03 Sep After reading the article ‘Gartner Says Risk-Based Approach will Solve the Compliance vs Security Issue,’ reflect on the issues of compliance vs. the impact o
INSTRUCTIONS!!
After reading the article "Gartner Says Risk-Based Approach will Solve the Compliance vs Security Issue," reflect on the issues of compliance vs. the impact of security. Describe and discuss, compare and contrast, the advantages and disadvantages.
READ THE ARTICLE IN THE UPLOADED LINK!!
ARTICLE: Gartner Says Risk-Based Approach will Solve the Compliance vs Security Issue “By simply trying to keep up with individual compliance requirements, organizations become rule followers, rather than risk leaders,” said John A. Wheeler, research director at Gartner. “CIOs must stop being rule followers who allow compliance to dominate business decision making and become risk leaders who proactively address the most severe threats to their enterprises Companies can engage in a check-box compliance process and assume that in doing so they are automatically becoming secure The problem is that compliance is a legal and/or regulatory requirement, while security is not. The implication, and sometimes the direct assertion, is that if a company is compliant, it will be secure. The ensuing danger is that companies can engage in a check-box compliance process and assume that in doing so they are automatically becoming secure. There are many reasons why this is not necessarily true. “Organizations must change this reactive, check-the-box mindset and start viewing compliance as a risk,” said Wheeler. His view is that in a risk-based approach to security, compliance is provided by security – security is not necessarily provided by compliance. The solution, and one that will be discussed at the Gartner Security & Risk Management Summits in Sydney and London, is that compliance should be treated as one of the risks within an overall risk management approach to security. It doesn't make compliance go away, but it ensures that it is given its rightful position as a part of, and not a substitute for, security. Indeed, this is one of the prime conclusions of Gartner's research document 'Compliance Is No Longer a Primary Driver for IT Risk and Security' published last month: "Compliance should be treated as a domain of risk within a formal risk management program and should not be allowed to dominate decision making." In reality, this move from compliance-based to risk-based security (including compliance) already seems to be evolving in the larger enterprises. Wisegate is a community of senior IT personnel. Its members periodically engage in internal roundtable discussions on important issues, where they share knowledge and experiences – and publish the results. One recent report was on this very subject: 'Moving From Compliance to Risk-Based Security: CISOs Reveal Practical Tips'. It echoes Gartner almost to the letter: "Even in a risk-based program, compliance doesn’t go away entirely. The regulations are still there, but department heads and managers have to start thinking in terms of acceptable risk levels versus compliance requirements to mark off a checklist. It's a change in language, and the moment when everyone understands the difference is an 'ahha!' moment for the entire organization."
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.