Auditing is often regarded as a drab, boring, analytical, spreadsheets kind of world. However, I have found that it is not nearly as black and white as some think. It’s just as much art as science, and the personalities involved provide quite a color spectrum. Simply put, who we are affects what we do, or as Ron Washington might say, “how we do.”

When it comes to the safety of your data and technology systems, it’s vital that your organization recognizes the reality of the “information security lifecycle.” By its very name, the info security lifecycle indicates that true information security is a process, not a “one and done” solitary project. Information security has no end-point, and your operational framework should always strive to acknowledge that fact.

At Garland Heart, we use a lifecycle model that serves as a useful baseline to help build a solid foundation for any security program across any type of organization and industry focus. Using the lifecycle model can provide you with a road map to ensure that your information security is continually being improved.
(more…)

Regulatory compliance and information security has exploded as a topic of conversation in the last 15 years while technology has emerged at a break-neck speed. Annual updates, amendments, requirements and expectations are planned for months in advance, and the savvy business-owner must stay on top of the new information coming in to avoid an embarrassing scramble before the examiner visits.

The nature of information security is that it is ever evolving. As we become more technologically advanced, new challenges present themselves. The key is to never become complacent, and always keep an eye out for advancements that can protect you, your team and your clients.

We understand the budget restraints and “rabbit hole” you can get yourself into regarding compliance and security. How much do I do before the cost outweighs the benefit?