Cybersecurity Policy Coverage
What topics need to be covered in cybersecurity policies? In this post, I will cover the required cybersecurity policies from various...
Who should setup access in the ERP (Financial Application)?
As an IT auditor for local governments, one of the most often asked questions I get during audits is this: “Who should set up user access...
What Should be in a Good Cybersecurity Policy
I often get called in to evaluate cybersecurity documentation, more specific policies and procedures. One of the concerns is what to...
Policy, Procedure, or Plan
Some standards like PCI and NIST require policies that cover specific topics. Sometimes you will see a requirement for a policy and...
IT Governance & IT Management
Many practitioners use these terms governance and management synonymously. While there is some overlap in practice, there are key...
Cybersecurity Policies Made Easy
People often ask for advice regarding information security or cybersecurity policies. For the remainder of this article, I will use...
Cybersecurity Policy for Local Governments
Here is a sample high-level cybersecurity policy for a city, district, or county. It is designed to be a high-level statement adopted by...
Microsoft Compliance Manager
Microsoft has released Compliance Manager for general availability this week. The feature was made available in Public Preview in...
System Security Plans 101
I just came back from my trip to NASA's Marshall Space Flight Center on the U.S. Army's Redstone Arsenal in Huntsville, Alabama, where I...
Sample Ethics Policy, Academic
Ethics Project - Create a Sample Ethics Policy - American Military University, Criminal Justice Department Global Bank ABC We[1] the...
