Under federal, state, regulatory, and contractual requirements, Michigan Tech is responsible for developing and implementing a comprehensive information security program. The purpose of this document ...

Information technology is essential because it involves storing, retrieving, transmitting and manipulating information or data. Today, most world operations have transferred into digital because of ...

Recently, the Mortgage Bankers Association released “The Basic Components of an Information Security Program,” for small and medium size companies in the mortgage industry that may not have the ...

The University at Buffalo Information Technology Office (UBIT)’s Information Security Program addresses the full range of information security issues that affect the university, and establishes a ...

An Information Security Policy is the cornerstone of an Information Security Program. It should reflect the organization’s objectives for security and the agreed upon management strategy for securing ...

For many organizations today, information is their most valuable asset, but many don’t protect it as such. Through the work my team and I have done over the years with enterprise customers, we have ...

The Consumer Financial Protection Bureau got to experience what it’s like to go through an examination. The Office of Inspector General (OIG) within the Federal Reserve recently released findings and ...

The purpose of this policy is to define required access control measures to all University systems and applications to protect the privacy, security, and confidentiality of University information ...

Critical skills are necessary to make a successful Chief Information Security Officer (CISO). It is critically important that the CISO is tightly integrated with the organization’s mission. Focusing ...

The Small Business Administration’s information security program remains “not effective,” despite improvement in cybersecurity oversight of incident response, risk management and contingency planning.

With what seems like a never-ending stream of cybersecurity attacks, corporate boards and executives are searching for that “silver bullet” to protect them from the universe of threats. Unfortunately, ...

The purpose of this policy is to assist the organization in its efforts to fulfill its fiduciary responsibilities relating to the protection of information assets and comply with regulatory and ...