Praetorian503 Posted February 15, 2013 Report Posted February 15, 2013 Description: What kind of internal and external controls from regulations and other sources are there? What is IT-Risk and IT-Compliance management? Why and for whom does it matter? How can we handle it and how does compliance aggregation fit into the picture?We will then look at the SOMAP.org project which is an Open Source project working on tools to handle IT-Compliance aggregation and IT Security compliance management in general. We will discuss why compliance management is not only about hot air but can make sense when done right.Adrian Wiesmann held this talk at the DeepSec 2011 conference.Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.Original Source: IT Security Compliance Management can be done right (and makes sense when done right) on VimeoSource: It Security Compliance Management Can Be Done Right (And Makes Sense When Done Right) Quote
