Smaller companies can feel overwhelmed by big company issues. Although they don't have the reach of the Fortune 500, they still feel the effects of governmental and industry regulations. They have similar requirements with much fewer resources to get the job done.
In this whitepaper titled Surviving an Identity Audit, I tried to help people at smaller organizations get their arms around some of the big challenges related to compliance. Specifically, the focus is on the identity portion of an IT audit.
Regulations such as SOX, HIPAA, GLBA and PCI-DSS have requirements and/or guidance that relate directly to IT – more specifically to information security. And digital identities are at the core of information security. So, an audit of an organization's identity infrastructure is a vital component of an IT audit or a larger regulatory audit.
In this paper, I cover the Identity Audit project lifecycle, leveraging a multi-regulatory approach, and creating a culture of compliance.
For more info:
- SOX – Sarbanes-Oxley Act
- HIPAA – Health Insurance Portability and Accountability Act
- GLBA – Gramm-Leach-Bliley Act
- PCI-DSS – Payment Card Industry Data Security Standards