IT

Order by:Group by:
FILTER BY:
GRC Forum Report - Proving the Value of IT for GRC resource OCEG Reviewed
Thumbnail

Emphasizing the critical role collaboration plays in a successful GRC strategy, OCEG brought together a diverse set of professionals across a range of expertise and types of businesses in the November 2008 OCEG GRC Forum in Dallas, Texas.

Read more
GRC-IT Blueprint resource Guides  OCEG Reviewed
Thumbnail

The GRC-IT Blueprint™ identifies and defines 72 Technology Modules that each has a role in supporting the GRC system and specifically the Elements of the GRC Capability Model. The Blueprint categorizes these Technology Modules in several ways:

Read more
Technology Council group

The OCEG Technology Council develops tools, guidelines, frameworks and related resources designed to help all organizations align their IT resources with GRC capabilities. Membership in the Technology Council is only available to OCEG Enterprise Members. For more information and membership requirements, please contact techchair@oceg.org.

The OCEG Technology Council, comprised of corporate end-users and GRC software, information management and services providers.
Read more
OCEG GRC Blueprint Draft - V 0.4 resource Guides  OCEG Reviewed
The Second draft revision of the OCEG GRC Blueprint
Read more
GAIT for Business and IT Risk (GAIT-R) (The IIA, 2008) resource White Papers OCEG Reviewed
Introduction: GAIT for Business and IT Risk (GAIT-R) is a methodology for identifying all the key controls that are critical to achieving business goals and objectives. GAIT-R identifies the critical aspects of IT that are essential to the management and mitigation of organizational risk, generically described in this document as business risk. These critical IT functionalities and their corresponding risks can then be considered when planning audit work.
Read more
Email archiving UK law, regulations and implications for business (2007) resource White Papers OCEG Reviewed
The concept of information governance is not a new one, but the challenge posed by the sheer volume of information generated by email is. Even organisations with well-defined and well-enforced policies on the use of traditional communications have struggled to police electronic communications.   Free Registration Required for Download
Read more
Tools for Defense In-Depth: SANS What Works resource Case Studies OCEG Reviewed
WhatWorks is a user-to-user program in which managers from organizations that have implemented each of the effective internet security technologies tell a complete story of why they deployed it, how it works, how they know it actually improves security, what problems they faced, and what lessons they learned.   New tools and interviews are added monthly.
Read more
SANS' Information Security Reading Room resource Private Lists / Directories OCEG Reviewed
The SANS (SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and education organization. SANS also maintains a large collection of research documents and white papers about various aspects of information security.
Read more
NIST, Computer Security Division, Computer Security Resource Center, Special Publications resource Agency Web Sites OCEG Reviewed
Special Publications in the 800 series present documents of general interest to the computer security community. The Special Publication 800 series was established in 1990 to provide a separate identity for information technology security publications. This Special Publication 800 series reports on ITL's research, guidelines, and outreach efforts in computer security, and its collaborative activities with industry, government, and academic organizations.
Read more
Syndicate content
Related communities
Technology Council