As a professor who teaches data modeling and database implementation, Dr. Jim Chen gets the technical side of information systems and all that goes into making them secure. But this longtime faculty ...

This document establishes the policy for the Information Security Program at Western Illinois University (WIU). The formation of this policy is driven by many factors, including the need to protect ...

The University at Buffalo Information Technology Office (UBIT)’s Information Security Program addresses the full range of information security issues that affect the university, and establishes a ...

The Office of Inspector General (OIG) has reviewed the Department of Homeland Security’s (DHS) information security program for compliance with Federal Information Security Modernization Act of 2014 ...

The objective of Connecticut College in the development and implementation of this comprehensive written information security program (“WISP”) is to create and guide the implementation of effective ...

This Written Information Security Program describes the safeguards implemented by DePauw University to protect confidential data. The goal of the program is to ensure the security of these assets to ...

Risk remediation and identification is one of those concentrations within cybersecurity that tends to create some anxiety among cybersecurity professionals—it is hard to explain to someone not in the ...

Experts share how software development teams can ‘shift security left’ and improve governance of open source usage, software deployment, and data management. CIOs and their IT departments face ...

A lot of the work I do, especially for clients regulated by the Department of Labor (DOL), involves third-party risk reviews. In 2021, the DOL released a list of cybersecurity best practices. Now, in ...

Most IT professionals focus their discussions with CEOs on the topic of “security;” however, almost always, the executive staff will not respond. Yet, the same topic discussed within the context of ...

The purpose of this policy is to assist the organization in its efforts to fulfill its fiduciary responsibilities relating to the protection of information assets and comply with regulatory and ...