If you’re becoming compliant for a certification like PCI, HIPAA, NIST, SOC or ISO, you have hundreds—maybe thousands—of line-item elements to take care of. One of the initial challenges is simply knowing which team members own what items. Most organizations use some type of manual process to assign each line item, one by one. It’s […]
You’ve been through the agonizing security and compliance process before, and this year’s audit is coming your way, fast. It’ll be total compliance chaos as you try to herd the cats and badger your people to submit documentation. And good luck keeping tabs on your status throughout the process! A simple check-in with your team […]
If your company needs to prove compliance, you’re probably using your own home-grown system to manage the process, collect evidence and track your progress. And that means you’re wasting hundreds of man-hours—and tens of thousands of dollars per year. I guarantee it. A few months ago, I wrote an article about the ROI that TCT […]
Companies often view the moment of getting compliant as their biggest hurdle. It’s not. While getting compliant is a huge accomplishment, you have only shown that you can do each requirement once. Now, you need to show that you can maintain that compliance. This ongoing maintenance, which TCT calls Operational Mode (the operationalizing of compliance […]
Your people are your most important resource in taking control of your compliance management. But if they aren’t trained up for the task, you’ll never slay the dragon of compliance chaos. Today, we’ll look at the kinds of training your people need in order to keep your compliance activities under control. This is the seventh […]
For most companies, tracking and managing your compliance efforts is a monstrous task. It’s like trying to slay a dragon, and you’re likely to get burned in the process. Having the right tools and a streamlined process cut the legs out from under the dragon, but you’ve still got more work to do if you’re […]
Compliance is a dragon because it’s a monstrously huge endeavor to gain control of. And the reason it’s so huge is because hundreds of inefficiencies have crept in, bloating it to a beastly size. Processes, tools and people have tangled together to create a monster out of a mouse. Perhaps a really big mouse, but […]
If you’re going to gain control over your security and compliance management process, you’ll need to choose the right tools. Your technology solutions are the weapons you wield to slay the compliance dragon. Some of those weapons are required by your certifications, others will help you manage the compliance process itself. All of them are […]
The story so far: You’re on a quest to slay the compliance dragon—that monstrous beast that rears its ugly head every year. But not this year. This year, you’re taking control of your compliance management. This is the third step in our series on taking control of compliance management in 2019. Just now joining the […]