Peter L. Bernstein, the celebrated author of Against the Gods: The Remarkable Story of Risk gives us his great insight on history of Risk Management and the two sides of risk. Great thoughts!
Peter L. Bernstein, the celebrated author of Against the Gods: The Remarkable Story of Risk gives us his great insight on history of Risk Management and the two sides of risk. Great thoughts!
As Open Source software continues to penetrate every facet of software business (vendor and consumer) companies now face a challenge in getting a handle on the various open source software that they might be using. In the course of the last three years of my working with many startups or their leaders, I have [...]
Established companies venturing into SaaS business or newbies starting off as SaaS companies have to deal with a lot of new and evolving challenges. Everything that you can possibly think of is different with SaaS model. To say that it is changing the software business is an understatement.
Starting with delivery model, architecture, sales, support [...]
Compliance audits have become a part of life for most companies these days. Companies have relied on certifications to establish and declare the conformance of the related business processes and internal controls to the various regulatory mandates like Sarbanes-Oxley, PCI-DSS, HIPAA. But incidents of data breach that have occurred, time and again prove that just [...]
Sarbanes Oxley Act (SOX) enacted in 2002 created a watershed moment for companies forcing them to take a critical look at their internal controls and processes. Executives operating unfettered until then abusing company resources and shareholder money were now asked to account for their actions. Although the mandates under the SOX Act started out murky [...]
Data Security breaches, leaks are a frequent news item these days. If it is not a hacker intruding a network, it is disgruntled employees taking data with them when they are let go. If all else went well, it is a laptop that an employee lost and along with it all the crucial information on [...]
Going with SaaS comes with a set of concerns around Data Security. Intrusion Detection, Prevention and Penetration Testing should allay those fears to a large extent.
SaaS adoption brings with it a lot of benefits in the Cost savings, quick ramp up and at the same time brings challenges in the IT Governance area.
If you are customer having a business application like Oracle E-Business Suite, PeopleSoft or SAP in production I am sure you have constantly run into this need to clone/replicate Production database.
Why would someone need a copy of production instance?
Some of the most common reasons are
to create a test environment with representative production data
to create a [...]
One of the critical requirement of governance mandates like SOX 404, PCI Compliance, HIPAA and SAS-70 is that companies manage their provisioning in a more controlled and audited manner.
Companies with disparate applications from different vendors are confronted with the challenges around it. As part of my discussions with companies I have been talking to (in [...]
If you are in technology world, specifically in the e-commerce world or in a business that processes credit card transactions, by now, you would know what PCI-DSS is. It stands for Payment Card Industry Data Security Standard and refers to a compliance mandate that Credit Card companies including Visa, MasterCard and American Express require companies [...]
Iny my series of governance topics today I will go into the the key benefits of effective Change Management and key areas of the Audit process.
Audit is becoming the norm in most companies. Thanx to all the myriad regulatory requirements, SOX, HIPAA, PCI DS, Gramm-Leach-Biley Act (GLBA), California State, Japan SOX, IT Organizations across the [...]
