework, a multi-regulatory compliance solution for meeting mandates and guidelines such as SOX, PCI, FISMA, ISO 17799, ISO 27001, COBIT, NIST 800-53, A130 and FISAP. Based on Modulo's experience developing tools for risk management, governance and compliance, MetaFramework is composed by a group of requirements that are already registered in the system and have the capability to evaluate controls and store evidences. All the information is automatically organized and allows a company to analyze its risks and identify the level of compliance according to the database frameworks, among other features. http://www.compliancehome.com/news/ISO-27002-(17799)/12171.html Wed, 23 Jan 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12139.html eIQnetworks, provider of integrated security, risk and audit management solutions, announced the expansion of its flagship SecureVue product offering with the immediate availability of two new appliance-based versions. These appliances allow enterprises to seamlessly leverage the full benefits of the SecureVue security, risk and audit management platform in a cost-effective hardware solution that can be rapidly deployed. http://www.compliancehome.com/news/ISO-27002-(17799)/12139.html Mon, 21 Jan 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12119.html Data, provider of front-office systems for insurance companies, general agents, banks, Investment dealers, agents, and financial advisors, announced that it has received ISO 27001 certification. ISO, the International Standards Organization, creates standards that specify worldwide requirements for products, services, processes, materials and systems. ISO 27001 is the new international standard created specifically for Information Security Management Systems. In our industry, independent agents and financial advisors must be assured of the security of their client data, said Scott Weber, Assistant Vice President of Operations Technology for PartnersFinancial/NFP in Austin, TX. E-Z Data?s ISO 27001 certification gives us even greater confidence in the fact that our member firms? data is as secure as it can possibly be. http://www.compliancehome.com/news/ISO-27002-(17799)/12119.html Fri, 18 Jan 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12109.html Brabeion Software has joined the OCEG leadership community as a member of the Technology Council. The OCEG is the only nonprofit organization offering comprehensive guidance, standards, benchmarks and tools for integrating governance, risk management, internal control and compliance (GRC) processes. Brabeion will also contribute to the OCEG Technology Councils Blueprint and Roadmap working groups. These initiatives will define a comprehensive GRC technology map that combines the disciplines arising from all IT products and services. Brabeion was first to market with a complete IT GRC suite built from the ground up with state-of-the-art technology and IT control content from many industry recognized sources such as PricewaterhouseCoopers and ITGi. http://www.compliancehome.com/news/ISO-27002-(17799)/12109.html Fri, 11 Jan 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12077.html Information Security Management Systems specialist, HotSkills, Inc., today announced that Merrill DataSite TM, a virtual data room solution, received ISO 27001 certification, recognizing compliance with international security standards http://www.compliancehome.com/news/ISO-27002-(17799)/12077.html Tue, 08 Jan 2008 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/12042.html Trusted Computer Solutions, pioneer in building security applications that run on the Linux operating system, announced that Security Blanket, the company's system lock-down and security management tool, has been certified by the Center for Internet Security (CIS) for the Red Hat Enterprise Linux Level 1 and 2 Benchmark v1.0.5. This certification is based on Security Blanket's ability to enable systems administrators to automatically compare the configuration status of their Red Hat Enterprise Linux 4 and 5 systems to the Level 1 and 2 CIS Benchmarks for Red Hat Enterprise Linux v1.0.5. http://www.compliancehome.com/news/ISO-27002-(17799)/12042.html Sun, 23 Dec 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11979.html Synygy announced the introduction of Synygy Business Continuity Services. Meeting the growing demand from large organizations for highly secure, scalable, and flexible data center services, Synygy Business Continuity Services offers companies a means for ensuring data access and business connectivity and having cost-effective back-up and storage capabilities. Synygy, a pioneer in the introduction of the on-demand, software-as-a-service delivery model in the sales compensation and sales performance management marketplaces, originally built its data centers and provided software hosting services as a unique value-add for clients, providing the peace of mind that comes with beyond-industry-standard operations and security. http://www.compliancehome.com/news/ISO-27002-(17799)/11979.html Wed, 19 Dec 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11961.html MetricStream, the market leader in enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management solutions, today announced its extended offering to support compliance with the Clause 49 requirement laid down by the Securities and Exchange Board of India (SEBI), adding it to its already strong and comprehensive solution for SOX compliance. MetricStream enables its customers to adopt a single platform for managing the multiple GRC initiatives, to significantly improve the effectiveness of their compliance programs while lowering the associated costs. SEBI's objective of adding Clause 49 in the Listing Agreement between a company and the stock exchange it is listed on is to effectuate good corporate governance practices in Indian companies. The Clause aims to protect the interests of the investors through improved quality and quantity of disclosures. With the increased regulatory oversight and investors expectations for good governance, it has become imperative for companies http://www.compliancehome.com/news/ISO-27002-(17799)/11961.html Mon, 17 Dec 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11948.html netForensics, pioneer in Security Information Management (SIM), introduced version 6.0 of nFX Log One, its enterprise-class event log management solution that helps organizations gain control of their volumes of log files, reduce risk, and meet regulatory and industry compliance requirements. New features include architecture and scalability enhancements for collecting syslog data, expanded data collection, compression and validation capabilities, 64-bit windows platform support, and an enhanced Web-based user interface for reports administration. With these new features, nFX Log One offers increased operational visibility and comprehensive reporting for audit and compliance to large enterprises, as well as to mid-tier and small-to-medium size organizations. nFX Log One now offers organizations of any size with a flexible multi-tier distributed architecture that scales to meet the demands of todays high-data volume environments. This new architecture features advanced filtering option http://www.compliancehome.com/news/ISO-27002-(17799)/11948.html Thu, 13 Dec 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11929.html TraceSecurity, provider of on-demand security compliance solutions, announced the unveiling of their newest software as a service (SaaS), TraceSecurity Risk Manager. The first SaaS product to integrate the latest in risk management methodology with continually evolving compliance standards, TraceSecurity's Risk Manager allows users to quickly and accurately determine the proper controls necessary for implementation to secure confidential data against both physical and information security threats. http://www.compliancehome.com/news/ISO-27002-(17799)/11929.html Sun, 02 Dec 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11848.html The UKs largest independent direct communications group has achieved ISO27001 certification with the help of IT Governance Limited. dsicmm Group, which serves over 90 FTSE 100 companies, called in the consultancy to help it prepare for its Stage 2 ISO27001 audit after certain non-conformances were highlighted during its Stage 1 assessment. With the help of IT Governance, dsicmm was able to quickly address these issues and received its ISO27001 certification this month, after just two months of preparation. Information security and quality assurance are deeply engrained within dsicmms culture, particularly as the business counts many financial services organisations among its clients. Having already achieved BS7799 compliance in 2006, the company saw ISO27001 certification as a natural progression for its information security defences. As a complement to this, the business also wanted to achieve certification to APACS55, the specialist security standard for businesses undertaking cheq http://www.compliancehome.com/news/ISO-27002-(17799)/11848.html Thu, 29 Nov 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11836.html In a recent survey of 103 IT security professionals, 60% percent stated that at least 25% of their teams time is spent on compliance efforts. nCircle, the leading provider of agentless security risk and compliance management solutions, conducted the survey from August 16 through October 31, 2007. http://www.compliancehome.com/news/ISO-27002-(17799)/11836.html Wed, 28 Nov 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11829.html Avacuna announced its integrated GRC (Governance, Risk Management and Compliance) service, which builds upon its successful compliance assessment and security risk management programs. Integrated GRC affords businesses currently using an existing IT systems governance framework the ability to rapidly and efficiently map new processes and controls introduced by secondary or tertiary standards, frameworks and best practice guidelines. Many companies managing mature Sarbanes-Oxley Section 404 (SOX 404) controls developed under the COSO or CobiT models find themselves tasked with incorporating alternative framework mandates driven by regulatory compliance deadlines, security risk concerns or corporate efficiency objectives. These organizations increasingly need to reconcile objective-specific standards such as PCI DSS, ISO 27002 (formerly 17799) and ITIL with a framework already in full production, and Avacuna expects this trend will continue through 2011. http://www.compliancehome.com/news/ISO-27002-(17799)/11829.html Thu, 22 Nov 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11795.html EtQ has announced the release of a new suite of modules designed to automate the