OCEG | Open Compliance and Ethics Group
Log In
My Shopping Cart
Search
Standards
Tools and services
Education
Certification
Resources
Community
Events
Store
Join
About
IT
Order by:
Recent
/
Featured
/
Alphabetical
/
Popularity
Group by:
Topic
/
Industry
/
Location
/
Contributed
/
Risk area
Crisis Management & Response
NIST, Computer Security Incident Handling Guide (2008)
E-Discovery
FAQ: Changes to the Federal Rules of Civil Procedure Affect Storage Plans (2007)
Examining E-Discovery Chain of Custody (2007)
Group creates standard to ease e-discovery data transfer (2007)
E-discovery product purchase considerations (2008)
Law Technology News
GRC Planning and Organization
Governing for Enterprise Security Implementation Guide (GES)
GRC Technology
,
Information Management
GRC Forum Report - Proving the Value of IT for GRC
Information Security
,
Risk Assessment
NIST, Risk Management Framework
Convergence of Physical and Information Security in the Context of Enterprise Risk Management, The (2007)
Managing risk in the information age (2007)
Information Security
NIST, Federal Information Security Management Act (FISMA) Implementation Project
Creating a Computer Security Incident Response Team: A Process for Getting Started (2002, Last Updated 2006)
Alan Calder on IT Governance, information security and ISO 27001
Security Matters, Software Engineering Institute, Carnegie Mellon University
IT Sentinel (UK)
Federal Information Security Management Act of 2002
Government of Canada Publications: IT Security Guidance (ITSG)
Information Security Forum
ISO Catalog Page: Information technology
IT Security Portal
Survival of the Fittest: Disaster Recovery Design for the Data Center (2008)
OCEG Guides, Handbooks, Maturity Models
GRC Technology Solutions Guide v. 2.1
OCEG Illustrated Series
OCEG Illustrated Series: #3 IT Roadmap For GRC
OCEG Illustrated Series: #16 How Do We Integrate IT to Enable GRC?
Privacy Laws & Regulation
NIST, ITL Security Bulletins
Compliance Provides Benefits Beyond The Obvious (2007)
Portable security: Full-disk encryption can take a lot of risk out of mobile computing (2007)
Guide to NIST Information Security Documents
Record Retention & Data Management
Email archiving UK law, regulations and implications for business (2007)
Risk Assessment
FFIEC, IT Risk Management Process
Architectural Risk Analysis (2005)
Assessing, Managing Enterprise Risk: What it takes to manage virtual servers (2007)
Related communities
Technology Council