Organizations must track and monitor all access to cardholder data and related network resources – in stores, regional offices, headquarters, and other remote access.

Yes, it is well documented that the three (3) tenets for adhering to PCI DSS 2.0 are as follows:

Assess - Identifying cardholder data, taking an inventory of your IT assets and business processes for payment card processing, and analyzing them for vulnerabilities that could expose cardholder data. Remediate - Fixing vulnerabilities and not storing cardholder data unless you need it. Report - Compiling and submitting required remediation validation records (if applicable), and submitting compliance reports to the acquiring bank and card.

Continue reading >>>

Tags: Continuous Monitoring, Audit, Remediate, Compliance, risk assessment, Report, PCI DSS, CAESARS, NISTIR 7756, PCI 1.2, PCI 2.0

While participating in smart meter / smart grid programs, we have seen cash flow optimization by improving revenue realization and reducing costs for the utilities by:

Implementing a full function metering solution for residential, commercial and industrial customers. Implementing the wireless communication network that provides the means to collect meter reading data and manage meter assets. Implementing the switch that will enable all connect, disconnect, and remote reconnect processes to be completed remotely

Continue reading >>>

Tags: MDMS, M2C, Utilities, Smart Grid, CCM, risk assessment, GRC, Energy

All companies know they should abstain from bad business practices, protect their business assets, minimize their risk and make as much money as they can. Most businesses that have a penchant for losing money and a knack for failing to meet their company goals know they should make certain changes to their business plans to improve their bottom line. Yet, I believe far fewer actually do so. So how can CIOs motivate and educate their colleagues to follow through in choosing the behaviors and techniques that help build and promote healthy companies? Let’s take a look at three elements that have a huge impact on the safety, health, profitability and longevity of every company.

Tags: GRC, IT GRC, risk assessment, ISO38500, COBIT

Using NISTIR 7628 and NISTIR 7756

Tags: Energy, CCM, Continuous Control Monitoring, real-time, IT GRC, eGRC, GRC, risk assessment, NISTIR 7628, NISTIR 7756, Smart Grid