processes and directives associated with Environmental, Health & Safety (EH&S) within the EtQ Reliance platform. More and more, companies are turning to workflow-based systems to address initiatives surrounding such standards as ISO 14001, OHSAS 18000, and others geared towards improving processes within EH&S. EtQ's software has been at the forefront of helping companies solve these initiatives, and have implemented a new suite of EH&S modules within EtQ Reliance. http://www.compliancehome.com/news/ISO-27002-(17799)/11795.html Tue, 20 Nov 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11784.html Achieving compliance with the Payment Card Industry Data Security Standard (PCI DSS) is a critical business issue for all merchants that accept credit and debit cards. However, many remain unsure about the level of compliance required of their organisation and how best to achieve this. To help explain and simplify the compliance process, IT Governance Limited has launched a new PCI DSS Toolkit. The PCI DSS must be met by all organisations (merchants) that accept credit and debit cards issued by the major credit card companies. It is a contractual obligation applied and enforced directly by the payment providers, and a failure by a merchant to comply can result in fines, restrictions or other costly repercussions. http://www.compliancehome.com/news/ISO-27002-(17799)/11784.html Thu, 15 Nov 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11769.html Tyfone, a developer of an innovative software and hardware platform for bank-branded, mobile banking and mobile payments, announces its partnership with i-flex Solutions, a global leader providing IT solutions exclusively to the financial services industry, to implement mobile banking and other mobile financial services for a new client, West Coast Bank. The Tyfone mobile platform architecture is modular and highly flexible for plug-and-play implementation with current core banking and Internet banking systems. With its patented security technology, Tyfone provides end-to-end secure communications and transactions. http://www.compliancehome.com/news/ISO-27002-(17799)/11769.html Wed, 14 Nov 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11755.html Chisinau, Moldova, 14/11/2007 Dekart, a developer of trusted security solutions releases version 2.10 of Private Disk, the top rated disk encryption software. The new version of Private Disk features advanced protection mechanisms against malware and viruses and a new secure data migration tool. Private Disk 2.10 also comes with support for Windows Vista. http://www.compliancehome.com/news/ISO-27002-(17799)/11755.html Tue, 13 Nov 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11723.html Chily Softech Private Limited, an organization dedicated to promote data safe and secure world, and develop the best PC tools, announced the release of their Windows Driver Backup Software Chily Device Driver Backup. Backup system drivers, secure for future requirements and forget about searching for drivers over net or CD/DVD/Floppies. http://www.compliancehome.com/news/ISO-27002-(17799)/11723.html Mon, 12 Nov 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11710.html Microsoft System Center Configuration Manager 2007 is shipping today with free compliance-related content out-of-the-box to help enterprise customers pinpoint compliance posture with major regulations such as PCI, S-OX and HIPAA and IT control frameworks. Microsoft is licensing the best practice configuration controls content from Brabeion Software, a leader in IT governance, risk and compliance management solutions. http://www.compliancehome.com/news/ISO-27002-(17799)/11710.html Mon, 05 Nov 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11668.html eIQnetworks, provider of integrated security, risk and audit management solutions, announced the immediate availability of the next evolution of its flagship SecureVue solution. SecureVue 3.0 adds governance, risk and compliance (GRC) audit management, network behavior anomaly detection (NBAD) and 3-D visualization to its existing next-generation security information management (SIM) solution, providing enterprises with an integrated security, risk and audit platform to radically simplify IT assurance. http://www.compliancehome.com/news/ISO-27002-(17799)/11668.html Tue, 30 Oct 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11647.html Tufin Technologies, provider of Firewall Operations Management solutions today announced the release of SecureTrack 4.1, the newest version of its flagship product that helps firewall operations teams control and manage policy changes, analyze risks and ensure business continuity. SecureTrack 4.1 incorporates powerful new Firewall OS Monitoring capabilities and is also available as an appliance-based solution, offering unmatched capabilities and convenience for large enterprises tasked with managing sizeable firewall operations and/or multiple firewall vendors. SecureTrack 4.1 is also offered as a software-based solution. http://www.compliancehome.com/news/ISO-27002-(17799)/11647.html Tue, 30 Oct 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11645.html eIQnetworks, global provider of integrated security, risk and audit management solutions, today announced the immediate availability of the next evolution of its flagship SecureVue(R) solution. SecureVue 3.0 adds governance, risk