IT Policy Compliance for Dummies

IT Policy Compliance For Dummies......Page 1
Foolish Assumptions......Page 5
Icons Used in This Book......Page 6
Where to Go from Here......Page 7
Part I: Stepping Into the World of IT Policy Compliance......Page 9
Policy Compliance 101......Page 10
Focusing on IT Compliance......Page 11
Proving Conformance......Page 12
A Brief History of Compliance......Page 13
But Isn’t SOX Section 404 Just One Paragraph?......Page 15
Regulations vs. Standards vs. Auditors......Page 16
Making Sense of It All......Page 18
Part III: Best Practices for IT Policy Compliance Management......Page 21
Best Practice #1: Remember the Big Picture......Page 22
Best Practice #2: Align IT Policy Compliance and Security with the Business......Page 26
Best Practice #3: Understand Your Technology Environment......Page 28
Best Practice #4: IT Compliance Starts with Policy......Page 31
Best Practice #5: Establish Accountability......Page 32
Best Practice #6: Conduct a Pre-Audit or Readiness Assessment......Page 36
Best Practice #7: Centralize IT Policy Program Management......Page 38
Best Practice #8: Prioritize Remediation Activities......Page 41
Best Practice #9: Understand How IT Policy Compliance Management Can Help in Other Areas......Page 43
Best Practice #10: Regularly Monitor the Whole Compliance Program......Page 46
Considering Automation......Page 49
Considering Solutions Options for Automating Policy Compliance......Page 50
Flexible Reporting Is a Key Requirement......Page 53
Looking for Interactivity with Other Systems......Page 56
Knowing that Automation Is All About Cost Savings......Page 57
Read This Book......Page 59
Ascertain What Controls Apply to the Laws and Regulations......Page 60
Understand Your IT Environment......Page 61
Establish Accountability......Page 62
Use Automation for IT Policy Compliance......Page 63
Monitor Your IT Policy Compliance Program Regularly......Page 64