|EnterpriseGRC Facilitated Compliance Management - Facilitated Compliance Management by EnterpriseGRC|
Page 1 of 9
EnterpriseGRC Solutions Core Competencies include Strategy, ROI, Architecture, and Process - Providing Compliance Mapping as a Service
Governance and Compliance
Compliance is a universe of constraints enforcing business and technology practice aligned to minimally acceptable product, service and financial benchmarks, consumer and citizen safety, and continuous availability of critical resource as mandated by US and World Governments. Considerations for HIPAA, the USA Patriot Act, Graham, FISMA/ eGovernment, OMB Circulars (various, such as A119 and A130), Executive Directives, DCIDs can't be limited to government, federal and financial programs. Businesses work in tandem, weaving regulatory issues via ecommerce, outsourcing and third party services, such that any law has implications for across multiple industries and business classifications. Laws like the ClingerCohen Act, the Paper Reduction Act, Basel I and II European Union privacy laws and Safe Harbor Principles California Security Breach Notice Law as well as emerging bills with similar guidelines SEC rule17a4, NARA regulations for federal records management, SEC CFR 17 Rule no. 16900 affecting Clearing Corporations, the National Strategy to Secure Cyberspace and many associated Public Laws and Government guidelines (especially those affecting Security programs and implementation of appropriate standards such as various FIPS) are all a part of our audit universe. The EnterpriseGRC Solutions toolbox is a list of applications and industry tools, with special attention to the better companies and materials, as found most successfully implemented among our clients.
Strategy and Techniques - Approach to Mapping Service, IT Regulation and Frameworks
A clear win to any IT Service organization can be found in providing mapped CobiT and ISO 27001 programs. Aligning service delivery to regulatory driven compliance models enables immediate sustained client value.
The simplest possible view of controls mapping might include
Providing Compliance Mapping as a Service
Common understanding of the goals for providing compliance services should include the following intentions:
COBIT supports IT governance by providing a framework to ensure that:
When considering the drivers that allow for use of IT consulting, risk of non-compliance with ISO 27001 makes a lot of sense.
Related risks of non-compliance with ISO 27001 include:
|Last Updated on Thursday, 03 May 2012 12:47|
Written by Robin Basham
Monday, 12 December 2011 00:00
The GRC Buzz
Holistic Information Security Practitioner Institute (HISPI) welcomes EnterpriseGRC Solutions as member of their HISP Certification Board/Committee Read More
ITpreneurs is proud to name EnterpriseGRC Solutions as its newest certified partner. ITpreneurs and EnterpriseGRC Solutions will collaborate to increase Cloud and Virtualization concepts and controls, ISO 27001, COBIT and ITIL courses offered through EnterpriseGRC Solutions. “Every member of my organization has achieved at least one certification through ITpreneurs, and this is the second company that I’ve founded with that same promise. [...] It is a proud day, that we can be a part of ITpreneurs’ landmark efforts to bring forward CompTIA Cloud Essentials training and certification. - Robin Basham, Managing Partner.
Spontaneous Kudos - We've really been digging our digest from The Compliance Exchange
Partners and Client Information
Ryma Technology Solutions names EnterpriseGRC Solutions as an Affiliate Partner. More. Recent Wins: EnterpriseGRC Provides IS0 27001 Policy and SOA readiness for NetSuite Inc. EnterpriseGRC Solutions Sponsor to ISACA ITGI. Recent Partner Alignments include ITpreneurs, Control Solutions International
Request For Information? Please fill out our Wufoo form.