and compliance (GRC) audit management, network behavior anomaly detection (NBAD) and 3-D visualization to its existing next-generation security information management (SIM) solution, providing enterprises with an integrated security, risk and audit platform to radically simplify IT assurance. http://www.compliancehome.com/news/ISO-27002-(17799)/11645.html Tue, 30 Oct 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11640.html BearingPoint, Inc. (NYSE: BE), one of the worlds largest management and technology consulting firms, today announced its first global and cross-industry portfolio of solutions the BearingPoint Risk, Compliance and Security (RCS) Solution Suite. http://www.compliancehome.com/news/ISO-27002-(17799)/11640.html Tue, 30 Oct 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11639.html Modulo, a market leader in the information security industry, announced today the impending availability of new feature enhancements for their IT governance, risk and compliance management software Modulo Risk Manager. http://www.compliancehome.com/news/ISO-27002-(17799)/11639.html Tue, 23 Oct 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11591.html Toll Brothers has chosen a portfolio of Novell solutions to protect confidential client data, standardize its desktops and reduce IT administration costs. A Fortune 500 company, Toll Brothers is using several Novell enterprise management solutions to strengthen security with centralized control of user access to client information and automated desktop management to minimize time spent updating and troubleshooting application software. The security of client information was our top consideration in selecting an enterprise management solution, said Nancy L. Myers, assistant vice president of Application Development at Toll Brothers. Other considerations were a solution that would work well across disparate locations -- some of them little more than trailers on a construction site -- and handle the variety of application software and operating platforms in our network. Novell's robust and integrated solutions have given us the flexibility to protect, configure and connect all of our data http://www.compliancehome.com/news/ISO-27002-(17799)/11591.html Mon, 08 Oct 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11503.html CA announced a comprehensive information governance solution that enables customers to reduce risk and help fulfill their compliance, legal and business requirements by providing secure, accurate, timely access to information across multi-vendor environmentswithout the need to modify or replace existing repositories or business processes. http://www.compliancehome.com/news/ISO-27002-(17799)/11503.html Sun, 07 Oct 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11472.html CA, an IT management software company, unveiled a solution designed to enable IT organisations to achieve their governance, risk and compliance (GRC) objectives. According to the company, the solution features CA GRC Manager, which provides portfolio management of IT risks across the enterprise, as well as CA's IT control automation solutions that automate IT controls for security, information, and change. http://www.compliancehome.com/news/ISO-27002-(17799)/11472.html Thu, 04 Oct 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11468.html CA unveiled a comprehensive solution for empowering IT organizations to achieve their increasingly challenging and business-critical governance, risk and compliance (GRC) objectives. The solution features CA GRC Manager, an innovative product that provides portfolio management of IT risks across the enterprise, as well as CAs industry-leading IT control automation solutions. Proliferating regulatory activity and the demands of investors are generating greater pressure on businesses of all types to improve their GRC practices. As the steward of enterprise information, IT organizations are especially subject to these pressures, and bear a disproportionate level of cost, effort and risk in responding to these mandates. http://www.compliancehome.com/news/ISO-27002-(17799)/11468.html Thu, 04 Oct 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11453.html Eracent has joined ISO/IEC's new study group to develop additional Software Asset Management standards. As a member of the ISO/IEC JTC1/SC7 study group, Krzysztof (Chris) Baczkiewicz of Eracent will collaborate in the research and development of standards to support 19770-1 and extend the contribution that ISO/IEC has already made to Software Asset Management. The first project for this group is to investigate the use of Maturity Models and identify a Software Asset Management Maturity Model. Maturity Models are routinely used to assess processes and to establish an action plan to achieve best practice processes. The existing standard ISO/IEC 19770-1 outlines the essential Software Asset Management practices and this new effort will help Software Asset Managers achieve those goals. http://www.compliancehome.com/news/ISO-27002-(17799)/11453.html Wed, 03 Oct 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11450.html LogLogic, announced a new Managed Services Provider (MSP) Partner Program. Via this program, MSPs can now utilize LogLogic's industry-leading log management and intelligence (LMI) platform to extend their managed services offerings for their customers to collect, analyze, store