Jan 01, 2012
Corporate and regulatory compliance policies have forced companies to ensure that information flows are documented, auditable, and highly secure. Yet in order to conduct their business, companies must share sensitive information outside the firewall, introducing serious potential information risk. How can companies enforce security policy and cost-effectively meet compliance objectives when documents must be shared with partners, investors, board members, bidders and others outside the enterprise?
This white paper by Cheryl Klein, CPA, CISA, CITP, analyzes 10 questions that help you identify potential compliance risks in your company. The 10 different scenarios illustrate smart, cost-effective strategies for SOX, PII, and HIPPA compliance issues where information must be kept confidential.
The key compliance issues discussed include:
� Providing confidential or sensitive information to external auditors, compliance bodies and other external users
� Tracking spreadsheet approval and changes
� Managing and protecting highly confidential and sensitive information
� Addressing different levels of security required for specific types of information