The GCSX Code of Connection (CoCo) is an important step in providing a secure infrastructure for public sector business. While most - if not all - local authorities have achieved compliance with the Code of Connection, authorities must still undergo annual audits. As such, compliance should not be viewed as 'point-in-time', but as a continuous journey which can be used as a catalyst for an improvement in overall organisational compliance, as opposed to simply a 'tick in the box' from an auditor.
Local authorities face numerous regulations in addition to CoCo, including PCI DSS, the Data Protection Act, and others − all with the intent to standardise the level of security that must be implemented.
Many organisations have learned that the cost of ad hoc and manual IT risk management and audit processes is far too high. The additional stress it places on an organisation is unacceptable and it is a very inefficient working practice. Without proper visibility of compliance and security practises, an information security breach, data loss or compliance related incident can rapidly turn into an election issue and ultimately cost political posts.
Furthermore, as of 6 April 2010, the Information Commission can impose a civil penalty of up to £500 000 for serious breaches on data controllers under the Data Protection Act.
It is vital that organisations understand the difference between compliance and information security. Organisations should be ready for audit 24/7. With the availability of sophisticated tools, the workflows behind supporting compliance requirements can be significantly reduced and continuous monitoring put in place to support an audit ready organisation.
This webinar will:
- Highlight the regulatory climate and compliance enforcement
- Explain how being compliant does not ultimately mean you are secure
- Examine the four key steps you can take to ensure continuous audit-readiness and improve security
- Detail the capabilities that can help streamline IT risk management processes and enable continuous compliance
- Further enhance your understanding of compliance requirements and put in place the key steps to meeting regulatory requirements
This webinar is for:
- Compliance and IT risk managers looking to streamline audit workflows
- IT managers looking to have compliance initiatives improve overall security
- Security and business professionals who are responsible for compliance and the protection of confidential and sensitive information
CISSPs, SSCPs and ISACA members can receive 1 CPE credit for attending each webinar. You can earn the credit by simply specifying your number on the registration form and correctly answering 3 multiple choice polling questions about the program at the end of the event.