The purpose of this policy is to assist the organization in its efforts to fulfill its fiduciary responsibilities relating to the protection of information assets and comply with regulatory and ...

The Office of Inspector General (OIG) has reviewed the Department of Homeland Security’s (DHS) information security program for compliance with Federal Information Security Modernization Act of 2014 ...

The objective of Connecticut College in the development and implementation of this comprehensive written information security program (“WISP”) is to create and guide the implementation of effective ...

This Written Information Security Program describes the safeguards implemented by DePauw University to protect confidential data. The goal of the program is to ensure the security of these assets to ...

The management of information risk has become a significant topic for all organizations, small and large alike. But for the large, multi-divisional organization, it poses the additional challenge of ...

Risk remediation and identification is one of those concentrations within cybersecurity that tends to create some anxiety among cybersecurity professionals—it is hard to explain to someone not in the ...

Most IT professionals focus their discussions with CEOs on the topic of “security;” however, almost always, the executive staff will not respond. Yet, the same topic discussed within the context of ...

A lot of the work I do, especially for clients regulated by the Department of Labor (DOL), involves third-party risk reviews. In 2021, the DOL released a list of cybersecurity best practices. Now, in ...

This document establishes the policy for the Information Security Program at Western Illinois University (WIU). The formation of this policy is driven by many factors, including the need to protect ...