>enterprise special interests
>smb special interests
>industry special interests
home > guidance > enterprise special interests


Almost all, 96 percent, of firms with the least data loss or theft are the exact same firms with the fewest regulatory compliance deficiencies that must be corrected to pass audit (Figure 1)

 

Figure 1: Firms with the least data loss and theft





























Source: IT Policy Compliance Group, 2007

 

Guidance recommendations

The evidence is in: if you want to protect sensitive data, you have to put in place the same procedures, controls, objectives, and practices that make for successful regulatory audits.

 

·       Benchmark your own regulatory audit results against the industry

·       Identify your strengths and weaknesses

·       Gather organizational support for making the needed changes to improve results

 

 

© IT Policy Compliance Group, 2007

 









The action most responsible for best-in-class compliance results is the frequency of automated measurements of IT-based controls, policies, and audit results. The idustry leaders are monitoring, measuring and reporting on these once every 21 days. more...



Latest Blog Topics:

Topic : Policy Shapes Outcomes
Topic : Who’s sets objectives: Legal, Business lines or IT?
Topic : Who Manages Information Security?

© 2008 IT Policy Compliance Group, USA, All Rights Reserved.privacy policy | terms of use | contact us