and alert on virtually any log source. Compliance and operational demands are requiring MSPs to offer managed services beyond security devices to servers, network devices, and applications. LogLogic, together with MSP program partners including VeriSign, BT Counterpane, NetBoundary, CynergisTek and more enables customers to make better operational and financial decisions by using log data to provide a holistic view of system and user activity, policies and business impacts. http://www.compliancehome.com/news/ISO-27002-(17799)/11450.html Wed, 03 Oct 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11446.html The PowerTech Group announced PowerTech Compliance Monitor version 2.0, a major upgrade to its software solution for regulatory compliance reporting on the IBM System i (AS/400). With Compliance Monitor 2.0, PowerTech has added a variety of new features designed to help organizations improve the efficiency of their security compliance reporting on the System i, which, according to industry experts, is used by over 90 percent of the Fortune 1000 alone. Usually this platform is used to host sensitive and confidential data such as customer and financial records. In PowerTech's annual 2007 State of System i Security study, the company has found that the System i is typically left unsecured by a majority of organizations, simply because of improper configuration and the lack of tools. http://www.compliancehome.com/news/ISO-27002-(17799)/11446.html Wed, 03 Oct 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11445.html Brabeion's IT Risk & Compliance Manager 3.0 Software Furthers IT GRC Vision by Enabling IT Risk and Compliance to be Strategically Managed as a Business Risk. New Features include role-based dashboards that deliver a unified view of risks across people, processes and technologies tied to regulations, standards and company policies eliminating the need to cobble together manual surveys and disparate tools; and the industrys first compliance risk scoring for assets that factors in the likelihood of IT control failures addressing a major gap in todays traditional risk equation that can result in misleading data. http://www.compliancehome.com/news/ISO-27002-(17799)/11445.html Wed, 26 Sep 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11411.html ProMinds Consulting was awarded the prestigious ISO 9001:2000 certification for establishing and applying a Quality Management System for Professional Services of Management Advisory, Process Consulting and Audit in IT, ITES and BPO Sector. ProMinds Consulting has been recommended for certification after the intense audit conducted by TUV SUD South Asia at its Hyderabad office on 04th September 2007. TV SD South Asia is a wholly owned subsidiary of TV SD Group, the largest technical inspectorate in Germany and a leading Quality Certification company. http://www.compliancehome.com/news/ISO-27002-(17799)/11411.html Wed, 26 Sep 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11408.html Application Security, Inc. (www.appsecinc.com), in partnership with Russias leading information security company, Informzaschita, today announced that its AppDetectivePro database vulnerability assessment solution has been certified by the Russian Federal Service for Technical and Export Control (FSTEK). FSTEK tested AppDetectivePro against Russias stringent information security requirements, and verified compliance with the Governments exacting criteria. http://www.compliancehome.com/news/ISO-27002-(17799)/11408.html Sun, 23 Sep 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11386.html Secure Elements, pioneer in standards-based IT audit and compliance management, announced a joint marketing agreement with Grant Thornton LLP that enables both firms to jointly market services and solutions for Information Assurance and compliance solutions to the Federal government. This announcement was made today at the Third Annual IT Security Automation Conference, where Secure Elements demonstrated their C5 Compliance technology on stage during Karen Evans' keynote address. http://www.compliancehome.com/news/ISO-27002-(17799)/11386.html Wed, 19 Sep 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11377.html An overkill emphasis on compliance and risk avoidance is testing operational management attitudes. A survey to establish current thinking on Governance Risk & Compliance (GRC), has revealed that 8 out of 10 managers responsible for GRC believe that too much noise or overkill on the need to be compliant and risk free is threatening attitudes to compliance within their own organisations. http://www.compliancehome.com/news/ISO-27002-(17799)/11377.html Mon, 17 Sep 2007 00:00:00 CST http://www.compliancehome.com/news/ISO-27002-(17799)/11351.html The CIO Productivity Kit has just been updated by Janco and is now being shipped. The kit includes the most popular templates and tools that Janco has developed. Victor Janulaitis, the CEO of Janco Associates, said Over the last year almost 40% of our sales have come from the International Market as enterprises outside of the United States try to catch up in the application of best practices. He added, ... all of Janco's products have recently been updated to be compliant with Sarbanes-Oxley, HIPAA, ISO 17799, ITIL (version 3), PCI-DSS and recent privacy legislation. http://www.compliancehome.com/news/ISO-27002-(17799)/11351.html